Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Nl2rlKTNhbTfx3dD1-v5qKl8CVk.roa
File: Nl2rlKTNhbTfx3dD1-v5qKl8CVk.roa (raw, json)
Hash identifier: NXD9pfB3taVZ/Aqq9cqOH7zvbJCCygXx+ul0xbFHkZo=
Subject key identifier: 36:5D:AB:94:A4:CD:85:B4:DF:C7:77:43:D7:EB:F9:A8:A9:7C:09:59
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 13E5EDAD
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Nl2rlKTNhbTfx3dD1-v5qKl8CVk.roa
Signing time: Tue 31 May 2022 19:50:13 +0000
ROA not before: Tue 31 May 2022 19:50:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.64.0/24 maxlen: 24
77.91.65.0/24 maxlen: 24
77.91.112.0/24 maxlen: 32
77.91.117.0/24 maxlen: 24
185.149.144.0/22 maxlen: 32
2a00:1e68:112::/48 maxlen: 128
2a00:1e68:100::/48 maxlen: 128
2a00:1e68:100::/47 maxlen: 128
2a00:1e68:101::/48 maxlen: 128
2a00:1e68::/29 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 333835693 (0x13e5edad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: May 31 19:50:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365dab94a4cd85b4dfc77743d7ebf9a8a97c0959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:50:d5:be:7a:1f:0b:17:b0:cc:b0:0f:92:ff:
47:31:d5:5c:fa:da:b6:59:09:3b:27:49:40:c1:58:
30:2a:c3:fd:ca:06:f0:4c:ca:bf:d2:21:65:e4:e6:
85:e1:fd:7b:b8:0e:a7:4f:54:bc:9d:6c:49:d4:c0:
b0:1b:8f:c8:55:92:0c:99:d3:0d:f0:ef:00:a5:4a:
7f:59:1e:54:e2:97:8f:75:c4:23:09:7e:78:9a:3b:
a5:51:e2:f5:d4:08:20:8e:49:89:ff:77:bd:71:57:
1d:7b:f4:0d:8e:11:7e:01:d1:c4:75:8b:6e:30:16:
8c:19:9f:34:fe:20:3b:9b:90:0a:46:ed:95:93:ce:
a9:cb:84:a8:40:b1:07:91:24:2d:78:22:71:7e:55:
cd:49:0d:40:c4:17:f4:a4:28:1c:87:73:8b:22:b1:
76:80:f8:f2:4b:38:17:4c:26:3c:50:86:bc:e6:a8:
5c:95:1c:f8:4d:1c:a8:ca:e1:3c:41:89:55:75:b2:
94:74:d2:c3:32:7f:d7:0f:56:cc:f3:1e:74:76:18:
5e:65:38:1e:d7:aa:22:35:7c:0a:9f:8e:15:a6:0d:
3b:7b:b2:3a:7d:f6:14:98:3a:a7:da:7f:82:f7:ff:
0c:e4:8f:44:64:fb:ff:94:ea:6c:dc:2c:4a:7e:09:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5D:AB:94:A4:CD:85:B4:DF:C7:77:43:D7:EB:F9:A8:A9:7C:09:59
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/Nl2rlKTNhbTfx3dD1-v5qKl8CVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.64.0/23
77.91.112.0/24
77.91.117.0/24
185.149.144.0/22
IPv6:
2a00:1e68::/29
Signature Algorithm: sha256WithRSAEncryption
7c:68:37:3e:43:e7:69:af:6b:eb:f6:5a:cd:56:db:15:df:04:
66:61:50:35:ab:a3:bc:30:d9:dc:21:99:d8:92:85:76:d3:c0:
65:b1:98:38:da:9d:de:64:ba:46:a6:47:c1:6e:55:9b:7b:0f:
7b:66:aa:e3:69:54:b8:67:78:63:a6:94:ba:b7:3a:da:b8:94:
1e:15:a8:b5:0f:b6:1e:11:58:2f:a5:f1:ee:39:b5:92:e6:b2:
83:29:3c:8c:15:e6:44:fb:64:78:7a:c6:f5:b6:a8:03:5e:11:
2e:64:08:ed:77:67:80:e4:32:89:c2:b0:3c:81:8d:2c:36:93:
83:65:ed:7c:38:e6:71:1b:73:40:9a:e2:9c:69:e5:17:71:e5:
14:f8:f8:b6:b9:b0:fd:e5:03:d6:67:f8:3f:d6:37:ba:64:6a:
7e:74:de:3b:18:cc:0d:75:5f:52:de:38:92:69:16:9a:8f:fd:
80:ce:5a:46:2f:3a:64:8d:54:95:bf:78:a9:86:ac:fa:f2:aa:
f4:b4:a2:8c:49:0f:c1:a6:60:4e:75:72:0f:11:9f:02:a8:7b:
18:fe:a3:82:61:e1:7b:55:27:40:36:e9:4a:16:a9:42:cb:b4:
70:f1:19:c4:c7:f9:d6:e2:12:57:5d:c9:c2:83:e6:c3:78:21:
44:bc:c8:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEE+XtrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDUz
MTE5NTAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY1ZGFiOTRhNGNk
ODViNGRmYzc3NzQzZDdlYmY5YThhOTdjMDk1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhQ1b56HwsXsMywD5L/RzHVXPratlkJOydJQMFYMCrD/coG
8EzKv9IhZeTmheH9e7gOp09UvJ1sSdTAsBuPyFWSDJnTDfDvAKVKf1keVOKXj3XE
Iwl+eJo7pVHi9dQIII5Jif93vXFXHXv0DY4RfgHRxHWLbjAWjBmfNP4gO5uQCkbt
lZPOqcuEqECxB5EkLXgicX5VzUkNQMQX9KQoHIdziyKxdoD48ks4F0wmPFCGvOao
XJUc+E0cqMrhPEGJVXWylHTSwzJ/1w9WzPMedHYYXmU4HteqIjV8Cp+OFaYNO3uy
On32FJg6p9p/gvf/DOSPRGT7/5TqbNwsSn4Jw0ECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQ2XauUpM2FtN/Hd0PX6/moqXwJWTAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9ObDJybEtUTmhiVGZ4M2REMS12NXFLbDhDVmsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBTVtAAwQATVtwAwQATVt1AwQC
uZWQMA0EAgACMAcDBQMqAB5oMA0GCSqGSIb3DQEBCwUAA4IBAQB8aDc+Q+dpr2vr
9lrNVtsV3wRmYVA1q6O8MNncIZnYkoV208BlsZg42p3eZLpGpkfBblWbew97Zqrj
aVS4Z3hjppS6tzrauJQeFai1D7YeEVgvpfHuObWS5rKDKTyMFeZE+2R4esb1tqgD
XhEuZAjtd2eA5DKJwrA8gY0sNpODZe18OOZxG3NAmuKcaeUXceUU+Pi2ubD95QPW
Z/g/1je6ZGp+dN47GMwNdV9S3jiSaRaaj/2AzlpGLzpkjVSVv3iphqz68qr0tKKM
SQ/BpmBOdXIPEZ8CqHsY/qOCYeF7VSdANulKFqlCy7Rw8RnEx/nW4hJXXcnCg+bD
eCFEvMiC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org