Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/mU601UqxgpuY5XpR2uh484LV6Pk.roa
File: mU601UqxgpuY5XpR2uh484LV6Pk.roa (raw, json)
Hash identifier: n9SV30SQs/SB4hb25b00heszSURknA9JNYivKLYEUk0=
Subject key identifier: 99:4E:B4:D5:4A:B1:82:9B:98:E5:7A:51:DA:E8:78:F3:82:D5:E8:F9
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 13F23906
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/mU601UqxgpuY5XpR2uh484LV6Pk.roa
Signing time: Thu 02 Jun 2022 20:43:20 +0000
ROA not before: Thu 02 Jun 2022 20:43:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.67.0/24 maxlen: 32
77.91.112.0/24 maxlen: 32
77.91.117.0/24 maxlen: 32
77.91.118.0/24 maxlen: 32
77.91.115.0/24 maxlen: 32
185.149.144.0/24 maxlen: 32
185.149.145.0/24 maxlen: 32
77.91.119.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334641414 (0x13f23906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jun 2 20:43:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=994eb4d54ab1829b98e57a51dae878f382d5e8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:31:e9:55:1a:b4:92:11:f3:d2:5a:35:1a:
af:e3:08:bc:9d:3a:8e:ef:13:c7:15:b3:2b:02:ec:
6b:9e:8a:c0:c3:27:69:99:79:37:fc:5c:1a:03:d3:
41:09:d5:2e:6d:aa:22:6d:49:11:d4:43:f4:c3:cf:
08:f4:fa:d0:4b:b0:d5:e0:1d:75:ea:c3:1b:18:f6:
90:15:7e:82:02:3d:70:ae:24:c9:ad:15:aa:96:76:
15:dd:2f:1e:f2:21:85:36:79:d9:76:19:8e:3d:7b:
d8:22:75:a5:bc:6d:a6:63:20:f9:a8:a6:7e:81:73:
05:d3:de:18:58:8e:9c:04:77:71:20:a2:e8:bd:08:
ef:b4:47:9e:56:c7:f1:98:e6:b9:55:f5:cb:ec:be:
98:6b:61:73:11:af:12:52:58:da:a4:fe:45:c2:2f:
b6:41:fb:80:21:b1:2d:62:8e:d5:29:62:8a:27:ca:
96:96:7e:36:40:01:4e:98:b3:7a:d0:cb:d3:3a:2a:
78:63:75:49:bc:f9:5b:0a:48:c9:20:f2:ce:2c:71:
01:0b:f9:57:f2:0d:7a:4e:47:88:79:5e:26:81:45:
97:95:c9:9d:45:16:23:9e:6f:a7:ee:73:8f:f0:84:
e2:65:b6:40:1d:b8:83:f0:f5:6b:b0:10:bc:77:87:
55:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4E:B4:D5:4A:B1:82:9B:98:E5:7A:51:DA:E8:78:F3:82:D5:E8:F9
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/mU601UqxgpuY5XpR2uh484LV6Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.67.0/24
77.91.112.0/24
77.91.115.0/24
77.91.117.0-77.91.119.255
185.149.144.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:b8:94:cb:bd:e5:a1:99:d9:3c:d2:ca:4c:95:a5:54:a5:34:
f5:bb:ff:8f:37:04:c9:20:50:16:8e:3a:91:b1:11:4a:ae:19:
eb:66:c3:6c:a5:af:3a:2b:cc:41:6c:92:e0:c7:e7:88:0c:e6:
ef:b8:26:1b:a3:22:63:57:d9:f0:de:4d:de:2b:ee:59:78:73:
b9:92:cd:34:9e:41:d7:ff:90:cc:77:5e:dd:29:fd:4b:2d:05:
25:e1:af:9f:a9:69:1e:67:c8:79:79:70:a4:5e:75:33:5b:56:
f4:31:12:f5:3c:be:28:d6:44:d7:33:f3:0b:e3:80:98:84:02:
21:35:ff:4c:6e:0b:8f:f9:65:fa:d4:32:ad:e9:d3:b0:cf:34:
71:01:b8:b7:bc:38:ae:53:b8:14:6d:66:09:77:df:87:91:00:
6a:13:3b:bf:67:e1:34:9e:4d:d6:48:a4:6b:a5:1c:33:de:8c:
f9:0e:55:32:49:96:c3:e5:a9:09:a1:dd:9f:b1:1b:de:86:ff:
e0:28:7d:cd:45:ba:aa:9f:d8:7a:a8:88:03:aa:f5:73:9d:5f:
a1:9d:40:7e:35:97:79:14:0b:62:56:b4:17:12:71:3a:fe:13:
09:0d:70:ed:10:3e:dc:45:65:d0:af:4a:44:95:dd:52:fd:cb:
17:9c:cc:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEE/I5BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDYw
MjIwNDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk0ZWI0ZDU0YWIx
ODI5Yjk4ZTU3YTUxZGFlODc4ZjM4MmQ1ZThmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWbMelVGrSSEfPSWjUar+MIvJ06ju8TxxWzKwLsa56KwMMn
aZl5N/xcGgPTQQnVLm2qIm1JEdRD9MPPCPT60Euw1eAdderDGxj2kBV+ggI9cK4k
ya0VqpZ2Fd0vHvIhhTZ52XYZjj172CJ1pbxtpmMg+aimfoFzBdPeGFiOnAR3cSCi
6L0I77RHnlbH8ZjmuVX1y+y+mGthcxGvElJY2qT+RcIvtkH7gCGxLWKO1SliiifK
lpZ+NkABTpizetDL0zoqeGN1Sbz5WwpIySDyzixxAQv5V/INek5HiHleJoFFl5XJ
nUUWI55vp+5zj/CE4mW2QB24g/D1a7AQvHeHVbMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSZTrTVSrGCm5jlelHa6HjzgtXo+TAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9tVTYwMVVxeGdwdVk1WHBSMnVoNDg0TFY2UGsucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQATVtDAwQATVtwAwQATVtzMAwD
BABNW3UDBANNW3ADBAG5lZAwDQYJKoZIhvcNAQELBQADggEBAGu4lMu95aGZ2TzS
ykyVpVSlNPW7/483BMkgUBaOOpGxEUquGetmw2ylrzorzEFskuDH54gM5u+4Jhuj
ImNX2fDeTd4r7ll4c7mSzTSeQdf/kMx3Xt0p/UstBSXhr5+paR5nyHl5cKRedTNb
VvQxEvU8vijWRNcz8wvjgJiEAiE1/0xuC4/5ZfrUMq3p07DPNHEBuLe8OK5TuBRt
Zgl334eRAGoTO79n4TSeTdZIpGulHDPejPkOVTJJlsPlqQmh3Z+xG96G/+Aofc1F
uqqf2HqoiAOq9XOdX6GdQH41l3kUC2JWtBcScTr+EwkNcO0QPtxFZdCvSkSV3VL9
yxeczAo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org