Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/_klmQXegPA-ggzWg-mtTd32N_w4.roa
File: _klmQXegPA-ggzWg-mtTd32N_w4.roa (raw, json)
Hash identifier: nmJ4qtMqMBlwpwPCwlPnpEMRMPO6BmcktICR354dWZs=
Subject key identifier: FE:49:66:41:77:A0:3C:0F:A0:83:35:A0:FA:6B:53:77:7D:8D:FF:0E
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01824A2B4020049FF20918A4FA9D75C399B2
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/_klmQXegPA-ggzWg-mtTd32N_w4.roa
Signing time: Fri 29 Jul 2022 13:35:24 +0000
ROA not before: Fri 29 Jul 2022 13:35:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
77.91.73.0/24 maxlen: 24
77.91.103.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:2b:40:20:04:9f:f2:09:18:a4:fa:9d:75:c3:99:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jul 29 13:35:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe49664177a03c0fa08335a0fa6b53777d8dff0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c0:41:ea:03:d5:ad:eb:73:2a:32:51:c3:57:
eb:85:18:aa:f0:2b:42:f6:e9:ff:1c:56:20:70:48:
90:21:c1:9f:ef:29:3b:1b:3f:2d:8c:55:7d:12:3a:
51:da:f4:90:4f:b9:16:82:d8:76:9d:cb:d5:f4:3b:
33:1d:88:cd:e1:cb:28:4b:7e:ab:db:ee:20:6e:ff:
28:51:54:33:72:63:e3:6c:5f:cb:53:bf:f4:1b:89:
e5:d9:29:1e:dd:28:d3:d1:f1:ef:d6:d1:25:f2:f0:
0b:83:bd:78:e5:a9:d4:39:b4:6d:30:5c:ad:53:9b:
23:cd:8c:28:9a:fc:b8:5a:21:20:84:2e:2b:53:10:
19:92:39:31:07:72:9b:d7:6e:2f:2c:22:5b:25:fd:
f0:5e:9f:7f:0b:7c:4f:6b:c4:97:41:37:bb:e4:d9:
a5:73:8c:c1:99:f5:68:fc:11:8e:79:a5:3d:0e:fa:
f3:ba:21:32:47:d7:f9:cc:22:ba:8a:21:2a:c2:9d:
96:35:a8:60:3f:bf:3e:53:26:55:de:ef:f5:d5:85:
bc:d9:70:d7:6f:dc:fe:b7:8f:cd:70:9c:45:c4:8a:
a4:c4:84:51:82:d7:42:cc:20:20:85:06:46:6b:d4:
10:26:30:26:63:5b:ab:2b:bf:df:e6:9c:ba:35:00:
46:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:49:66:41:77:A0:3C:0F:A0:83:35:A0:FA:6B:53:77:7D:8D:FF:0E
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/_klmQXegPA-ggzWg-mtTd32N_w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0-77.91.75.255
77.91.100.0/24
77.91.102.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:db:35:71:09:a1:39:98:91:ef:2d:b3:7a:4e:61:46:82:f8:
10:16:fe:14:43:a2:59:10:51:36:8a:24:c4:28:7d:57:16:7f:
04:b0:c3:51:95:76:f5:0e:cc:ff:33:a8:7c:7f:20:1f:59:0f:
eb:de:ab:06:4b:a4:82:a6:e5:1f:45:81:c4:ce:ed:ed:98:a9:
51:85:4e:78:61:99:61:9e:97:8b:85:e2:7c:a8:06:30:15:ca:
f9:27:54:e7:35:e9:53:9b:2d:e0:e7:0e:28:c8:51:80:2a:80:
19:37:45:a0:00:af:67:0d:ce:a8:1f:aa:ff:2e:d3:16:5f:c5:
83:7f:41:d7:62:c9:49:9c:10:f0:a9:be:0f:7c:5c:34:25:9a:
e3:88:83:d0:be:2a:f5:61:62:a3:ef:f5:6c:64:c1:bc:1b:96:
b1:4c:5f:9f:f1:22:0c:23:61:34:fe:66:a5:44:95:47:97:43:
3a:bf:5b:57:c0:c5:65:7c:7c:74:0e:31:37:c3:a0:76:9b:9d:
d0:69:c8:2c:d2:6e:74:41:08:10:50:51:79:69:a6:94:3f:13:
2d:8e:2a:d6:a4:20:0e:38:f0:ce:5a:35:3b:00:71:6a:64:ec:
0b:4c:cf:e9:e7:cc:be:86:f2:af:8d:62:9b:2d:7b:10:b8:01:
af:70:dd:1b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYJKK0AgBJ/yCRik+p11w5myMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjIwNzI5MTMzNTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ5NjY0MTc3YTAzYzBmYTA4MzM1YTBmYTZiNTM3NzdkOGRmZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMBB6gPVretzKjJRw1frhRiq8CtC
9un/HFYgcEiQIcGf7yk7Gz8tjFV9EjpR2vSQT7kWgth2ncvV9DszHYjN4csoS36r
2+4gbv8oUVQzcmPjbF/LU7/0G4nl2Ske3SjT0fHv1tEl8vALg7145anUObRtMFyt
U5sjzYwomvy4WiEghC4rUxAZkjkxB3Kb124vLCJbJf3wXp9/C3xPa8SXQTe75Nml
c4zBmfVo/BGOeaU9DvrzuiEyR9f5zCK6iiEqwp2WNahgP78+UyZV3u/11YW82XDX
b9z+t4/NcJxFxIqkxIRRgtdCzCAghQZGa9QQJjAmY1urK7/f5py6NQBGMQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP5JZkF3oDwPoIM1oPprU3d9jf8OMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL19rbG1RWGVnUEEtZ2d6V2ctbXRUZDMyTl93NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBowDAMEAE1b
SQMEAk1bSAMEAE1bZAMEAU1bZjANBgkqhkiG9w0BAQsFAAOCAQEAO9s1cQmhOZiR
7y2zek5hRoL4EBb+FEOiWRBRNookxCh9VxZ/BLDDUZV29Q7M/zOofH8gH1kP696r
BkukgqblH0WBxM7t7ZipUYVOeGGZYZ6Xi4XifKgGMBXK+SdU5zXpU5st4OcOKMhR
gCqAGTdFoACvZw3OqB+q/y7TFl/Fg39B12LJSZwQ8Km+D3xcNCWa44iD0L4q9WFi
o+/1bGTBvBuWsUxfn/EiDCNhNP5mpUSVR5dDOr9bV8DFZXx8dA4xN8Ogdpud0GnI
LNJudEEIEFBReWmmlD8TLY4q1qQgDjjwzlo1OwBxamTsC0zP6efMvobyr41imy17
ELgBr3DdGw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org