Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VyGdckAUaIHruWbuh48BIoIX5GM.roa
File: VyGdckAUaIHruWbuh48BIoIX5GM.roa (raw, json)
Hash identifier: NcF9v+/5Tp7xSl8rZc/BloJdUlbKbwwufNRcieqgBQM=
Subject key identifier: 57:21:9D:72:40:14:68:81:EB:B9:66:EE:87:8F:01:22:82:17:E4:63
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018580FB795C83C6ADB580082067B3A42F9B
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VyGdckAUaIHruWbuh48BIoIX5GM.roa
Signing time: Thu 05 Jan 2023 08:10:42 +0000
ROA not before: Thu 05 Jan 2023 08:10:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.103.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.101.0/24 maxlen: 24
77.91.122.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:80:fb:79:5c:83:c6:ad:b5:80:08:20:67:b3:a4:2f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 5 08:10:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57219d7240146881ebb966ee878f01228217e463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:9a:6a:84:1e:d1:8c:b3:e1:e3:18:69:b6:
6e:1c:c4:0d:b4:06:f2:1b:82:cb:10:ca:9f:11:60:
2f:de:3f:fc:31:b4:a5:a9:32:9e:b0:57:cf:5d:07:
9c:bc:8b:06:f2:31:cf:b1:71:ab:78:0b:dc:26:27:
58:df:39:0a:99:2f:2c:b5:ed:4c:d7:77:ac:1b:39:
c9:cd:37:bf:ad:f4:44:12:1c:3e:75:13:31:d7:af:
85:24:84:51:4c:14:db:53:4b:3c:e4:0d:c1:fe:af:
43:c5:7d:88:72:12:cc:8b:64:86:94:aa:c0:cd:6e:
c4:ff:1a:12:2b:bf:f5:0a:99:21:aa:c9:cb:44:7c:
7a:ad:65:e9:72:fc:96:a4:28:e7:b9:81:09:46:e4:
fc:7c:7f:91:e9:a2:ba:69:b5:21:46:ac:18:57:8a:
ec:33:36:3b:2a:81:86:de:64:b2:a5:f3:01:6e:1e:
7b:33:12:72:96:5b:0d:ec:47:91:4c:2e:f1:31:60:
0a:95:bf:62:ef:e9:cd:fb:b4:cd:c1:80:2d:46:1b:
6c:43:a3:9a:d6:06:22:56:dd:94:39:52:38:49:a6:
e2:50:58:59:c7:de:e7:37:60:27:e1:8b:cb:67:1c:
60:2b:3e:95:f6:31:3b:c9:71:43:71:82:17:a2:9d:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:21:9D:72:40:14:68:81:EB:B9:66:EE:87:8F:01:22:82:17:E4:63
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/VyGdckAUaIHruWbuh48BIoIX5GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.75.0/24
77.91.101.0-77.91.103.255
77.91.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:e3:2d:20:2c:e0:b4:63:3b:30:d3:02:aa:9a:d1:85:e7:d6:
15:e8:1f:16:9d:d1:fb:41:88:b6:1b:b5:b2:28:ce:23:59:82:
83:43:ce:2f:ed:45:25:41:be:51:0f:31:50:ac:1a:7a:f7:b3:
6f:37:c5:40:a2:e2:77:f6:b6:2f:f4:b9:20:ba:4c:22:31:59:
dd:f4:b0:cc:83:1f:84:a2:8c:24:17:e5:42:67:10:cd:49:b6:
84:79:67:84:00:53:79:01:44:50:5a:eb:85:32:31:57:b7:a8:
2b:16:14:20:47:dd:a8:a5:a8:87:97:40:5a:f9:d4:e0:8f:0c:
4e:3b:91:3e:ec:59:83:39:3e:b5:8e:cd:bd:74:fc:62:c5:f3:
be:7f:d1:aa:c5:c6:dc:13:cd:73:6b:60:53:eb:a8:bc:4f:58:
2c:cc:20:17:47:b0:11:85:48:4c:3f:ea:9a:ce:71:29:90:14:
bc:15:ae:94:51:f0:bd:1f:f9:eb:ae:9e:5c:7d:59:e0:8c:15:
67:0a:a6:f5:a4:02:33:cd:70:c2:fc:49:bc:66:8a:5e:8c:81:
d1:d0:0f:84:c8:d6:59:d6:eb:fa:6d:5d:88:0d:4c:08:e0:f2:
e7:4c:d3:5e:ad:c4:21:41:83:70:3b:74:f4:6a:74:7c:bb:d3:
b8:59:cc:0d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYWA+3lcg8attYAIIGezpC+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTA1MDgxMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzIxOWQ3MjQwMTQ2ODgxZWJiOTY2ZWU4NzhmMDEyMjgyMTdlNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+GaaoQe0Yyz4eMYabZuHMQNtAby
G4LLEMqfEWAv3j/8MbSlqTKesFfPXQecvIsG8jHPsXGreAvcJidY3zkKmS8ste1M
13esGznJzTe/rfREEhw+dRMx16+FJIRRTBTbU0s85A3B/q9DxX2IchLMi2SGlKrA
zW7E/xoSK7/1CpkhqsnLRHx6rWXpcvyWpCjnuYEJRuT8fH+R6aK6abUhRqwYV4rs
MzY7KoGG3mSypfMBbh57MxJyllsN7EeRTC7xMWAKlb9i7+nN+7TNwYAtRhtsQ6Oa
1gYiVt2UOVI4SabiUFhZx97nN2An4YvLZxxgKz6V9jE7yXFDcYIXop1nWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFchnXJAFGiB67lm7oePASKCF+RjMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL1Z5R2Rja0FVYUlIcnVXYnVoNDhCSW9JWDVHTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBABNW0sw
DAMEAE1bZQMEA01bYAMEAU1bejANBgkqhkiG9w0BAQsFAAOCAQEApuMtICzgtGM7
MNMCqprRhefWFegfFp3R+0GIthu1sijOI1mCg0POL+1FJUG+UQ8xUKwaevezbzfF
QKLid/a2L/S5ILpMIjFZ3fSwzIMfhKKMJBflQmcQzUm2hHlnhABTeQFEUFrrhTIx
V7eoKxYUIEfdqKWoh5dAWvnU4I8MTjuRPuxZgzk+tY7NvXT8YsXzvn/RqsXG3BPN
c2tgU+uovE9YLMwgF0ewEYVITD/qms5xKZAUvBWulFHwvR/5666eXH1Z4IwVZwqm
9aQCM81wwvxJvGaKXoyB0dAPhMjWWdbr+m1diA1MCODy50zTXq3EIUGDcDt09Gp0
fLvTuFnMDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org