Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VsSxlXJLGNQ0LUn-awUcOX5oe1I.roa
File: VsSxlXJLGNQ0LUn-awUcOX5oe1I.roa (raw, json)
Hash identifier: J3PF9nqD6a5pgVk4eNggYy8ElIdiQoTzSLk2RY5hkT4=
Subject key identifier: 56:C4:B1:95:72:4B:18:D4:34:2D:49:FE:6B:05:1C:39:7E:68:7B:52
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 1369EBA0
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VsSxlXJLGNQ0LUn-awUcOX5oe1I.roa
Signing time: Tue 12 Apr 2022 17:07:04 +0000
ROA not before: Tue 12 Apr 2022 17:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 77.91.103.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325708704 (0x1369eba0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Apr 12 17:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56c4b195724b18d4342d49fe6b051c397e687b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ab:08:1d:4f:d5:5e:45:43:04:8f:61:ec:1a:
f4:c7:b5:1e:d2:f1:f2:a8:8a:7c:00:2b:af:5e:cf:
24:3e:c9:78:3f:33:d4:39:b5:a3:71:68:4a:5b:94:
0f:2f:2a:9f:a9:1d:d1:27:75:c3:46:11:48:b3:d9:
45:be:0b:02:74:9d:7b:5c:65:7a:a6:ab:7d:a3:83:
d3:a8:87:9d:2e:97:aa:a2:ba:de:9b:24:d4:1e:01:
c4:30:b3:89:7e:6c:d7:a0:af:dc:66:17:11:65:6f:
31:46:da:02:a6:3a:ec:0e:4c:bc:45:8f:97:0c:b8:
e7:7f:9f:2d:da:0c:22:75:63:4a:80:fb:91:74:b5:
09:d6:99:47:2f:98:16:12:16:61:12:de:a8:cc:60:
00:80:2b:ef:81:6f:97:83:91:79:8b:7c:a7:f3:b0:
0a:52:98:5e:f7:ea:38:18:d2:45:00:0b:23:76:af:
4a:92:4f:c8:6b:f1:f4:5e:60:10:49:bb:38:e6:9e:
f4:24:53:75:ca:e4:0a:fc:e9:6b:cf:a0:79:23:de:
8e:03:f1:25:d6:e4:6a:31:9a:d8:33:34:dd:4e:1e:
20:d6:2e:3d:49:df:56:83:d2:9b:fc:10:4d:50:a1:
f3:5c:6d:66:eb:01:5b:3b:33:13:26:9d:41:3c:6c:
7b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C4:B1:95:72:4B:18:D4:34:2D:49:FE:6B:05:1C:39:7E:68:7B:52
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VsSxlXJLGNQ0LUn-awUcOX5oe1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.103.0/24
Signature Algorithm: sha256WithRSAEncryption
41:26:f0:a2:c7:2e:92:5b:b3:1c:f6:f2:50:54:ad:0e:41:c0:
94:50:c1:76:34:7b:b8:54:24:88:c2:65:6b:df:8a:8c:2b:6f:
d5:cc:f8:52:79:8c:07:fa:7b:e9:ea:e9:71:05:58:61:50:a5:
ae:70:85:2b:53:47:92:26:9d:5e:b7:e4:42:d3:d6:80:e2:57:
ea:f1:19:be:c2:8c:28:60:c4:a9:2c:6c:cb:99:f1:49:e8:c7:
bf:48:6b:ce:fc:66:cd:d5:d2:00:df:7b:f5:91:77:40:c3:44:
64:50:4f:d8:0d:2e:10:c1:22:08:48:cf:34:3b:c8:0c:db:12:
c5:1b:e2:de:98:ca:d8:81:19:8f:31:09:bb:66:82:0b:89:6c:
8e:53:cc:89:eb:9d:ef:6c:fb:b3:2d:69:cf:9c:c5:6e:63:05:
07:29:ca:83:76:ad:00:03:e1:0a:7b:90:4a:2b:29:e5:a8:43:
00:31:81:57:fe:67:13:ac:75:e7:4a:76:7a:a0:58:1e:9e:f1:
68:df:e3:4a:5b:58:52:96:49:c2:26:29:8d:79:94:54:7d:43:
6e:af:ad:6b:68:f4:04:d7:d5:dc:b6:56:fc:de:38:0b:91:94:
c3:55:29:aa:f8:ee:f3:03:55:fa:fd:43:07:3c:ca:3b:43:c4:
fc:ee:ba:08
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEE2nroDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDQx
MjE3MDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZjNGIxOTU3MjRi
MThkNDM0MmQ0OWZlNmIwNTFjMzk3ZTY4N2I1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSrCB1P1V5FQwSPYewa9Me1HtLx8qiKfAArr17PJD7JeD8z
1Dm1o3FoSluUDy8qn6kd0Sd1w0YRSLPZRb4LAnSde1xleqarfaOD06iHnS6XqqK6
3psk1B4BxDCziX5s16Cv3GYXEWVvMUbaAqY67A5MvEWPlwy453+fLdoMInVjSoD7
kXS1CdaZRy+YFhIWYRLeqMxgAIAr74Fvl4OReYt8p/OwClKYXvfqOBjSRQALI3av
SpJPyGvx9F5gEEm7OOae9CRTdcrkCvzpa8+geSPejgPxJdbkajGa2DM03U4eINYu
PUnfVoPSm/wQTVCh81xtZusBWzszEyadQTxse2sCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRWxLGVcksY1DQtSf5rBRw5fmh7UjAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9Wc1N4bFhKTEdOUTBMVW4tYXdVY09YNW9lMUkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVtnMA0GCSqGSIb3DQEBCwUA
A4IBAQBBJvCixy6SW7Mc9vJQVK0OQcCUUMF2NHu4VCSIwmVr34qMK2/VzPhSeYwH
+nvp6ulxBVhhUKWucIUrU0eSJp1et+RC09aA4lfq8Rm+wowoYMSpLGzLmfFJ6Me/
SGvO/GbN1dIA33v1kXdAw0RkUE/YDS4QwSIISM80O8gM2xLFG+LemMrYgRmPMQm7
ZoILiWyOU8yJ653vbPuzLWnPnMVuYwUHKcqDdq0AA+EKe5BKKynlqEMAMYFX/mcT
rHXnSnZ6oFgenvFo3+NKW1hSlknCJimNeZRUfUNur61raPQE19Xctlb83jgLkZTD
VSmq+O7zA1X6/UMHPMo7Q8T87roI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org