Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/clVath5U4TW9w9Bm9OYYGjMHDx4.roa
File: clVath5U4TW9w9Bm9OYYGjMHDx4.roa (raw, json)
Hash identifier: wroEBk7fHJp/Dp2h0WeR8/bxciiwSp5bnw43lc2ebaM=
Subject key identifier: 72:55:5A:B6:1E:54:E1:35:BD:C3:D0:66:F4:E6:18:1A:33:07:0F:1E
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01872736B15520421468FE699B3FC3C34EE7
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/clVath5U4TW9w9Bm9OYYGjMHDx4.roa
Signing time: Tue 28 Mar 2023 07:55:08 +0000
ROA not before: Tue 28 Mar 2023 07:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.67.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:36:b1:55:20:42:14:68:fe:69:9b:3f:c3:c3:4e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 28 07:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72555ab61e54e135bdc3d066f4e6181a33070f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:99:21:4c:d5:f1:c2:ac:4a:b3:d7:30:ff:
76:b5:e8:af:fb:12:75:ed:31:21:69:c6:aa:65:cd:
19:fd:9c:b3:30:17:5e:9f:d2:70:e0:68:de:d6:24:
01:9a:a1:76:d6:a9:87:ed:a9:85:4f:da:32:11:2d:
2a:5d:8b:52:56:09:b7:c5:e3:e7:b1:08:0c:22:6d:
31:ca:5b:a0:ac:4f:51:dc:30:13:99:01:0f:ca:ce:
0b:f0:34:0d:ac:85:ad:e1:97:cb:8e:9b:3e:2d:1b:
99:e1:d7:fd:d4:58:8e:7e:d4:4c:c6:69:c6:be:41:
9f:ba:ec:b1:45:72:c1:cb:94:03:6a:a7:d0:0a:b5:
22:63:0e:c9:77:4d:4a:5d:2e:c0:b7:82:77:7e:b8:
cf:30:3a:d1:2d:d6:6c:b0:e6:16:cd:e3:c4:2c:27:
d5:c3:f9:d5:30:7e:f3:da:70:d9:a8:d0:25:eb:e6:
d2:31:4a:43:7a:80:d6:2b:0b:7e:63:24:ad:83:33:
d8:56:5f:f6:3d:f1:a4:5b:87:3b:24:a7:49:ae:c4:
9b:42:34:96:35:9b:79:00:33:e6:6c:61:14:5d:ea:
b0:88:48:30:bb:71:02:0e:32:9b:b7:b5:4d:49:2f:
97:2e:13:4f:17:02:eb:57:57:64:66:f7:3d:41:31:
8e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:55:5A:B6:1E:54:E1:35:BD:C3:D0:66:F4:E6:18:1A:33:07:0F:1E
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/clVath5U4TW9w9Bm9OYYGjMHDx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.67.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:ee:64:fc:d3:9c:82:cc:ff:84:b1:c3:09:31:9e:53:0d:6f:
a4:c6:8b:ba:1a:6a:28:c3:f8:74:6c:7b:fd:42:31:07:e4:0b:
eb:12:d4:aa:91:28:c4:30:7c:7a:5c:2d:71:9c:90:c9:83:55:
bf:af:b6:82:58:43:e9:f6:a6:83:0c:b8:1b:50:04:47:64:9d:
db:27:70:72:5e:bb:e2:d6:fb:ba:13:2b:01:df:ee:4b:ef:8d:
b5:41:8c:51:ef:62:6c:70:51:33:a8:a7:de:7f:b2:15:aa:c3:
37:59:44:cf:eb:ff:12:6d:69:bb:06:c7:da:ea:f8:01:ae:cd:
5f:ae:f6:0f:1c:c3:b8:9e:09:69:d2:05:67:6a:44:b7:5e:cd:
e8:f4:19:4d:dd:d9:b8:5e:86:74:70:17:8d:a4:b4:9d:9c:bd:
b1:e2:4a:ce:8b:95:f1:e3:f5:db:f1:da:0d:dc:94:a3:f5:6c:
04:98:1f:dc:05:cd:e4:93:73:b0:45:bc:13:ec:40:86:a7:eb:
5c:de:d8:1c:68:4c:aa:23:24:93:bd:33:73:b5:17:6f:44:63:
04:f0:92:ef:b6:a8:79:dc:24:6a:d3:b7:18:2d:62:97:e9:24:
0b:94:52:ee:45:4b:c8:13:a7:5e:71:01:09:7f:ca:82:00:9b:
9a:43:b2:6d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYcnNrFVIEIUaP5pmz/Dw07nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMzI4MDc1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU1NWFiNjFlNTRlMTM1YmRjM2QwNjZmNGU2MTgxYTMzMDcwZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB2ZIUzV8cKsSrPXMP92teiv+xJ1
7TEhacaqZc0Z/ZyzMBden9Jw4Gje1iQBmqF21qmH7amFT9oyES0qXYtSVgm3xePn
sQgMIm0xylugrE9R3DATmQEPys4L8DQNrIWt4ZfLjps+LRuZ4df91FiOftRMxmnG
vkGfuuyxRXLBy5QDaqfQCrUiYw7Jd01KXS7At4J3frjPMDrRLdZssOYWzePELCfV
w/nVMH7z2nDZqNAl6+bSMUpDeoDWKwt+YyStgzPYVl/2PfGkW4c7JKdJrsSbQjSW
NZt5ADPmbGEUXeqwiEgwu3ECDjKbt7VNSS+XLhNPFwLrV1dkZvc9QTGOjwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHJVWrYeVOE1vcPQZvTmGBozBw8eMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL2NsVmF0aDVVNFRXOXc5Qm05T1lZR2pNSER4NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW0Mw
DQYJKoZIhvcNAQELBQADggEBAG3uZPzTnILM/4SxwwkxnlMNb6TGi7oaaijD+HRs
e/1CMQfkC+sS1KqRKMQwfHpcLXGckMmDVb+vtoJYQ+n2poMMuBtQBEdkndsncHJe
u+LW+7oTKwHf7kvvjbVBjFHvYmxwUTOop95/shWqwzdZRM/r/xJtabsGx9rq+AGu
zV+u9g8cw7ieCWnSBWdqRLdezej0GU3d2bhehnRwF42ktJ2cvbHiSs6LlfHj9dvx
2g3clKP1bASYH9wFzeSTc7BFvBPsQIan61ze2BxoTKojJJO9M3O1F29EYwTwku+2
qHncJGrTtxgtYpfpJAuUUu5FS8gTp15xAQl/yoIAm5pDsm0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org