Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kRbdeUavzyD7Uj5YEfCkjqFy4Pk.roa
File: kRbdeUavzyD7Uj5YEfCkjqFy4Pk.roa (raw, json)
Hash identifier: 9blRr5rTYpWFNBnhAsqfKno4QS9KeKXVamQUtIwU6H8=
Subject key identifier: 91:16:DD:79:46:AF:CF:20:FB:52:3E:58:11:F0:A4:8E:A1:72:E0:F9
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 134657BC
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kRbdeUavzyD7Uj5YEfCkjqFy4Pk.roa
Signing time: Wed 30 Mar 2022 11:49:53 +0000
ROA not before: Wed 30 Mar 2022 11:49:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
77.91.101.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323377084 (0x134657bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Mar 30 11:49:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9116dd7946afcf20fb523e5811f0a48ea172e0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:58:52:c4:8c:56:a2:a1:02:95:64:6e:c8:
13:a7:c9:e4:28:d0:9e:00:e9:b4:f2:e4:34:98:e0:
f9:fe:a1:59:94:7c:c8:53:a6:63:29:e0:84:df:0e:
4c:c6:2a:ae:5c:eb:3c:7b:de:2c:e8:08:d4:cf:2d:
cd:3b:82:90:eb:0a:b4:85:92:59:b7:b0:38:33:91:
0a:3e:fd:f3:99:67:c8:34:85:0e:cb:93:fe:75:bb:
34:82:71:85:85:cb:b4:12:6e:12:b3:61:cd:5c:25:
8a:ba:c3:18:bf:de:bd:61:42:90:47:b8:1d:8e:09:
0b:09:66:61:af:e8:81:27:5a:6b:b3:a7:44:bc:aa:
ba:55:26:c3:fc:d4:a0:f2:fb:16:70:02:2a:5c:57:
af:c3:7c:99:bd:6d:07:ed:c9:2d:d0:ca:f2:94:84:
08:9c:5e:bd:ee:34:ea:e8:42:5f:7c:fc:19:16:06:
b6:23:d6:ac:b9:4d:41:ef:8b:44:af:70:16:de:b4:
c7:4e:fe:05:cc:f3:f9:48:a5:9f:de:5f:97:2a:91:
43:5b:98:1f:6c:b4:ce:0d:62:52:55:a0:b6:bd:70:
9a:f7:62:48:6e:48:8e:d0:dc:cd:3e:02:5f:5e:ef:
c2:73:68:0c:ea:b2:8b:0e:2d:bb:43:bf:73:1c:69:
c8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:16:DD:79:46:AF:CF:20:FB:52:3E:58:11:F0:A4:8E:A1:72:E0:F9
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/kRbdeUavzyD7Uj5YEfCkjqFy4Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.100.0-77.91.102.255
Signature Algorithm: sha256WithRSAEncryption
6a:94:64:a4:a2:76:54:65:ea:65:20:0a:05:4a:85:a7:3d:e6:
35:0c:82:a4:78:05:ff:45:73:3a:91:b6:54:b5:0d:84:37:a2:
5d:88:f8:ab:c6:ca:84:75:89:d7:c9:ce:63:f1:26:38:db:ce:
d9:0c:1a:47:04:4a:7e:8d:84:33:d8:c9:fb:df:42:97:73:4b:
c6:22:f7:30:92:08:0b:f6:75:72:4a:f5:90:06:b9:6a:73:10:
a8:52:1a:e7:38:1a:6b:44:d3:15:8b:98:59:1e:53:3e:78:be:
a5:b3:9c:84:d1:ce:6d:23:53:96:e9:aa:72:15:73:35:f3:33:
bd:a4:0d:5f:5c:b0:87:d1:79:c3:6d:bf:aa:fd:c7:2a:09:69:
9c:1b:bd:0a:49:eb:1e:92:f5:a6:d6:dd:f7:8f:c8:53:b5:0e:
91:10:88:9f:ba:bf:02:24:db:64:24:ea:fd:df:72:15:65:83:
2c:7f:ea:2d:32:5c:5a:30:bf:d0:6f:76:0e:da:b6:ab:f5:24:
0f:e6:aa:4b:b8:14:6c:9f:f6:cc:0b:25:9f:43:00:bb:c2:7f:
e4:a8:eb:c4:89:66:df:ec:dd:b4:01:ef:b8:26:45:84:69:b1:
ae:90:14:a2:df:7a:9f:0c:58:c1:17:77:18:50:74:fb:e5:bf:
75:58:4a:6c
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIEE0ZXvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDMz
MDExNDk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTExNmRkNzk0NmFm
Y2YyMGZiNTIzZTU4MTFmMGE0OGVhMTcyZTBmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBdWFLEjFaioQKVZG7IE6fJ5CjQngDptPLkNJjg+f6hWZR8
yFOmYynghN8OTMYqrlzrPHveLOgI1M8tzTuCkOsKtIWSWbewODORCj7985lnyDSF
DsuT/nW7NIJxhYXLtBJuErNhzVwlirrDGL/evWFCkEe4HY4JCwlmYa/ogSdaa7On
RLyqulUmw/zUoPL7FnACKlxXr8N8mb1tB+3JLdDK8pSECJxeve406uhCX3z8GRYG
tiPWrLlNQe+LRK9wFt60x07+Bczz+Uiln95flyqRQ1uYH2y0zg1iUlWgtr1wmvdi
SG5IjtDczT4CX17vwnNoDOqyiw4tu0O/cxxpyAMCAwEAAaOCAhMwggIPMB0GA1Ud
DgQWBBSRFt15Rq/PIPtSPlgR8KSOoXLg+TAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9rUmJkZVVhdnp5RDdVajVZRWZDa2pxRnk0UGsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJNW2QDBABNW2YwDQYJKoZI
hvcNAQELBQADggEBAGqUZKSidlRl6mUgCgVKhac95jUMgqR4Bf9FczqRtlS1DYQ3
ol2I+KvGyoR1idfJzmPxJjjbztkMGkcESn6NhDPYyfvfQpdzS8Yi9zCSCAv2dXJK
9ZAGuWpzEKhSGuc4GmtE0xWLmFkeUz54vqWznITRzm0jU5bpqnIVczXzM72kDV9c
sIfRecNtv6r9xyoJaZwbvQpJ6x6S9abW3fePyFO1DpEQiJ+6vwIk22Qk6v3fchVl
gyx/6i0yXFowv9Bvdg7atqv1JA/mqku4FGyf9swLJZ9DALvCf+So68SJZt/s3bQB
77gmRYRpsa6QFKLfep8MWMEXdxhQdPvlv3VYSmw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org