Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/URsCRqwLkGYKXjx_TdVPeFK6MTc.roa
File: URsCRqwLkGYKXjx_TdVPeFK6MTc.roa (raw, json)
Hash identifier: 9nn0GWH9P1SsWyfVw/YDkwZ/gGWRUKiyryHjEZmDgjc=
Subject key identifier: 51:1B:02:46:AC:0B:90:66:0A:5E:3C:7F:4D:D5:4F:78:52:BA:31:37
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0185541E2C909EAF45CD6CD9357C2C9F09AC
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/URsCRqwLkGYKXjx_TdVPeFK6MTc.roa
Signing time: Tue 27 Dec 2022 15:05:41 +0000
ROA not before: Tue 27 Dec 2022 15:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42861
IP address blocks: 77.91.64.0/24 maxlen: 24
77.91.65.0/24 maxlen: 24
2a00:1e68:112::/48 maxlen: 128
2a00:1e68:100::/48 maxlen: 128
2a00:1e68:100::/47 maxlen: 128
2a00:1e68:101::/48 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:54:1e:2c:90:9e:af:45:cd:6c:d9:35:7c:2c:9f:09:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Dec 27 15:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=511b0246ac0b90660a5e3c7f4dd54f7852ba3137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1d:ca:52:bf:04:df:8f:e8:9b:4a:1a:d3:68:
3f:4b:3d:ca:38:c8:1c:19:66:3c:c8:26:f1:83:d0:
ae:0c:0e:3d:0e:89:6d:b2:ca:7b:9c:bf:01:e4:d0:
ed:ab:1d:1c:aa:3e:f6:54:c2:78:11:b9:82:6c:d4:
7e:8c:d8:bd:8c:1b:ba:b2:0c:eb:b7:98:44:f4:b9:
52:c4:e9:0f:d0:c1:7f:fa:e3:c1:6d:f3:90:6b:4d:
e1:79:38:20:7f:c3:da:7e:ef:53:d7:9e:0b:cd:21:
ab:bb:4d:c0:40:6d:10:92:bb:67:5a:fd:6f:a4:1b:
78:92:0f:a0:dc:35:c3:8e:06:91:42:46:07:f9:03:
de:57:54:94:c8:d1:ac:c4:19:4c:95:05:00:37:4e:
4f:3a:47:3a:dd:9a:dc:82:ea:74:e1:ac:7f:15:16:
60:8c:09:3c:55:cb:a0:d9:ea:19:67:01:9e:38:8e:
c2:f5:76:80:8b:9c:f9:f5:a1:aa:34:23:79:7d:08:
29:0c:08:d3:36:fd:ce:a7:99:5d:76:e1:60:ed:e4:
d1:87:06:14:d6:28:50:7f:c3:c4:b8:62:61:6b:1f:
ff:9c:0e:d3:54:01:65:36:5f:be:9f:2b:54:5e:20:
6d:dc:f9:23:13:1c:c2:2d:15:55:a3:71:38:df:2c:
4c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1B:02:46:AC:0B:90:66:0A:5E:3C:7F:4D:D5:4F:78:52:BA:31:37
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/URsCRqwLkGYKXjx_TdVPeFK6MTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.64.0/23
IPv6:
2a00:1e68:100::/47
2a00:1e68:112::/48
Signature Algorithm: sha256WithRSAEncryption
18:7d:12:a6:d2:9c:17:e4:6d:6b:ea:50:19:7b:46:97:49:15:
df:8c:19:99:67:4a:0c:54:33:69:68:ad:5d:ff:64:c7:6e:6b:
ba:df:45:bb:1d:89:9e:5b:97:1d:90:10:3f:2c:e5:9c:79:1f:
f3:d2:c7:66:03:de:4c:f4:9e:db:a5:40:d2:87:e3:45:2c:8b:
ce:f6:d0:f5:f7:61:68:4c:c4:7e:b5:cb:3e:ad:a3:92:08:08:
33:66:d2:23:93:b3:d2:59:e7:39:8f:42:dc:de:71:c0:fb:60:
dc:d7:2b:94:ec:e2:7a:c7:2c:b0:10:e9:ca:16:78:d5:fa:bf:
a9:02:b9:b1:93:91:21:6b:82:e9:75:b2:0c:a9:92:56:dc:51:
f8:22:74:77:4b:7a:e2:41:75:24:09:f9:25:ba:f4:de:de:ec:
1c:63:fe:f3:99:7b:ca:d5:b8:5c:52:90:09:04:24:f0:82:72:
fa:6a:af:de:f5:af:ae:e3:18:ef:0a:06:fd:ec:f1:68:b9:ce:
af:30:47:91:4c:cf:21:ee:53:60:d2:9d:2c:8e:4a:d7:ee:06:
02:b7:10:9b:67:7c:1a:be:38:41:3f:76:bd:30:77:14:ff:26:
31:93:e7:f3:bf:12:af:0b:73:df:76:6c:8d:7f:ea:d3:72:5f:
58:fe:63:5a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVUHiyQnq9FzWzZNXwsnwmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjIxMjI3MTUwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFiMDI0NmFjMGI5MDY2MGE1ZTNjN2Y0ZGQ1NGY3ODUyYmEzMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB3KUr8E34/om0oa02g/Sz3KOMgc
GWY8yCbxg9CuDA49Doltssp7nL8B5NDtqx0cqj72VMJ4EbmCbNR+jNi9jBu6sgzr
t5hE9LlSxOkP0MF/+uPBbfOQa03heTggf8Pafu9T154LzSGru03AQG0QkrtnWv1v
pBt4kg+g3DXDjgaRQkYH+QPeV1SUyNGsxBlMlQUAN05POkc63Zrcgup04ax/FRZg
jAk8Vcug2eoZZwGeOI7C9XaAi5z59aGqNCN5fQgpDAjTNv3Op5ldduFg7eTRhwYU
1ihQf8PEuGJhax//nA7TVAFlNl++nytUXiBt3PkjExzCLRVVo3E43yxMKQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFEbAkasC5BmCl48f03VT3hSujE3MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL1VSc0NScXdMa0dZS1hqeF9UZFZQZUZLNk1UYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMAwEAgABMAYDBAFNW0Aw
GAQCAAIwEgMHASoAHmgBAAMHACoAHmgBEjANBgkqhkiG9w0BAQsFAAOCAQEAGH0S
ptKcF+Rta+pQGXtGl0kV34wZmWdKDFQzaWitXf9kx25rut9Fux2JnluXHZAQPyzl
nHkf89LHZgPeTPSe26VA0ofjRSyLzvbQ9fdhaEzEfrXLPq2jkggIM2bSI5Oz0lnn
OY9C3N5xwPtg3NcrlOziescssBDpyhZ41fq/qQK5sZORIWuC6XWyDKmSVtxR+CJ0
d0t64kF1JAn5Jbr03t7sHGP+85l7ytW4XFKQCQQk8IJy+mqv3vWvruMY7woG/ezx
aLnOrzBHkUzPIe5TYNKdLI5K1+4GArcQm2d8Gr44QT92vTB3FP8mMZPn878Srwtz
33ZsjX/q03JfWP5jWg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org