Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/OmAS6AY53a8zkmFfKI5Nt7rt3PI.roa
File: OmAS6AY53a8zkmFfKI5Nt7rt3PI.roa (raw, json)
Hash identifier: J60wuvv6zbjJgWMiyDWsyRnvNOaVdwg1rJYAxUDm/K4=
Subject key identifier: 3A:60:12:E8:06:39:DD:AF:33:92:61:5F:28:8E:4D:B7:BA:ED:DC:F2
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01867D85F94C500A21B7C2EDBFC5EAA87EA8
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/OmAS6AY53a8zkmFfKI5Nt7rt3PI.roa
Signing time: Thu 23 Feb 2023 09:06:17 +0000
ROA not before: Thu 23 Feb 2023 09:06:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 77.91.70.0/24 maxlen: 24
77.91.77.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:85:f9:4c:50:0a:21:b7:c2:ed:bf:c5:ea:a8:7e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 23 09:06:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6012e80639ddaf3392615f288e4db7baeddcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1e:14:45:4d:76:aa:86:0c:5d:92:5e:8a:c0:
0f:74:d2:20:5e:e6:0c:c4:d0:a3:7d:f0:48:26:b8:
69:76:72:69:ed:f0:5d:99:ed:9e:65:94:06:ae:71:
6d:a1:29:ea:39:34:e5:05:ab:64:b2:76:48:a4:0b:
0e:b9:94:f2:e2:8a:c3:ec:a4:a5:3e:f6:a4:a7:0b:
40:a7:57:c9:a0:6a:e6:92:df:5c:e1:26:2e:96:c3:
fb:67:e7:3d:b0:7b:06:68:99:d4:72:a9:f4:a8:bf:
09:66:9c:11:91:9f:50:02:ef:70:a7:ec:fc:2f:e6:
33:69:bd:3c:9e:69:63:9f:44:9d:36:ec:96:2d:66:
83:ae:2d:7d:3f:e8:fc:35:4d:9c:eb:cb:f5:f4:20:
b9:f6:07:be:a7:78:d4:e9:4a:e4:a4:11:a2:c9:83:
45:28:7a:93:88:89:0e:51:4d:fe:b9:c6:bf:5e:53:
de:d3:d3:12:ce:94:75:06:83:52:c5:32:85:7d:a5:
e9:6d:c2:c2:0d:0d:75:14:4e:a5:57:b6:98:15:e2:
96:7c:87:a6:86:94:97:ff:5e:03:3a:56:3c:e4:32:
7f:fe:4d:46:1d:29:21:6b:e8:f1:3b:14:f4:48:5a:
c3:da:ee:af:a0:aa:67:e7:04:0c:9d:dd:d7:23:37:
52:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:60:12:E8:06:39:DD:AF:33:92:61:5F:28:8E:4D:B7:BA:ED:DC:F2
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/OmAS6AY53a8zkmFfKI5Nt7rt3PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.70.0/24
77.91.77.0/24
Signature Algorithm: sha256WithRSAEncryption
38:32:e9:d6:31:7e:bc:19:49:b9:88:6f:68:68:ab:70:e7:d8:
d2:7c:a0:7f:50:c3:f1:3f:a8:83:31:8c:d7:20:42:1b:ad:9c:
95:67:df:21:f3:f9:2e:d4:6c:ce:a6:22:e6:a4:7e:b3:63:2f:
1e:42:b0:83:cd:97:f3:2c:57:53:2f:68:59:12:00:a3:7b:d7:
d2:0c:c6:b6:c9:0a:a1:ff:dc:89:fb:75:ee:cf:25:d3:32:04:
df:8c:03:38:be:05:17:3d:02:cc:63:67:31:4e:99:b5:8d:de:
45:ce:65:53:99:fb:02:ff:39:9e:e5:74:62:c5:2c:75:2d:2e:
a8:0e:32:82:9b:f6:12:91:c2:62:ec:1f:89:b9:92:94:29:20:
60:b5:b3:a1:a5:19:6f:31:5c:69:f1:54:42:95:25:9d:89:e2:
b3:cc:0b:d3:a0:46:97:0c:50:4a:14:f5:1e:95:09:9c:15:7b:
31:ef:44:36:b6:b7:0f:9c:89:a9:3c:af:24:63:fb:86:6c:bd:
49:ca:88:af:47:a6:c5:81:84:ed:5d:59:ce:72:8e:08:10:52:
4a:d5:0c:2a:f7:c6:cc:a1:66:69:53:45:4c:07:1a:87:7d:a1:
06:ab:cd:b5:ca:f5:d3:2b:f0:1f:d0:63:3d:4f:1e:b3:fa:ea:
c6:60:e3:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYZ9hflMUAoht8Ltv8XqqH6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjIzMDkwNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYwMTJlODA2MzlkZGFmMzM5MjYxNWYyODhlNGRiN2JhZWRkY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR4URU12qoYMXZJeisAPdNIgXuYM
xNCjffBIJrhpdnJp7fBdme2eZZQGrnFtoSnqOTTlBatksnZIpAsOuZTy4orD7KSl
PvakpwtAp1fJoGrmkt9c4SYulsP7Z+c9sHsGaJnUcqn0qL8JZpwRkZ9QAu9wp+z8
L+Yzab08nmljn0SdNuyWLWaDri19P+j8NU2c68v19CC59ge+p3jU6UrkpBGiyYNF
KHqTiIkOUU3+uca/XlPe09MSzpR1BoNSxTKFfaXpbcLCDQ11FE6lV7aYFeKWfIem
hpSX/14DOlY85DJ//k1GHSkha+jxOxT0SFrD2u6voKpn5wQMnd3XIzdSQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDpgEugGOd2vM5JhXyiOTbe67dzyMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL09tQVM2QVk1M2E4emttRmZLSTVOdDdydDNQSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABNW0YD
BABNW00wDQYJKoZIhvcNAQELBQADggEBADgy6dYxfrwZSbmIb2hoq3Dn2NJ8oH9Q
w/E/qIMxjNcgQhutnJVn3yHz+S7UbM6mIuakfrNjLx5CsIPNl/MsV1MvaFkSAKN7
19IMxrbJCqH/3In7de7PJdMyBN+MAzi+BRc9AsxjZzFOmbWN3kXOZVOZ+wL/OZ7l
dGLFLHUtLqgOMoKb9hKRwmLsH4m5kpQpIGC1s6GlGW8xXGnxVEKVJZ2J4rPMC9Og
RpcMUEoU9R6VCZwVezHvRDa2tw+ciak8ryRj+4ZsvUnKiK9HpsWBhO1dWc5yjggQ
UkrVDCr3xsyhZmlTRUwHGod9oQarzbXK9dMr8B/QYz1PHrP66sZg43g=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org