Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/bQvfmM0DmFulL0tMeMD4eVUfYgQ.roa
File: bQvfmM0DmFulL0tMeMD4eVUfYgQ.roa (raw, json)
Hash identifier: 0d7c3E+JFDefHZyYWSt5glK8O8nYaINy7Q/yY2mgV4k=
Subject key identifier: 6D:0B:DF:98:CD:03:98:5B:A5:2F:4B:4C:78:C0:F8:79:55:1F:62:04
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 127AAB87
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/bQvfmM0DmFulL0tMeMD4eVUfYgQ.roa
Signing time: Sat 01 Jan 2022 15:05:36 +0000
ROA not before: Sat 01 Jan 2022 15:05:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49371
IP address blocks: 77.91.118.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310029191 (0x127aab87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d0bdf98cd03985ba52f4b4c78c0f879551f6204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:45:8e:35:3b:60:6b:4e:b4:d3:d5:b2:2b:c8:
29:fe:2b:b8:7c:b7:99:6a:97:c5:7e:62:2c:d1:3a:
f2:f3:d1:e2:a0:fa:69:f2:07:59:e5:87:0b:43:f8:
de:13:fb:a3:e0:66:4d:19:fc:ae:d2:b5:77:02:41:
43:26:20:fb:86:f3:50:f5:3f:4f:43:8f:fe:96:ad:
55:a4:d3:b1:e3:63:ef:bf:b4:97:f0:ce:6b:ea:b3:
d5:e4:8f:3f:88:e2:be:90:9d:30:be:9a:31:c8:2d:
a6:11:22:30:c5:5b:ce:61:9e:5d:38:5b:3f:59:3b:
f8:8d:66:15:f8:00:4b:94:17:68:b2:5f:cb:f5:68:
5d:5e:8f:aa:dd:7b:15:02:36:42:04:51:93:8a:96:
74:8c:65:55:e8:4b:7a:80:f3:14:2c:7e:16:77:84:
17:7b:ae:c5:cf:49:e6:fe:c9:dd:78:9a:66:89:77:
9f:60:76:ca:86:2c:1a:37:52:09:a0:5c:67:14:c1:
1f:c5:69:ac:9c:38:9f:58:20:6b:7e:14:23:69:58:
fc:98:47:f4:02:93:32:0f:25:52:ec:64:c3:9b:cb:
5b:bf:07:e4:c0:30:0b:a9:5f:f7:8d:61:e9:74:c6:
07:2f:82:e8:be:df:64:34:3f:99:33:a8:54:c0:31:
96:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0B:DF:98:CD:03:98:5B:A5:2F:4B:4C:78:C0:F8:79:55:1F:62:04
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/bQvfmM0DmFulL0tMeMD4eVUfYgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.118.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:98:27:3b:92:74:e4:0a:4c:f3:c0:17:62:92:0b:40:13:36:
82:6c:82:83:49:5d:bf:37:f9:ce:5a:43:5e:6a:9d:29:d3:79:
4b:0b:ec:e9:57:b9:7a:92:55:fa:77:f5:9f:ce:20:4c:c6:96:
2d:35:85:d8:e3:31:c2:48:ba:ad:df:fe:5b:84:78:97:3c:7e:
f6:63:bd:e4:db:14:b5:24:76:86:99:52:aa:37:35:d8:d8:26:
01:be:14:d8:44:84:4c:3e:46:a0:6f:3d:ac:2b:35:f6:dc:e6:
c6:3a:ca:b9:1a:a4:39:85:08:db:41:b5:7f:d7:dc:0b:27:7c:
8a:c7:c5:11:f8:de:47:77:ae:a2:37:4a:3c:97:2a:f1:07:01:
9b:12:01:93:68:de:56:06:c9:9b:8a:9a:dc:5f:44:91:7e:6e:
d8:c4:dc:f5:5e:ac:ec:51:54:3f:95:9d:64:86:4a:6d:e3:4f:
e5:6c:b8:69:f7:d8:22:e7:83:4e:7e:5c:b3:bd:d1:f2:71:4b:
9d:73:3e:f8:29:be:e1:57:bf:3c:c0:80:fb:75:78:b2:2f:24:
e1:8b:e8:84:56:c5:d2:c5:19:0b:c4:f2:4f:3c:35:13:97:e7:
6c:87:8c:ae:33:be:3b:72:dd:31:f1:25:40:89:de:3a:e5:76:
85:e4:dd:30
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEnqrhzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQwYmRmOThjZDAz
OTg1YmE1MmY0YjRjNzhjMGY4Nzk1NTFmNjIwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOdFjjU7YGtOtNPVsivIKf4ruHy3mWqXxX5iLNE68vPR4qD6
afIHWeWHC0P43hP7o+BmTRn8rtK1dwJBQyYg+4bzUPU/T0OP/patVaTTseNj77+0
l/DOa+qz1eSPP4jivpCdML6aMcgtphEiMMVbzmGeXThbP1k7+I1mFfgAS5QXaLJf
y/VoXV6Pqt17FQI2QgRRk4qWdIxlVehLeoDzFCx+FneEF3uuxc9J5v7J3XiaZol3
n2B2yoYsGjdSCaBcZxTBH8VprJw4n1gga34UI2lY/JhH9AKTMg8lUuxkw5vLW78H
5MAwC6lf941h6XTGBy+C6L7fZDQ/mTOoVMAxlqsCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRtC9+YzQOYW6UvS0x4wPh5VR9iBDAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9iUXZmbU0wRG1GdWxMMHRNZU1ENGVWVWZZZ1Eucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTVt2MA0GCSqGSIb3DQEBCwUA
A4IBAQBemCc7knTkCkzzwBdikgtAEzaCbIKDSV2/N/nOWkNeap0p03lLC+zpV7l6
klX6d/WfziBMxpYtNYXY4zHCSLqt3/5bhHiXPH72Y73k2xS1JHaGmVKqNzXY2CYB
vhTYRIRMPkagbz2sKzX23ObGOsq5GqQ5hQjbQbV/19wLJ3yKx8UR+N5Hd66iN0o8
lyrxBwGbEgGTaN5WBsmbiprcX0SRfm7YxNz1XqzsUVQ/lZ1khkpt40/lbLhp99gi
54NOflyzvdHycUudcz74Kb7hV788wID7dXiyLyThi+iEVsXSxRkLxPJPPDUTl+ds
h4yuM747ct0x8SVAid465XaF5N0w
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org