Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/o0fAe75gkASltCd80wxR9D5GKKc.roa
File: o0fAe75gkASltCd80wxR9D5GKKc.roa (raw, json)
Hash identifier: WnrNeUw0a7G4sR3Z0a3mz7Rh/pKbtwInIAC1xxGU34g=
Subject key identifier: A3:47:C0:7B:BE:60:90:04:A5:B4:27:7C:D3:0C:51:F4:3E:46:28:A7
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0185B03789815B34446D1AF7C4871C0D5E2F
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/o0fAe75gkASltCd80wxR9D5GKKc.roa
Signing time: Sat 14 Jan 2023 12:18:27 +0000
ROA not before: Sat 14 Jan 2023 12:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 77.91.76.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:37:89:81:5b:34:44:6d:1a:f7:c4:87:1c:0d:5e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 14 12:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a347c07bbe609004a5b4277cd30c51f43e4628a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:94:b9:2d:32:ec:f4:29:8d:90:14:0e:b4:
a6:88:c2:af:a3:84:9f:5a:cd:f5:d0:99:90:0a:dd:
2d:87:c0:07:e4:d8:c1:17:43:06:d1:63:7c:c3:0d:
9a:5d:ec:88:20:39:5a:3f:54:a6:f0:32:ad:de:17:
a9:bc:e8:7e:ea:df:12:ff:ca:a9:c2:d6:b8:f7:c6:
41:e6:5d:c4:a1:e9:f5:aa:1c:4b:8e:60:49:39:96:
3f:38:28:43:91:96:65:be:4c:fd:0f:8b:b4:9d:07:
12:6d:5a:14:71:e3:8b:d9:e3:9a:e7:36:d4:38:7f:
00:1b:28:a4:c8:26:db:ec:64:ec:35:18:9c:bd:2a:
f8:1a:2a:71:d0:1e:23:a7:db:6e:bc:34:f1:c2:6a:
67:df:a5:b4:8c:32:ae:50:25:13:05:e9:03:b8:a7:
a2:10:3b:1e:38:3a:5f:b7:1f:79:94:a9:03:4f:14:
3e:b8:fa:87:58:b9:64:ec:ce:05:cf:b4:ec:f4:30:
db:8d:af:11:25:d1:bc:c4:05:8e:8f:d3:5d:4f:da:
f8:b9:b1:94:0e:68:9b:13:a4:01:bd:96:2e:54:27:
7e:58:ff:23:b0:79:1e:e4:55:79:19:63:e7:0d:10:
c7:84:7d:bf:7c:c5:1a:8c:e5:46:0d:4c:59:10:4e:
3d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:47:C0:7B:BE:60:90:04:A5:B4:27:7C:D3:0C:51:F4:3E:46:28:A7
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/o0fAe75gkASltCd80wxR9D5GKKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.76.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5c:57:ed:bc:78:43:a2:d7:b8:5d:f3:a3:ef:d0:b8:98:15:
57:c6:ff:22:b1:41:f1:64:6d:34:45:c5:11:1c:1c:58:d9:36:
a5:6f:f4:32:ac:11:c2:be:6e:cc:2a:e4:e2:59:aa:f6:e2:ee:
61:8e:0c:6a:5e:c1:1f:ac:c5:f8:a1:7e:a1:dc:5a:2c:25:dd:
50:ea:29:27:10:d6:c5:3a:42:33:48:5b:7e:34:a2:12:44:0e:
81:de:34:7e:9b:13:18:48:65:bc:da:6e:86:12:ad:14:19:86:
2f:ba:fb:0b:7b:bd:7c:5d:75:52:86:51:62:3a:44:63:1e:36:
b5:ec:6c:33:47:ec:13:34:51:e0:a8:eb:da:10:a1:a3:b9:93:
c9:6d:0b:10:5b:78:ca:21:59:b4:30:60:5a:ca:97:e6:93:2b:
94:d8:03:c6:cc:ad:fe:89:fa:44:4a:ca:1e:d1:59:1e:68:ca:
67:bd:3e:db:48:5b:1c:62:81:b8:63:ad:64:18:de:5c:6e:f5:
a2:10:6f:0f:0d:6d:e7:ea:7a:2c:fa:cf:9d:e5:70:0e:df:36:
fa:ad:14:52:19:50:0d:e4:0a:24:09:99:79:81:59:84:20:83:
e0:d3:68:7e:c7:bb:ee:03:ed:db:7c:b8:eb:b3:0d:1d:ba:30:
07:e2:30:32
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYWwN4mBWzREbRr3xIccDV4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTE0MTIxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQ3YzA3YmJlNjA5MDA0YTViNDI3N2NkMzBjNTFmNDNlNDYyOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2CUuS0y7PQpjZAUDrSmiMKvo4Sf
Ws310JmQCt0th8AH5NjBF0MG0WN8ww2aXeyIIDlaP1Sm8DKt3hepvOh+6t8S/8qp
wta498ZB5l3Eoen1qhxLjmBJOZY/OChDkZZlvkz9D4u0nQcSbVoUceOL2eOa5zbU
OH8AGyikyCbb7GTsNRicvSr4Gipx0B4jp9tuvDTxwmpn36W0jDKuUCUTBekDuKei
EDseODpftx95lKkDTxQ+uPqHWLlk7M4Fz7Ts9DDbja8RJdG8xAWOj9NdT9r4ubGU
DmibE6QBvZYuVCd+WP8jsHke5FV5GWPnDRDHhH2/fMUajOVGDUxZEE49twIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKNHwHu+YJAEpbQnfNMMUfQ+RiinMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL28wZkFlNzVna0FTbHRDZDgwd3hSOUQ1R0tLYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW0ww
DQYJKoZIhvcNAQELBQADggEBAJ5cV+28eEOi17hd86Pv0LiYFVfG/yKxQfFkbTRF
xREcHFjZNqVv9DKsEcK+bswq5OJZqvbi7mGODGpewR+sxfihfqHcWiwl3VDqKScQ
1sU6QjNIW340ohJEDoHeNH6bExhIZbzaboYSrRQZhi+6+wt7vXxddVKGUWI6RGMe
NrXsbDNH7BM0UeCo69oQoaO5k8ltCxBbeMohWbQwYFrKl+aTK5TYA8bMrf6J+kRK
yh7RWR5oyme9PttIWxxigbhjrWQY3lxu9aIQbw8Nbefqeiz6z53lcA7fNvqtFFIZ
UA3kCiQJmXmBWYQgg+DTaH7Hu+4D7dt8uOuzDR26MAfiMDI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org