Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/b0PMusravCKSjPB3WzNtUWmsp-I.roa
File: b0PMusravCKSjPB3WzNtUWmsp-I.roa (raw, json)
Hash identifier: dlzvMSR1f/qcWHzDjT40xZElynTi4sCy1IPUxZKkIks=
Subject key identifier: 6F:43:CC:BA:CA:DA:BC:22:92:8C:F0:77:5B:33:6D:51:69:AC:A7:E2
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01864AB1C9EE40B3BA21726C29690432C780
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/b0PMusravCKSjPB3WzNtUWmsp-I.roa
Signing time: Mon 13 Feb 2023 12:13:30 +0000
ROA not before: Mon 13 Feb 2023 12:13:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 77.91.84.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:b1:c9:ee:40:b3:ba:21:72:6c:29:69:04:32:c7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 13 12:13:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f43ccbacadabc22928cf0775b336d5169aca7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4b:05:65:b7:8d:c7:23:46:5e:cb:76:b5:27:
55:97:9d:b8:3b:b2:d4:25:18:78:a8:c9:b5:02:36:
70:e9:4e:c2:88:36:58:ec:bc:86:98:4c:25:5e:2f:
32:de:29:b6:48:a6:fc:33:a6:47:f7:ba:bc:86:09:
d6:7c:d1:19:4f:64:96:6a:e9:48:7e:e0:e9:bf:ab:
73:fa:93:42:5c:9d:92:0e:d4:ac:4d:76:30:ab:0d:
3c:03:08:d8:95:24:2f:bb:04:e5:06:0f:6c:b6:47:
f7:c3:6b:40:79:66:d7:41:be:bc:0b:51:32:c6:61:
15:94:bd:c1:af:05:b0:8f:64:c1:68:db:ad:ef:e9:
3d:36:cf:a0:db:30:76:eb:3c:ed:7b:29:e1:32:a0:
5d:2a:63:fa:88:a0:5e:84:26:4c:66:74:5e:62:0b:
00:d8:89:c8:2b:82:75:0d:87:b6:27:94:e8:49:a5:
10:8b:d3:13:e7:e7:d9:8d:f8:81:ab:f1:80:14:0a:
b7:96:02:ba:ac:28:c6:b9:a5:28:97:3a:9b:e2:11:
13:3e:0d:71:3f:42:d5:76:e2:53:6d:03:aa:79:37:
17:f5:67:99:9b:55:dd:38:fe:69:55:bc:9c:d3:5b:
2c:aa:79:93:9b:64:c1:93:2f:b2:d4:8e:06:70:7c:
54:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:43:CC:BA:CA:DA:BC:22:92:8C:F0:77:5B:33:6D:51:69:AC:A7:E2
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/b0PMusravCKSjPB3WzNtUWmsp-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:18:4c:a7:25:65:15:bc:cc:b8:7d:47:ff:6b:fa:6e:90:b4:
29:4a:d5:3e:1a:d6:c6:d1:1f:37:0d:29:db:4b:ff:04:22:86:
c7:c8:1f:0c:d6:3d:d9:02:34:0a:3e:b7:de:84:a9:87:5b:57:
2c:71:b7:30:d8:87:09:86:94:ec:d0:c3:a8:17:cf:b8:3b:df:
61:8c:ed:67:23:5a:15:61:ee:cf:6a:0e:35:f5:dc:0f:12:4d:
aa:be:ac:5b:3a:18:65:fb:42:97:b9:b4:97:af:61:30:0d:7a:
8d:4a:52:df:71:50:1c:32:d1:ed:bd:31:87:32:97:2f:76:99:
b5:64:92:99:3f:33:86:34:44:32:2f:41:aa:6a:2e:24:bd:2f:
81:74:cb:eb:fd:03:21:cf:79:c8:b5:56:a3:08:55:41:cf:cd:
f8:40:b5:d2:ae:42:1c:df:e7:26:1f:d2:82:c5:5b:06:7a:a2:
76:50:30:c7:35:47:55:fb:98:20:58:fd:87:d7:09:3e:b8:d7:
cf:3b:d1:68:10:6a:7c:86:a4:be:16:ac:3c:84:1f:78:be:0b:
6e:b9:99:9d:49:9a:b3:c6:7d:75:38:d4:5c:a5:6f:f3:66:25:
62:b6:90:d3:da:ee:0c:fc:38:64:64:7a:47:b6:46:0c:73:66:
9d:a7:f3:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZKscnuQLO6IXJsKWkEMseAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjEzMTIxMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjQzY2NiYWNhZGFiYzIyOTI4Y2YwNzc1YjMzNmQ1MTY5YWNhN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApksFZbeNxyNGXst2tSdVl524O7LU
JRh4qMm1AjZw6U7CiDZY7LyGmEwlXi8y3im2SKb8M6ZH97q8hgnWfNEZT2SWaulI
fuDpv6tz+pNCXJ2SDtSsTXYwqw08AwjYlSQvuwTlBg9stkf3w2tAeWbXQb68C1Ey
xmEVlL3BrwWwj2TBaNut7+k9Ns+g2zB26zzteynhMqBdKmP6iKBehCZMZnReYgsA
2InIK4J1DYe2J5ToSaUQi9MT5+fZjfiBq/GAFAq3lgK6rCjGuaUolzqb4hETPg1x
P0LVduJTbQOqeTcX9WeZm1XdOP5pVbyc01ssqnmTm2TBky+y1I4GcHxU4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG9DzLrK2rwikozwd1szbVFprKfiMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL2IwUE11c3JhdkNLU2pQQjNXek50VVdtc3AtSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJNW1Qw
DQYJKoZIhvcNAQELBQADggEBAKIYTKclZRW8zLh9R/9r+m6QtClK1T4a1sbRHzcN
KdtL/wQihsfIHwzWPdkCNAo+t96EqYdbVyxxtzDYhwmGlOzQw6gXz7g732GM7Wcj
WhVh7s9qDjX13A8STaq+rFs6GGX7Qpe5tJevYTANeo1KUt9xUBwy0e29MYcyly92
mbVkkpk/M4Y0RDIvQapqLiS9L4F0y+v9AyHPeci1VqMIVUHPzfhAtdKuQhzf5yYf
0oLFWwZ6onZQMMc1R1X7mCBY/YfXCT6418870WgQanyGpL4WrDyEH3i+C265mZ1J
mrPGfXU41Fylb/NmJWK2kNPa7gz8OGRkeke2RgxzZp2n8xk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org