Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/XQ9G5cF9dLgC5H0Fyv0Dvtrd8uo.roa
File: XQ9G5cF9dLgC5H0Fyv0Dvtrd8uo.roa (raw, json)
Hash identifier: inxI+9bVynuBZo89eJ57j2FD7IInKeuKLc/3cyUXa0Q=
Subject key identifier: 5D:0F:46:E5:C1:7D:74:B8:02:E4:7D:05:CA:FD:03:BE:DA:DD:F2:EA
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570306053D1D8043CF6124383F4C8E5A1
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/XQ9G5cF9dLgC5H0Fyv0Dvtrd8uo.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203727
IP address blocks: 77.91.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:60:53:d1:d8:04:3c:f6:12:43:83:f4:c8:e5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d0f46e5c17d74b802e47d05cafd03bedaddf2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:dd:ad:4a:c7:b9:f4:02:7b:ba:e3:ae:45:92:
a4:98:f2:06:7b:15:47:b0:d9:cf:7f:9e:db:cf:b7:
77:6b:88:ba:6f:04:31:67:b5:ff:48:dc:8e:0a:06:
3b:5e:2c:f5:e3:61:be:31:c2:c4:7e:e2:2c:fc:a2:
d1:a7:a0:96:f3:8d:4e:b9:90:d1:2c:37:52:bf:05:
a9:0a:b1:b4:a8:26:21:07:7f:92:b0:df:1e:ea:c8:
08:c2:d7:cc:83:00:2c:ec:d5:a3:25:1b:32:a5:19:
a8:00:5f:0c:c6:da:d5:0a:e1:d3:98:64:6f:f8:a3:
65:e9:db:40:a7:54:e9:7e:de:ca:7c:77:9c:a8:1d:
dc:a4:31:d6:5d:f5:18:45:c9:94:59:b2:2e:1a:cb:
2d:a0:b3:f0:82:ea:99:77:fe:09:5f:b4:63:39:d7:
72:8b:cc:92:2c:e7:e4:0e:b1:29:bd:9a:6b:fd:a6:
59:fe:7d:1a:c1:7c:84:07:32:87:a3:2e:cf:58:58:
54:9f:a9:fe:b4:7a:3f:b5:ef:f0:d6:4b:8a:0a:b8:
d3:54:ca:33:88:08:81:77:27:22:5a:aa:bb:d8:8b:
42:87:24:5c:27:5d:01:a5:70:69:37:b0:26:2f:61:
b4:5c:51:39:70:df:92:f6:5f:d4:3d:5d:cb:81:b2:
9b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0F:46:E5:C1:7D:74:B8:02:E4:7D:05:CA:FD:03:BE:DA:DD:F2:EA
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/XQ9G5cF9dLgC5H0Fyv0Dvtrd8uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.124.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:17:6b:f7:48:fb:69:cc:e1:98:ab:d9:7e:25:d2:9f:b8:30:
ef:50:c3:76:96:8c:30:42:cc:9f:51:11:3d:de:69:e0:27:d9:
e6:d3:d8:2e:0b:ef:c6:a0:46:67:f1:74:8d:b6:3e:f4:69:d1:
8f:2d:dc:fd:85:f6:3a:ca:ff:67:7c:2e:60:39:c0:79:6e:47:
6b:78:bc:80:c6:49:01:d4:72:fc:e5:e3:63:db:45:fb:21:dd:
fa:c3:93:2e:22:d8:cc:33:79:be:52:ce:33:07:91:fe:d7:b2:
72:5f:e6:94:84:70:5f:f3:48:e6:f6:93:a4:5c:24:48:19:ce:
05:86:41:5c:ee:45:6f:57:53:f7:c6:46:ba:3d:03:1c:14:b9:
d9:5a:70:46:88:0c:aa:f4:80:28:8d:11:96:2d:62:4f:f8:83:
07:91:a3:0d:5a:42:44:e7:7f:d6:f1:55:a0:1b:95:1c:b4:70:
ac:75:28:22:4e:41:ad:57:d7:6e:14:82:a2:50:66:62:7e:87:
c0:e0:71:55:07:58:83:bd:82:74:c7:86:70:89:3e:f5:90:b3:
71:60:02:28:58:5c:4c:40:0b:a6:43:1f:a2:4f:2c:41:9a:10:
35:d2:98:09:4f:3d:54:3d:55:0c:2e:c6:60:a1:7c:ce:47:33:
ad:39:18:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwMGBT0dgEPPYSQ4P0yOWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBmNDZlNWMxN2Q3NGI4MDJlNDdkMDVjYWZkMDNiZWRhZGRmMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA892tSse59AJ7uuOuRZKkmPIGexVH
sNnPf57bz7d3a4i6bwQxZ7X/SNyOCgY7Xiz142G+McLEfuIs/KLRp6CW841OuZDR
LDdSvwWpCrG0qCYhB3+SsN8e6sgIwtfMgwAs7NWjJRsypRmoAF8MxtrVCuHTmGRv
+KNl6dtAp1Tpft7KfHecqB3cpDHWXfUYRcmUWbIuGsstoLPwguqZd/4JX7RjOddy
i8ySLOfkDrEpvZpr/aZZ/n0awXyEBzKHoy7PWFhUn6n+tHo/te/w1kuKCrjTVMoz
iAiBdyciWqq72ItChyRcJ10BpXBpN7AmL2G0XFE5cN+S9l/UPV3LgbKbqwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF0PRuXBfXS4AuR9Bcr9A77a3fLqMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL1hROUc1Y0Y5ZExnQzVIMEZ5djBEdnRyZDh1by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW3ww
DQYJKoZIhvcNAQELBQADggEBAJ0Xa/dI+2nM4Zir2X4l0p+4MO9Qw3aWjDBCzJ9R
ET3eaeAn2ebT2C4L78agRmfxdI22PvRp0Y8t3P2F9jrK/2d8LmA5wHluR2t4vIDG
SQHUcvzl42PbRfsh3frDky4i2Mwzeb5SzjMHkf7XsnJf5pSEcF/zSOb2k6RcJEgZ
zgWGQVzuRW9XU/fGRro9AxwUudlacEaIDKr0gCiNEZYtYk/4gweRow1aQkTnf9bx
VaAblRy0cKx1KCJOQa1X124UgqJQZmJ+h8DgcVUHWIO9gnTHhnCJPvWQs3FgAihY
XExAC6ZDH6JPLEGaEDXSmAlPPVQ9VQwuxmChfM5HM605GH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org