Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Na5t5hDIe5ZstLvA426m3bF7cUw.roa
File: Na5t5hDIe5ZstLvA426m3bF7cUw.roa (raw, json)
Hash identifier: qBhLfGqsZewVo4X5wPbYUEO1bDKRqK7ChEHBD7PqsB8=
Subject key identifier: 35:AE:6D:E6:10:C8:7B:96:6C:B4:BB:C0:E3:6E:A6:DD:B1:7B:71:4C
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018667EB462CBC94AE72D6B5B46CB492FBFD
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Na5t5hDIe5ZstLvA426m3bF7cUw.roa
Signing time: Sun 19 Feb 2023 04:25:17 +0000
ROA not before: Sun 19 Feb 2023 04:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 77.91.84.0/22 maxlen: 22
77.91.84.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:67:eb:46:2c:bc:94:ae:72:d6:b5:b4:6c:b4:92:fb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 19 04:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35ae6de610c87b966cb4bbc0e36ea6ddb17b714c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f0:ec:60:73:05:27:d8:b9:c0:a6:22:e1:5e:
e1:7c:ea:c2:29:73:14:d4:f7:7a:92:2c:a7:6c:71:
44:51:07:f5:ba:87:46:91:0c:dd:6e:b9:74:03:a4:
cf:db:f0:d7:4a:1d:3d:2d:5d:3e:94:e2:95:ee:b7:
cf:40:03:d6:6a:aa:60:3a:38:73:4c:1a:5c:3e:e6:
73:93:98:56:76:9b:3d:bb:26:36:ca:11:cd:4b:9b:
62:96:7f:0d:0c:4a:55:02:b5:ab:2f:d2:62:25:f9:
34:82:a1:78:d2:37:e8:fc:da:11:ec:17:16:61:6e:
1e:a8:19:5c:72:21:3e:e3:5a:5b:3e:15:9d:2d:03:
99:2c:bf:80:3a:6b:01:5b:df:c8:3e:dc:de:f9:9a:
6b:1b:77:51:a8:c6:26:6d:6e:fb:73:6b:76:ba:52:
c7:d5:a6:a1:66:5d:e7:09:d4:62:f0:3d:55:44:f5:
1c:77:8a:dd:da:86:75:3c:48:b1:38:35:af:87:58:
3e:54:41:58:45:d2:36:61:2b:32:3d:8b:b2:3a:00:
8a:af:74:27:4c:81:a1:fd:95:7c:8e:3c:45:e9:8e:
7a:e2:65:ba:87:7a:3f:a2:e8:3b:c5:76:57:a4:7d:
03:73:a0:51:f3:fe:c8:ab:c1:0f:50:eb:3a:e4:58:
90:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AE:6D:E6:10:C8:7B:96:6C:B4:BB:C0:E3:6E:A6:DD:B1:7B:71:4C
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Na5t5hDIe5ZstLvA426m3bF7cUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.84.0/22
Signature Algorithm: sha256WithRSAEncryption
01:cc:18:97:fc:c8:82:d7:c1:66:75:b1:2f:b7:0d:b3:8d:8c:
8b:11:de:a7:05:b5:14:7f:24:1c:e6:42:d7:d0:68:94:5c:d9:
49:3d:e1:8f:f4:7f:7c:23:3a:27:6c:20:48:6d:bf:8b:0e:74:
83:e6:96:8a:16:00:5b:81:aa:e1:e2:d6:41:cb:30:19:4f:66:
bc:1e:9b:82:90:8f:f7:83:e8:8d:ab:3a:7d:ae:30:0e:0d:56:
bb:1d:7a:37:ef:7f:c2:5a:c3:2f:da:3c:92:f9:b8:cb:ab:e9:
7b:1a:a6:e8:54:6d:96:cd:f1:b4:ec:e6:db:a8:7b:60:25:8b:
ef:c1:5f:57:da:0b:cb:68:b5:99:95:06:f2:48:43:24:8f:ee:
51:e9:3a:f2:6a:b5:56:61:10:75:cf:b9:5d:38:09:e8:dc:af:
3e:cb:7a:3f:1c:9b:a3:8e:a3:7e:fd:ff:ed:e0:b4:a2:09:2b:
58:b6:1e:f3:3b:4f:08:97:41:29:75:51:23:68:23:a7:d8:ec:
2e:23:b4:99:34:66:b4:19:b6:73:55:80:8e:d2:60:1a:ac:f9:
92:ce:ba:df:30:4c:21:5d:b4:c0:60:0e:c1:b0:e9:97:12:31:
ef:da:3f:1b:99:af:2b:10:47:08:4d:be:58:1e:53:86:1d:b1:
9d:14:30:0a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZn60YsvJSucta1tGy0kvv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjE5MDQyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWFlNmRlNjEwYzg3Yjk2NmNiNGJiYzBlMzZlYTZkZGIxN2I3MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvDsYHMFJ9i5wKYi4V7hfOrCKXMU
1Pd6kiynbHFEUQf1uodGkQzdbrl0A6TP2/DXSh09LV0+lOKV7rfPQAPWaqpgOjhz
TBpcPuZzk5hWdps9uyY2yhHNS5tiln8NDEpVArWrL9JiJfk0gqF40jfo/NoR7BcW
YW4eqBlcciE+41pbPhWdLQOZLL+AOmsBW9/IPtze+ZprG3dRqMYmbW77c2t2ulLH
1aahZl3nCdRi8D1VRPUcd4rd2oZ1PEixODWvh1g+VEFYRdI2YSsyPYuyOgCKr3Qn
TIGh/ZV8jjxF6Y564mW6h3o/oug7xXZXpH0Dc6BR8/7Iq8EPUOs65FiQ9QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDWubeYQyHuWbLS7wONupt2xe3FMMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL05hNXQ1aERJZTVac3RMdkE0MjZtM2JGN2NVdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJNW1Qw
DQYJKoZIhvcNAQELBQADggEBAAHMGJf8yILXwWZ1sS+3DbONjIsR3qcFtRR/JBzm
QtfQaJRc2Uk94Y/0f3wjOidsIEhtv4sOdIPmlooWAFuBquHi1kHLMBlPZrwem4KQ
j/eD6I2rOn2uMA4NVrsdejfvf8Jawy/aPJL5uMur6XsapuhUbZbN8bTs5tuoe2Al
i+/BX1faC8totZmVBvJIQySP7lHpOvJqtVZhEHXPuV04Cejcrz7Lej8cm6OOo379
/+3gtKIJK1i2HvM7TwiXQSl1USNoI6fY7C4jtJk0ZrQZtnNVgI7SYBqs+ZLOut8w
TCFdtMBgDsGw6ZcSMe/aPxuZrysQRwhNvlgeU4YdsZ0UMAo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org