Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/eIsfE6Gi7bDoRtmS0nZquF3x42c.roa
File: eIsfE6Gi7bDoRtmS0nZquF3x42c.roa (raw, json)
Hash identifier: mkGaVQPCTXePybHQpQSUKW9mF68ivE2zw5xyXkPRGbA=
Subject key identifier: 78:8B:1F:13:A1:A2:ED:B0:E8:46:D9:92:D2:76:6A:B8:5D:F1:E3:67
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 1349B4F2
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/eIsfE6Gi7bDoRtmS0nZquF3x42c.roa
Signing time: Wed 30 Mar 2022 17:07:15 +0000
ROA not before: Wed 30 Mar 2022 17:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.103.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
77.91.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323597554 (0x1349b4f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 30 17:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=788b1f13a1a2edb0e846d992d2766ab85df1e367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ca:fb:38:64:d4:c5:29:a9:7e:9c:76:b8:e2:
0c:c9:9c:65:4a:3d:49:29:98:37:25:3c:1c:22:52:
05:9b:45:d4:a8:94:87:28:45:73:0c:7f:b4:d4:a6:
78:3c:ae:7e:15:67:1e:82:f0:13:33:48:af:58:98:
52:7f:be:a4:70:07:ec:cc:cc:5b:ed:c6:69:5b:6d:
81:9c:96:52:ce:3f:67:8b:d8:ee:83:3b:a3:55:5f:
e3:e9:1c:65:61:47:45:81:03:87:84:94:49:d0:d8:
ba:3f:a4:25:16:80:28:58:70:ef:88:de:db:bd:bd:
1f:8f:36:59:c9:c0:ca:ab:0c:d7:44:26:e8:1e:c4:
e5:20:16:94:82:37:91:30:82:75:8a:52:88:2c:ff:
f6:59:91:0c:ea:1b:b1:e6:86:e8:c4:d2:58:ff:40:
62:30:57:49:bc:72:64:4e:be:9c:56:3d:08:9f:a0:
70:a2:12:8f:28:3a:47:bc:3e:be:33:be:4c:c7:ee:
ac:c1:d7:33:ff:c2:21:5b:e1:4c:e0:87:a0:4f:70:
40:4b:8e:17:77:eb:c1:79:89:26:7e:25:44:3e:ca:
0d:a6:50:bc:f7:d9:33:11:e3:41:5b:29:64:e4:7c:
6a:7a:92:e9:ca:dd:01:cf:01:fa:c1:08:c3:5d:16:
6e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8B:1F:13:A1:A2:ED:B0:E8:46:D9:92:D2:76:6A:B8:5D:F1:E3:67
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/eIsfE6Gi7bDoRtmS0nZquF3x42c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.100.0/22
Signature Algorithm: sha256WithRSAEncryption
02:20:75:b0:67:e6:01:13:b0:3a:8d:50:cd:a2:4d:97:da:b4:
1a:22:ec:54:f0:06:0e:a7:3f:89:55:27:57:89:0d:d0:83:f8:
50:3c:ef:8c:3b:f6:08:e6:af:ea:17:ba:63:d2:35:ad:dc:e3:
7a:55:f6:78:3c:03:ea:a5:da:8b:a8:22:47:2c:27:49:ae:b4:
7b:af:73:4b:e2:9f:74:c8:84:5e:aa:f0:2b:8b:f9:d1:22:84:
a6:bc:22:60:c0:70:e8:27:2e:6a:f7:4a:44:55:15:03:9e:94:
20:1a:bf:d4:ef:ff:cb:e3:61:90:37:63:82:80:01:89:5e:36:
6d:40:c1:9d:35:a4:0f:57:51:ef:76:8a:00:8b:e3:88:85:71:
f3:a5:a7:fc:65:25:04:e3:a8:37:25:8b:0e:ab:e7:32:0b:95:
ab:5a:63:4a:e6:1e:75:d5:85:21:29:76:64:04:21:4e:10:ee:
a1:f6:fe:0e:d5:da:8f:3a:09:c4:51:82:fb:30:87:b3:37:85:
d7:e8:73:9f:12:cc:28:63:f3:9b:4d:61:b9:e1:8e:a2:c1:99:
57:fa:87:6f:c6:54:8f:20:90:25:25:79:90:9a:f4:b4:07:9f:
5b:09:90:09:b7:32:40:37:88:26:17:13:e0:c7:39:c8:a2:4e:
87:88:57:de
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEE0m08jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDMz
MDE3MDcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg4YjFmMTNhMWEy
ZWRiMGU4NDZkOTkyZDI3NjZhYjg1ZGYxZTM2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPK+zhk1MUpqX6cdrjiDMmcZUo9SSmYNyU8HCJSBZtF1KiU
hyhFcwx/tNSmeDyufhVnHoLwEzNIr1iYUn++pHAH7MzMW+3GaVttgZyWUs4/Z4vY
7oM7o1Vf4+kcZWFHRYEDh4SUSdDYuj+kJRaAKFhw74je2729H482WcnAyqsM10Qm
6B7E5SAWlII3kTCCdYpSiCz/9lmRDOobseaG6MTSWP9AYjBXSbxyZE6+nFY9CJ+g
cKISjyg6R7w+vjO+TMfurMHXM//CIVvhTOCHoE9wQEuOF3frwXmJJn4lRD7KDaZQ
vPfZMxHjQVspZOR8anqS6crdAc8B+sEIw10WbgMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBR4ix8ToaLtsOhG2ZLSdmq4XfHjZzAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9lSXNmRTZHaTdiRG9SdG1TMG5acXVGM3g0MmMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTVtkMA0GCSqGSIb3DQEBCwUA
A4IBAQACIHWwZ+YBE7A6jVDNok2X2rQaIuxU8AYOpz+JVSdXiQ3Qg/hQPO+MO/YI
5q/qF7pj0jWt3ON6VfZ4PAPqpdqLqCJHLCdJrrR7r3NL4p90yIReqvAri/nRIoSm
vCJgwHDoJy5q90pEVRUDnpQgGr/U7//L42GQN2OCgAGJXjZtQMGdNaQPV1HvdooA
i+OIhXHzpaf8ZSUE46g3JYsOq+cyC5WrWmNK5h511YUhKXZkBCFOEO6h9v4O1dqP
OgnEUYL7MIezN4XX6HOfEswoY/ObTWG54Y6iwZlX+odvxlSPIJAlJXmQmvS0B59b
CZAJtzJAN4gmFxPgxznIok6HiFfe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org