Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/feYtNHfjGrxxJDnlB6XKqimY1p0.roa
File: feYtNHfjGrxxJDnlB6XKqimY1p0.roa (raw, json)
Hash identifier: aaPgZZ6Fk4Al6mUU4QWJcvRQBPMF2k3jnJ28R2VUOIQ=
Subject key identifier: 7D:E6:2D:34:77:E3:1A:BC:71:24:39:E5:07:A5:CA:AA:29:98:D6:9D
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 127D165E
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/feYtNHfjGrxxJDnlB6XKqimY1p0.roa
Signing time: Sat 01 Jan 2022 15:05:37 +0000
ROA not before: Sat 01 Jan 2022 15:05:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56340
IP address blocks: 77.91.104.0/21 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310187614 (0x127d165e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7de62d3477e31abc712439e507a5caaa2998d69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0d:96:ce:f0:a5:07:b8:6a:c6:c1:9b:3a:ea:
1a:a2:df:ca:14:03:df:05:ff:b0:f0:40:0b:6e:31:
6b:b4:da:c1:e7:01:c7:79:29:e0:78:4e:96:d7:87:
d3:6c:32:e0:06:02:eb:72:b3:92:33:0e:82:89:88:
e4:9b:0a:0b:19:bb:1d:39:dc:cc:59:40:33:a5:85:
6d:99:f7:36:ee:cd:2e:d8:9f:0a:f2:7b:01:de:ab:
81:9b:f4:ec:79:24:72:f4:12:fd:62:7a:14:4d:08:
9b:0e:5f:7f:ce:18:6c:a6:ab:45:c8:da:4e:26:81:
29:d8:3e:03:01:fa:e0:82:46:ec:dd:6b:00:3c:d7:
4f:6c:3b:e4:ef:bf:25:94:39:6c:a0:f5:ba:61:30:
6a:bd:6a:55:6c:27:9f:05:42:ee:67:59:f1:9e:cb:
38:7c:18:3f:95:41:f7:dc:c9:bb:d8:73:c4:39:b1:
34:0a:1e:cc:0a:a6:e9:57:25:f1:af:9a:51:7f:a0:
dc:51:18:b4:9a:b9:f0:bb:01:f4:48:35:8a:ab:9e:
b2:65:58:f3:d9:24:35:65:03:03:29:04:6e:64:02:
13:40:a1:e3:19:c6:6e:d6:ef:5f:82:fc:13:2c:a3:
18:8e:cf:70:b3:d8:da:0d:f6:82:6d:a2:d0:67:c1:
bb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E6:2D:34:77:E3:1A:BC:71:24:39:E5:07:A5:CA:AA:29:98:D6:9D
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/feYtNHfjGrxxJDnlB6XKqimY1p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.104.0/21
Signature Algorithm: sha256WithRSAEncryption
84:9f:e3:a4:8b:d8:6d:54:e1:9a:5c:c1:cd:1c:e2:22:e2:80:
64:0c:e3:eb:e3:31:3f:8a:e6:92:3f:8e:02:20:13:37:62:2c:
f6:72:50:81:be:44:2f:b1:7b:55:c7:5a:2d:1b:0a:d1:10:6e:
2a:ad:3a:26:f9:af:89:ff:0f:e6:34:de:48:2f:54:00:d3:8a:
a7:59:b5:bc:f5:5d:45:cd:fe:d9:e0:4a:23:f7:f7:06:54:a3:
db:ca:13:ed:9d:c2:ae:52:2b:c8:4c:6a:b5:79:83:fa:14:9b:
3c:04:24:46:cd:6d:8e:f0:01:92:17:f5:51:f6:2f:92:b3:78:
89:e3:4c:5c:4f:19:07:44:3d:d5:c6:23:bf:28:16:c2:45:64:
07:27:54:a7:8d:82:98:4d:77:11:a9:e1:74:3c:1e:61:46:ea:
a2:4c:02:8c:79:47:e7:05:cd:f1:d1:e3:08:23:41:9a:38:a9:
f3:74:d3:a3:7d:04:d1:c9:a7:71:51:eb:22:ad:37:0d:dd:b8:
b0:ca:2c:2b:f1:b1:a2:d2:92:5a:79:11:57:98:19:65:83:92:
21:ea:bb:f3:1b:35:eb:6e:12:3e:b6:51:32:0c:19:a7:c9:0b:
78:cf:69:88:f9:d8:30:a3:01:d8:8f:91:af:d0:06:26:0d:4f:
81:e6:d2:9d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEn0WXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RlNjJkMzQ3N2Uz
MWFiYzcxMjQzOWU1MDdhNWNhYWEyOTk4ZDY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMNls7wpQe4asbBmzrqGqLfyhQD3wX/sPBAC24xa7TawecB
x3kp4HhOlteH02wy4AYC63KzkjMOgomI5JsKCxm7HTnczFlAM6WFbZn3Nu7NLtif
CvJ7Ad6rgZv07HkkcvQS/WJ6FE0Imw5ff84YbKarRcjaTiaBKdg+AwH64IJG7N1r
ADzXT2w75O+/JZQ5bKD1umEwar1qVWwnnwVC7mdZ8Z7LOHwYP5VB99zJu9hzxDmx
NAoezAqm6Vcl8a+aUX+g3FEYtJq58LsB9Eg1iquesmVY89kkNWUDAykEbmQCE0Ch
4xnGbtbvX4L8EyyjGI7PcLPY2g32gm2i0GfBu5kCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBR95i00d+MavHEkOeUHpcqqKZjWnTAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9mZVl0TkhmakdyeHhKRG5sQjZYS3FpbVkxcDAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTVtoMA0GCSqGSIb3DQEBCwUA
A4IBAQCEn+Oki9htVOGaXMHNHOIi4oBkDOPr4zE/iuaSP44CIBM3Yiz2clCBvkQv
sXtVx1otGwrREG4qrTom+a+J/w/mNN5IL1QA04qnWbW89V1Fzf7Z4Eoj9/cGVKPb
yhPtncKuUivITGq1eYP6FJs8BCRGzW2O8AGSF/VR9i+Ss3iJ40xcTxkHRD3VxiO/
KBbCRWQHJ1SnjYKYTXcRqeF0PB5hRuqiTAKMeUfnBc3x0eMII0GaOKnzdNOjfQTR
yadxUesirTcN3biwyiwr8bGi0pJaeRFXmBllg5Ih6rvzGzXrbhI+tlEyDBmnyQt4
z2mI+dgwowHYj5Gv0AYmDU+B5tKd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org