Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/k6fdVUyE4dT0aOVzwcY6T1mL9_Y.roa
File: k6fdVUyE4dT0aOVzwcY6T1mL9_Y.roa (raw, json)
Hash identifier: h6r+pbCC/zU6J6BDdkJMdnbp/XoQK29t/ZVc00i/Q1A=
Subject key identifier: 93:A7:DD:55:4C:84:E1:D4:F4:68:E5:73:C1:C6:3A:4F:59:8B:F7:F6
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018625B8498857BE01EFEE0F4434D8F14936
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/k6fdVUyE4dT0aOVzwcY6T1mL9_Y.roa
Signing time: Mon 06 Feb 2023 07:54:39 +0000
ROA not before: Mon 06 Feb 2023 07:54:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 77.91.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:b8:49:88:57:be:01:ef:ee:0f:44:34:d8:f1:49:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 6 07:54:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93a7dd554c84e1d4f468e573c1c63a4f598bf7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c7:cf:b1:cd:13:88:00:2a:2d:24:2d:d3:36:
e2:29:ac:1c:70:6c:e3:55:05:0b:6e:00:72:84:ca:
9a:db:10:f2:e1:02:bc:e5:eb:1b:9d:b3:a3:2f:42:
bb:20:a9:b7:69:e4:88:31:f3:bf:76:36:a1:08:55:
6f:8f:b0:fe:1a:20:72:e3:39:83:d2:de:5d:18:79:
00:ee:c6:91:c8:1d:b8:8f:53:b6:ad:1b:cb:4a:64:
b0:48:49:13:90:56:f9:e9:bd:25:25:29:ec:23:3f:
f5:41:41:81:da:d9:0f:29:fc:bf:ba:14:6d:bb:f7:
14:22:83:1d:1f:d2:09:88:96:3f:bf:10:66:5c:31:
9b:cc:d7:0c:f2:d2:9b:9e:27:7d:dc:db:94:ca:98:
58:db:4a:42:c2:c5:14:58:7d:e2:4e:4e:68:3c:d3:
0f:96:6f:c3:c4:5d:92:7b:ee:70:cb:7f:66:9b:53:
b1:a2:40:b8:84:d5:32:32:0d:46:e3:f8:18:e1:cd:
48:30:32:d6:6d:3f:7b:ed:63:4b:25:66:a8:7a:85:
71:6f:b8:a7:b5:19:84:7b:46:32:02:22:23:0d:39:
a2:27:61:52:f1:dd:f1:77:41:ef:df:da:77:f3:db:
49:8a:48:9a:81:05:85:42:0d:7f:c5:c3:73:d6:2a:
b2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A7:DD:55:4C:84:E1:D4:F4:68:E5:73:C1:C6:3A:4F:59:8B:F7:F6
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/k6fdVUyE4dT0aOVzwcY6T1mL9_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:68:0a:27:20:8f:b4:13:19:ca:7f:eb:29:5f:ff:3d:67:4e:
a5:20:4a:41:0f:58:17:d3:05:19:55:3c:fb:e8:b0:11:18:46:
8c:45:7d:69:3a:19:74:77:e4:ea:ba:cf:e7:29:f6:f1:64:14:
69:0b:15:45:50:43:4c:ac:14:25:41:5b:8c:f9:8a:87:1c:98:
63:b6:86:f9:77:8b:fa:99:9f:3e:a2:55:14:14:b9:93:cf:a5:
24:cd:ff:80:aa:37:c0:f6:ec:9c:23:32:b3:b7:a4:c9:e0:a6:
b1:8d:92:02:40:05:53:4d:c3:96:a2:d0:13:5e:5b:b5:25:e4:
a3:d6:2e:d9:87:df:01:34:cd:6d:86:01:da:c9:9b:d8:2e:92:
3f:d3:03:8e:20:69:ba:dc:a4:ea:d4:b2:cc:46:aa:29:eb:8d:
95:fc:8b:bf:23:73:8d:56:9b:5a:2e:c3:b7:62:8f:cd:fd:3a:
10:c1:0a:c7:8f:ac:78:7c:16:a9:31:b6:5b:4b:07:7d:62:da:
b6:a7:c0:77:c9:30:c2:f3:89:fe:4b:2c:7a:fe:ef:f6:7f:f9:
d9:4d:c0:f5:32:e3:52:46:bb:02:0d:1d:23:82:00:71:71:68:
40:73:9f:88:52:41:6c:d8:0f:23:f2:71:f8:e0:00:79:fd:bc:
03:29:c2:ea
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYYluEmIV74B7+4PRDTY8Uk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjA2MDc1NDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E3ZGQ1NTRjODRlMWQ0ZjQ2OGU1NzNjMWM2M2E0ZjU5OGJmN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMfPsc0TiAAqLSQt0zbiKawccGzj
VQULbgByhMqa2xDy4QK85esbnbOjL0K7IKm3aeSIMfO/djahCFVvj7D+GiBy4zmD
0t5dGHkA7saRyB24j1O2rRvLSmSwSEkTkFb56b0lJSnsIz/1QUGB2tkPKfy/uhRt
u/cUIoMdH9IJiJY/vxBmXDGbzNcM8tKbnid93NuUyphY20pCwsUUWH3iTk5oPNMP
lm/DxF2Se+5wy39mm1OxokC4hNUyMg1G4/gY4c1IMDLWbT977WNLJWaoeoVxb7in
tRmEe0YyAiIjDTmiJ2FS8d3xd0Hv39p389tJikiagQWFQg1/xcNz1iqyfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJOn3VVMhOHU9Gjlc8HGOk9Zi/f2MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL2s2ZmRWVXlFNGRUMGFPVnp3Y1k2VDFtTDlfWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW0kw
DQYJKoZIhvcNAQELBQADggEBAKdoCicgj7QTGcp/6ylf/z1nTqUgSkEPWBfTBRlV
PPvosBEYRoxFfWk6GXR35Oq6z+cp9vFkFGkLFUVQQ0ysFCVBW4z5ioccmGO2hvl3
i/qZnz6iVRQUuZPPpSTN/4CqN8D27JwjMrO3pMngprGNkgJABVNNw5ai0BNeW7Ul
5KPWLtmH3wE0zW2GAdrJm9gukj/TA44gabrcpOrUssxGqinrjZX8i78jc41Wm1ou
w7dij839OhDBCsePrHh8FqkxtltLB31i2ranwHfJMMLzif5LLHr+7/Z/+dlNwPUy
41JGuwINHSOCAHFxaEBzn4hSQWzYDyPycfjgAHn9vAMpwuo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:57 2024 by rpki-client on console-ams.rpki-client.org