Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JLOc7YjY6DDbzKiTYmmsC8Evbcg.roa
File: JLOc7YjY6DDbzKiTYmmsC8Evbcg.roa (raw, json)
Hash identifier: 33FS6RQHiGkeHSNZ4Mduks2H4AqrUbttpx6edgxNWUY=
Subject key identifier: 24:B3:9C:ED:88:D8:E8:30:DB:CC:A8:93:62:69:AC:0B:C1:2F:6D:C8
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 135B3751
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JLOc7YjY6DDbzKiTYmmsC8Evbcg.roa
Signing time: Wed 06 Apr 2022 11:24:27 +0000
ROA not before: Wed 06 Apr 2022 11:24:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
77.91.73.0/24 maxlen: 24
77.91.103.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
77.91.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324745041 (0x135b3751)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Apr 6 11:24:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b39ced88d8e830dbcca8936269ac0bc12f6dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:90:01:26:58:f4:72:9c:22:06:55:e1:31:22:
76:aa:e2:71:58:dc:30:c4:92:62:37:f3:5b:2b:54:
a4:88:65:98:99:65:10:7e:2e:c1:b1:6f:2b:8a:a3:
0f:29:95:95:62:26:45:76:b0:77:9a:97:4c:5c:a8:
cd:2d:d2:3c:cf:58:c1:95:d1:09:10:58:e3:9e:57:
2a:c4:95:00:31:8a:7d:c8:cc:9d:49:cc:a9:da:27:
16:cc:5e:e7:a0:32:f5:b4:67:ee:b0:67:bb:0d:e0:
3c:de:29:a3:12:43:27:e3:5b:7e:90:74:87:82:af:
59:86:e5:30:2a:74:d9:6f:ae:70:17:a2:45:a4:d0:
7c:03:6b:6f:a3:55:cf:3f:6a:82:c9:58:1c:da:4e:
66:5f:ca:1b:a7:c1:48:2e:8c:0f:f5:84:76:59:3f:
48:bf:86:41:74:7b:04:10:24:6d:fc:4c:d1:e9:1f:
5b:10:20:62:ea:69:d9:44:4e:6f:8a:a8:56:22:dc:
8b:e4:01:89:c6:3f:c1:00:8a:00:7e:86:c7:66:c5:
5b:4d:6f:67:c5:3b:bd:6b:ea:44:60:c2:22:85:6a:
86:3f:7d:80:9e:d9:a7:49:fd:82:81:d1:00:fe:6b:
8b:01:61:9e:a5:b2:f4:78:0b:e7:81:0b:ab:23:63:
86:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B3:9C:ED:88:D8:E8:30:DB:CC:A8:93:62:69:AC:0B:C1:2F:6D:C8
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JLOc7YjY6DDbzKiTYmmsC8Evbcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0-77.91.75.255
77.91.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:80:d2:63:e5:ac:b6:38:ef:2d:e1:b6:a5:eb:75:e1:39:e3:
54:77:c9:e4:21:17:84:fe:ec:98:26:fc:50:42:b3:7d:59:bf:
b6:b8:38:80:df:45:4c:96:fb:12:d6:e1:0c:4d:bd:c2:20:56:
4b:12:fe:0f:a1:f3:5e:81:a9:94:89:bf:c6:1b:73:2f:ef:13:
5c:2b:5e:9c:d3:63:e3:71:37:2c:28:6e:2f:63:51:cf:63:e3:
d8:26:2a:21:36:81:2e:7d:9a:c1:6a:6e:f2:f2:df:d3:ce:c8:
d3:50:97:70:21:4c:80:a3:c5:95:9f:75:fd:c3:f1:e2:f4:1f:
5f:a4:ec:f8:73:1a:f8:9d:e0:1f:db:38:ba:29:38:6c:e5:cc:
53:70:ad:12:29:38:83:f0:20:cd:b7:56:db:2e:ff:e1:52:c8:
1b:ff:e1:d7:bd:15:f3:cd:bf:90:a8:e9:52:1f:47:dc:14:96:
48:71:af:3c:e7:d9:e9:2a:a1:e8:b8:18:86:52:2e:bd:ba:34:
41:ec:8c:30:c1:59:71:44:e4:15:41:e2:3c:11:7f:31:e6:e9:
52:0e:ee:4d:05:d8:d7:0b:36:09:52:7a:ce:83:10:14:5e:42:
e6:2d:b6:07:62:fc:be:1c:e7:1a:b4:46:36:c9:98:2a:36:17:
be:2d:40:e4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEE1s3UTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDQw
NjExMjQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRiMzljZWQ4OGQ4
ZTgzMGRiY2NhODkzNjI2OWFjMGJjMTJmNmRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2QASZY9HKcIgZV4TEidqricVjcMMSSYjfzWytUpIhlmJll
EH4uwbFvK4qjDymVlWImRXawd5qXTFyozS3SPM9YwZXRCRBY455XKsSVADGKfcjM
nUnMqdonFsxe56Ay9bRn7rBnuw3gPN4poxJDJ+NbfpB0h4KvWYblMCp02W+ucBei
RaTQfANrb6NVzz9qgslYHNpOZl/KG6fBSC6MD/WEdlk/SL+GQXR7BBAkbfxM0ekf
WxAgYupp2UROb4qoViLci+QBicY/wQCKAH6Gx2bFW01vZ8U7vWvqRGDCIoVqhj99
gJ7Zp0n9goHRAP5riwFhnqWy9HgL54ELqyNjhksCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQks5ztiNjoMNvMqJNiaawLwS9tyDAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9KTE9jN1lqWTZERGJ6S2lUWW1tc0M4RXZiY2cucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABNW0kDBAJNW0gDBAJNW2Qw
DQYJKoZIhvcNAQELBQADggEBAB6A0mPlrLY47y3htqXrdeE541R3yeQhF4T+7Jgm
/FBCs31Zv7a4OIDfRUyW+xLW4QxNvcIgVksS/g+h816BqZSJv8Ybcy/vE1wrXpzT
Y+NxNywobi9jUc9j49gmKiE2gS59msFqbvLy39POyNNQl3AhTICjxZWfdf3D8eL0
H1+k7PhzGvid4B/bOLopOGzlzFNwrRIpOIPwIM23Vtsu/+FSyBv/4de9FfPNv5Co
6VIfR9wUlkhxrzzn2ekqoei4GIZSLr26NEHsjDDBWXFE5BVB4jwRfzHm6VIO7k0F
2NcLNglSes6DEBReQuYttgdi/L4c5xq0RjbJmCo2F74tQOQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org