Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ni3QPYazMcNOMqxnS1-jeleznHI.roa
File: Ni3QPYazMcNOMqxnS1-jeleznHI.roa (raw, json)
Hash identifier: qpgRjvs2WlDxhYk8uUP0o4titicw5yQT9risCyVsMeE=
Subject key identifier: 36:2D:D0:3D:86:B3:31:C3:4E:32:AC:67:4B:5F:A3:7A:57:B3:9C:72
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0184AB72AFD1B4D12849791F6E9BA20F45C5
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ni3QPYazMcNOMqxnS1-jeleznHI.roa
Signing time: Thu 24 Nov 2022 21:02:10 +0000
ROA not before: Thu 24 Nov 2022 21:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
77.91.73.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ab:72:af:d1:b4:d1:28:49:79:1f:6e:9b:a2:0f:45:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Nov 24 21:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=362dd03d86b331c34e32ac674b5fa37a57b39c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:ca:34:8c:5a:df:31:b3:3c:71:26:3e:b0:
fe:68:16:db:e3:9e:60:29:87:66:6b:96:86:4e:16:
15:9f:27:f1:c9:a4:26:0f:8e:c8:3d:6f:25:b8:31:
94:b4:a8:89:eb:44:86:a3:c2:95:48:db:cd:41:1e:
29:1c:9f:6a:6e:72:8b:78:0b:78:8b:94:d8:c0:85:
9d:06:70:d0:aa:10:9f:85:94:da:3d:07:e8:ce:f6:
4a:4a:fb:cb:19:23:5f:73:b5:eb:3a:42:b0:06:12:
94:f5:b7:74:78:90:5a:0c:78:40:b2:0d:fe:c9:57:
06:69:65:95:51:3e:2c:78:e5:16:ba:1e:60:bb:c1:
ab:2c:fd:79:1b:07:bc:85:b4:b2:93:74:78:56:59:
90:86:1b:a6:0a:e9:c0:16:d9:a8:9d:92:c2:f8:bd:
28:44:2e:17:8e:af:03:45:c1:99:d6:be:77:63:26:
77:3c:1e:a3:c2:df:1d:af:56:f5:a6:d1:d7:4c:56:
ef:c2:58:69:85:40:c2:03:07:70:2b:34:1c:95:79:
cb:ed:17:85:09:af:20:2c:4b:d4:40:59:31:75:81:
4d:3d:66:03:70:22:cd:25:76:e4:3c:ce:b3:ee:e8:
21:21:3c:7d:3d:a3:27:92:08:6e:0e:04:46:20:21:
d2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2D:D0:3D:86:B3:31:C3:4E:32:AC:67:4B:5F:A3:7A:57:B3:9C:72
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Ni3QPYazMcNOMqxnS1-jeleznHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0-77.91.75.255
77.91.100.0/24
77.91.102.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b8:f2:e1:32:ab:35:5a:21:7e:b6:10:5a:b2:3c:8b:6f:97:
df:3e:f6:38:22:6a:0e:c6:88:0b:59:6c:f3:23:70:87:c5:18:
80:9b:46:5a:5e:30:3c:66:e0:eb:f6:7b:9d:6b:b3:e1:e3:99:
8c:72:94:c3:f2:e8:ab:b5:3a:4c:20:a3:99:53:49:e7:54:12:
4e:02:fc:6d:2b:b6:fd:77:c8:e3:2e:eb:17:04:3a:3c:39:c8:
7c:f6:8c:63:2b:bb:1b:be:23:b8:62:99:36:7d:57:15:3e:63:
96:95:d7:7b:2b:8e:df:ea:79:25:45:c7:f6:aa:4b:94:68:30:
5b:17:ae:fc:94:e5:eb:ae:31:d3:e4:55:81:37:a3:d3:65:d2:
66:99:0d:59:7c:33:b7:1c:ee:8f:91:8d:57:4e:2f:32:73:84:
6d:e9:ff:df:d4:a2:65:b2:7e:ac:b6:e8:75:e8:fe:8f:01:9e:
79:b2:44:f5:66:cd:ac:02:fe:1c:22:c8:ac:37:2f:01:db:d4:
4d:3f:c9:d1:45:96:b2:fc:b4:af:92:db:00:ba:bd:d8:40:e1:
e1:db:b1:e6:7e:1a:42:ab:f9:e0:1f:05:d7:99:2f:b4:d3:ec:
94:68:39:9a:20:22:84:65:4e:03:77:f6:aa:ab:7c:97:b8:03:
1f:ed:21:6d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYSrcq/RtNEoSXkfbpuiD0XFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjIxMTI0MjEwMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJkZDAzZDg2YjMzMWMzNGUzMmFjNjc0YjVmYTM3YTU3YjM5YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwXKNIxa3zGzPHEmPrD+aBbb455g
KYdma5aGThYVnyfxyaQmD47IPW8luDGUtKiJ60SGo8KVSNvNQR4pHJ9qbnKLeAt4
i5TYwIWdBnDQqhCfhZTaPQfozvZKSvvLGSNfc7XrOkKwBhKU9bd0eJBaDHhAsg3+
yVcGaWWVUT4seOUWuh5gu8GrLP15Gwe8hbSyk3R4VlmQhhumCunAFtmonZLC+L0o
RC4Xjq8DRcGZ1r53YyZ3PB6jwt8dr1b1ptHXTFbvwlhphUDCAwdwKzQclXnL7ReF
Ca8gLEvUQFkxdYFNPWYDcCLNJXbkPM6z7ughITx9PaMnkghuDgRGICHSzQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDYt0D2GszHDTjKsZ0tfo3pXs5xyMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL05pM1FQWWF6TWNOT01xeG5TMS1qZWxlem5ISS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBowDAMEAE1b
SQMEAk1bSAMEAE1bZAMEAE1bZjANBgkqhkiG9w0BAQsFAAOCAQEArbjy4TKrNVoh
frYQWrI8i2+X3z72OCJqDsaIC1ls8yNwh8UYgJtGWl4wPGbg6/Z7nWuz4eOZjHKU
w/Loq7U6TCCjmVNJ51QSTgL8bSu2/XfI4y7rFwQ6PDnIfPaMYyu7G74juGKZNn1X
FT5jlpXXeyuO3+p5JUXH9qpLlGgwWxeu/JTl664x0+RVgTej02XSZpkNWXwztxzu
j5GNV04vMnOEben/39SiZbJ+rLbodej+jwGeebJE9WbNrAL+HCLIrDcvAdvUTT/J
0UWWsvy0r5LbALq92EDh4dux5n4aQqv54B8F15kvtNPslGg5miAihGVOA3f2qqt8
l7gDH+0hbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org