Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/RAQdK7jQrz-YX_SsDFqwjy_Yibg.roa
File: RAQdK7jQrz-YX_SsDFqwjy_Yibg.roa (raw, json)
Hash identifier: tthgCbI6iF6C3xdFRetuxuClH5OK6mbOeyGnABpHJo0=
Subject key identifier: 44:04:1D:2B:B8:D0:AF:3F:98:5F:F4:AC:0C:5A:B0:8F:2F:D8:89:B8
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305F78EBCD384D2BA4BFE8F6A4467A
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/RAQdK7jQrz-YX_SsDFqwjy_Yibg.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.67.0/24 maxlen: 32
77.91.112.0/24 maxlen: 32
77.91.117.0/24 maxlen: 32
77.91.118.0/24 maxlen: 32
77.91.115.0/24 maxlen: 32
185.149.144.0/24 maxlen: 32
185.149.145.0/24 maxlen: 32
77.91.119.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5f:78:eb:cd:38:4d:2b:a4:bf:e8:f6:a4:46:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44041d2bb8d0af3f985ff4ac0c5ab08f2fd889b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:fc:82:ef:ea:be:bb:cf:f2:27:92:c7:1b:
96:83:88:65:36:8f:82:7a:6d:92:3b:20:00:48:91:
98:08:26:cc:1d:8b:d4:af:5c:7b:11:f4:90:7c:75:
8c:4d:d6:3e:63:3f:c6:2a:20:23:33:cd:e3:ee:4f:
26:80:e9:61:71:7c:ba:f2:58:af:22:40:2c:9a:4f:
97:13:30:4e:91:f1:27:4c:ea:e2:2e:84:ed:71:4c:
73:eb:5f:18:7d:3d:78:b0:8d:69:9f:74:a4:c0:f8:
9d:a4:8e:3c:c8:38:b3:4c:eb:2f:ee:6d:ef:16:7f:
48:b9:60:99:b1:c4:4e:58:49:93:a7:ae:36:f5:35:
98:45:7f:85:0a:b0:25:2a:a8:10:df:d9:fa:49:29:
6c:8c:76:f4:7d:ae:9c:ab:ee:f5:79:c5:2d:26:5d:
cf:ca:72:87:d7:87:da:be:d9:0b:7c:51:09:50:25:
be:e0:34:66:a3:ad:23:cc:28:4e:d0:13:86:10:50:
4a:77:79:f1:e7:4b:1a:86:74:05:38:24:96:69:91:
61:c2:a6:f6:7b:e0:b7:c3:c1:4a:d8:35:ed:46:4e:
57:e4:c4:3e:b7:e3:5b:5e:1e:55:c1:b9:f0:0e:08:
c5:2d:f8:fd:71:32:b8:90:86:19:eb:f8:b9:9a:20:
f9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:04:1D:2B:B8:D0:AF:3F:98:5F:F4:AC:0C:5A:B0:8F:2F:D8:89:B8
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/RAQdK7jQrz-YX_SsDFqwjy_Yibg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.67.0/24
77.91.112.0/24
77.91.115.0/24
77.91.117.0-77.91.119.255
185.149.144.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:34:f2:b1:4d:79:c3:d1:c7:44:52:5f:60:9c:16:2a:f4:d6:
ef:63:d9:17:60:2e:11:1c:a6:df:34:d7:da:66:b2:1f:ad:d2:
99:06:d2:5a:78:1d:22:f3:64:c9:49:b9:f0:84:c1:26:c7:f4:
e5:e0:dc:5f:b7:53:17:cf:85:58:dd:fc:ed:ad:30:c2:c9:9e:
01:cd:be:aa:79:08:61:d8:64:eb:84:e9:2d:16:8e:63:ea:1e:
d3:48:a2:05:36:c6:a8:51:45:19:b6:96:e0:c9:51:02:25:f0:
55:bf:9d:64:4e:16:9f:52:43:60:ec:97:4e:75:b3:fb:9c:aa:
c3:2f:80:f1:dc:21:f6:0b:74:b5:ac:76:5e:2f:f6:c0:9f:40:
b3:13:03:94:af:92:de:6d:b2:13:f7:8c:d1:ba:1a:b0:6b:0a:
f4:4f:a9:3d:4d:26:f9:ef:35:a0:ba:f6:7a:9e:97:1b:cd:d5:
f1:fc:0f:4c:d1:d1:8c:c8:b8:bd:9a:c3:10:78:ba:e5:aa:63:
81:8b:e5:a9:21:42:15:c2:f5:69:46:10:1d:c4:94:76:c2:6a:
db:c0:9d:e7:47:02:22:5b:ef:b0:cf:8e:c9:2f:67:29:a9:77:
98:20:cf:b4:82:a2:e8:5e:73:6b:9f:c0:91:7d:ba:86:46:97:
32:fb:ae:0f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwMF946804TSukv+j2pEZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDA0MWQyYmI4ZDBhZjNmOTg1ZmY0YWMwYzVhYjA4ZjJmZDg4OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjX8gu/qvrvP8ieSxxuWg4hlNo+C
em2SOyAASJGYCCbMHYvUr1x7EfSQfHWMTdY+Yz/GKiAjM83j7k8mgOlhcXy68liv
IkAsmk+XEzBOkfEnTOriLoTtcUxz618YfT14sI1pn3SkwPidpI48yDizTOsv7m3v
Fn9IuWCZscROWEmTp6429TWYRX+FCrAlKqgQ39n6SSlsjHb0fa6cq+71ecUtJl3P
ynKH14favtkLfFEJUCW+4DRmo60jzChO0BOGEFBKd3nx50sahnQFOCSWaZFhwqb2
e+C3w8FK2DXtRk5X5MQ+t+NbXh5VwbnwDgjFLfj9cTK4kIYZ6/i5miD5CQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEQEHSu40K8/mF/0rAxasI8v2Im4MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL1JBUWRLN2pRcnotWVhfU3NERnF3anlfWWliZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBABNW0MD
BABNW3ADBABNW3MwDAMEAE1bdQMEA01bcAMEAbmVkDANBgkqhkiG9w0BAQsFAAOC
AQEAezTysU15w9HHRFJfYJwWKvTW72PZF2AuERym3zTX2mayH63SmQbSWngdIvNk
yUm58ITBJsf05eDcX7dTF8+FWN387a0wwsmeAc2+qnkIYdhk64TpLRaOY+oe00ii
BTbGqFFFGbaW4MlRAiXwVb+dZE4Wn1JDYOyXTnWz+5yqwy+A8dwh9gt0tax2Xi/2
wJ9AsxMDlK+S3m2yE/eM0boasGsK9E+pPU0m+e81oLr2ep6XG83V8fwPTNHRjMi4
vZrDEHi65apjgYvlqSFCFcL1aUYQHcSUdsJq28Cd50cCIlvvsM+OyS9nKal3mCDP
tIKi6F5za5/AkX26hkaXMvuuDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org