Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JnXQUQmJ4jClBMzpd-1XMAQZFi0.roa
File: JnXQUQmJ4jClBMzpd-1XMAQZFi0.roa (raw, json)
Hash identifier: +jGPTJwB1sc1BjWrlLBdqf938iZJuY25u4fE2xisc0U=
Subject key identifier: 26:75:D0:51:09:89:E2:30:A5:04:CC:E9:77:ED:57:30:04:19:16:2D
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 135C6A38
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JnXQUQmJ4jClBMzpd-1XMAQZFi0.roa
Signing time: Wed 06 Apr 2022 11:24:28 +0000
ROA not before: Wed 06 Apr 2022 11:24:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56322
IP address blocks: 77.91.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324823608 (0x135c6a38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Apr 6 11:24:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2675d0510989e230a504cce977ed57300419162d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:fa:e4:48:c1:3d:df:5a:5f:86:54:82:08:
d5:fa:be:cf:37:e5:82:ce:b3:4c:f7:2c:8f:cd:43:
c1:25:76:dc:f2:63:a6:11:05:2d:e6:75:14:1f:8f:
7a:d8:5c:c7:33:d6:84:69:2e:f9:62:84:b0:00:c4:
d5:56:65:41:ca:11:b1:e4:7e:11:1b:19:f5:11:55:
d7:c9:ff:a8:6b:0f:51:08:88:fd:c9:54:78:bb:42:
b6:ff:9e:98:5a:fc:b0:27:02:b1:fc:7d:0e:7d:10:
6c:6e:a8:ef:f4:71:ab:1d:0e:ce:21:c8:0c:b7:0d:
51:fb:3a:4d:40:a6:0e:14:ab:6c:ec:3c:14:5c:d1:
1b:5f:1c:23:b7:a7:08:bc:71:a9:84:eb:77:a8:1f:
42:b7:10:cd:b0:70:a8:ae:cd:71:50:1d:06:74:f2:
81:35:e2:4d:85:e8:4c:ac:1d:22:99:79:fb:85:eb:
8f:09:18:35:ba:3c:0c:0f:ef:27:6b:db:95:fa:93:
52:ee:00:16:b9:61:de:5d:04:fd:4c:3c:fa:cc:e9:
65:c3:ff:db:5b:48:ed:c9:c6:ea:d2:64:c1:bf:52:
5d:00:01:f7:cc:63:5e:1d:44:3d:15:d9:c6:9e:45:
74:60:5a:67:b8:d9:d4:c5:74:8e:0a:01:5f:c6:58:
96:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:75:D0:51:09:89:E2:30:A5:04:CC:E9:77:ED:57:30:04:19:16:2D
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/JnXQUQmJ4jClBMzpd-1XMAQZFi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.72.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c9:63:6a:31:72:06:73:6e:c6:d8:22:35:cc:8d:49:c7:08:
23:c7:53:18:5a:94:93:bd:e2:18:9a:e8:34:85:2a:9f:c9:3c:
df:e1:03:fd:1c:da:19:da:4c:1f:60:9b:b6:b7:c9:fa:ec:2f:
a2:27:2a:b3:f3:ab:2b:db:d4:cc:ff:59:b4:a6:dc:61:f4:8f:
7e:ae:53:f7:94:f2:20:61:3a:a4:40:90:35:57:8d:fb:20:36:
4c:37:f5:d9:0c:84:cc:ed:43:f3:b8:d4:e0:2f:75:7e:6b:3f:
9e:18:8d:c9:7b:fa:21:ba:18:0e:0f:01:30:c5:66:38:bf:10:
2a:eb:fe:c3:70:a2:cb:72:f0:d6:07:32:c5:f7:d3:bc:a8:c0:
0e:db:5d:56:db:ab:37:f3:69:bb:b4:c8:ae:ae:3f:d5:f2:1a:
55:4c:f5:ad:d6:94:57:c1:34:ba:65:d6:fc:0a:c1:39:ba:53:
7b:08:af:85:98:c3:10:36:e7:fc:32:20:43:48:99:39:b3:90:
b6:5e:58:23:35:a6:62:67:7d:8a:0b:01:34:f8:65:65:29:90:
92:44:4b:86:65:9d:32:e7:5d:39:c8:79:19:3c:d9:fb:0a:a7:
68:5a:36:05:e2:fd:fb:0f:99:10:a9:33:00:ce:17:63:4d:70:
29:fe:b6:b6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEE1xqODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDQw
NjExMjQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjY3NWQwNTEwOTg5
ZTIzMGE1MDRjY2U5NzdlZDU3MzAwNDE5MTYyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiI+uRIwT3fWl+GVIII1fq+zzflgs6zTPcsj81DwSV23PJj
phEFLeZ1FB+PethcxzPWhGku+WKEsADE1VZlQcoRseR+ERsZ9RFV18n/qGsPUQiI
/clUeLtCtv+emFr8sCcCsfx9Dn0QbG6o7/Rxqx0OziHIDLcNUfs6TUCmDhSrbOw8
FFzRG18cI7enCLxxqYTrd6gfQrcQzbBwqK7NcVAdBnTygTXiTYXoTKwdIpl5+4Xr
jwkYNbo8DA/vJ2vblfqTUu4AFrlh3l0E/Uw8+szpZcP/21tI7cnG6tJkwb9SXQAB
98xjXh1EPRXZxp5FdGBaZ7jZ1MV0jgoBX8ZYlgkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQmddBRCYniMKUEzOl37VcwBBkWLTAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9KblhRVVFtSjRqQ2xCTXpwZC0xWE1BUVpGaTAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtIMA0GCSqGSIb3DQEBCwUA
A4IBAQAbyWNqMXIGc27G2CI1zI1Jxwgjx1MYWpSTveIYmug0hSqfyTzf4QP9HNoZ
2kwfYJu2t8n67C+iJyqz86sr29TM/1m0ptxh9I9+rlP3lPIgYTqkQJA1V437IDZM
N/XZDITM7UPzuNTgL3V+az+eGI3Je/ohuhgODwEwxWY4vxAq6/7DcKLLcvDWBzLF
99O8qMAO211W26s382m7tMiurj/V8hpVTPWt1pRXwTS6Zdb8CsE5ulN7CK+FmMMQ
Nuf8MiBDSJk5s5C2XlgjNaZiZ32KCwE0+GVlKZCSREuGZZ0y5105yHkZPNn7Cqdo
WjYF4v37D5kQqTMAzhdjTXAp/ra2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org