Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sASdB-6qh5Zj8Jz4_52724beIRs.roa
File: sASdB-6qh5Zj8Jz4_52724beIRs.roa (raw, json)
Hash identifier: lu35xf02vvYw7p2NzmS4h81+6kv+fzmCQ8usJ05mjaw=
Subject key identifier: B0:04:9D:07:EE:AA:87:96:63:F0:9C:F8:FF:9D:BB:DB:86:DE:21:1B
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0184AB71C64FFF4F4B45BF5C4FD0F072AF76
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sASdB-6qh5Zj8Jz4_52724beIRs.roa
Signing time: Thu 24 Nov 2022 21:01:11 +0000
ROA not before: Thu 24 Nov 2022 21:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.103.0/24 maxlen: 24
77.91.101.0/24 maxlen: 24
77.91.122.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ab:71:c6:4f:ff:4f:4b:45:bf:5c:4f:d0:f0:72:af:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Nov 24 21:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0049d07eeaa879663f09cf8ff9dbbdb86de211b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2f:01:5c:28:98:0c:83:bd:08:19:41:3a:ca:
99:89:45:e9:04:c2:b2:d0:60:cb:0a:ef:3f:2d:88:
38:17:23:71:b7:40:50:21:22:ea:83:e4:1f:66:14:
af:62:77:e2:ce:c4:2c:44:03:23:58:51:79:16:8b:
09:ac:ed:98:92:fd:ce:2b:16:59:24:0c:c2:5f:73:
c1:d2:c5:50:92:d5:7e:28:25:88:f8:0d:d1:a1:3f:
7a:cb:8b:50:d2:a4:e7:f2:23:17:89:17:2d:76:49:
09:6e:95:c9:42:ac:30:56:46:e9:93:01:45:b2:a5:
a9:89:00:0c:74:ea:d3:3b:f0:67:1b:38:65:52:2c:
23:b0:47:94:0f:21:5a:12:f7:23:bb:c4:5c:5f:75:
e4:2a:f2:d8:8c:23:dd:84:c4:54:0e:93:75:df:3f:
89:c9:5b:ba:fa:3b:25:d2:89:ce:51:77:63:05:a1:
81:7e:37:47:11:c6:a5:d4:24:a6:7c:e4:13:e8:29:
01:39:ae:db:b1:cc:5e:14:15:fa:ac:67:4b:3a:62:
eb:9b:69:df:7b:28:4a:3b:e3:a4:a6:60:b7:55:7a:
1c:c0:51:8f:9e:0c:f8:6b:fd:65:4a:1a:a9:ef:da:
9f:05:68:99:f8:8e:0a:90:4f:d1:46:79:27:4b:1c:
82:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:04:9D:07:EE:AA:87:96:63:F0:9C:F8:FF:9D:BB:DB:86:DE:21:1B
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sASdB-6qh5Zj8Jz4_52724beIRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.75.0/24
77.91.101.0/24
77.91.103.0/24
77.91.122.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:83:c6:a8:1f:2e:8c:3a:d6:4a:24:6a:b0:09:51:b1:54:a4:
c2:c6:76:a2:37:8b:4a:40:44:ea:91:4d:1c:d0:45:ed:c7:2d:
bf:4b:bc:2b:40:b2:91:56:5a:7f:7e:1f:47:7a:3e:b3:6b:8b:
7b:92:5e:40:c2:dd:5c:74:6c:5d:cc:0a:10:97:da:a3:99:6a:
5b:3f:dc:15:ba:0e:ea:c9:d6:9f:66:cf:1b:1b:45:38:40:98:
b1:35:ca:85:ce:da:7b:49:c8:84:a7:f0:97:16:f5:d6:dd:47:
12:df:5e:c5:d8:11:89:bb:11:23:2a:93:72:35:93:29:ff:1f:
2d:ab:2e:45:90:0d:b1:5b:76:26:86:d2:be:72:e9:16:06:08:
09:79:60:37:e9:44:a0:9f:5a:f4:14:eb:78:d8:8b:c6:c9:bc:
38:5a:cd:37:b3:cd:66:c5:0e:f4:18:ea:cd:28:87:35:8b:30:
17:53:9d:8f:43:f5:e6:c7:75:aa:55:26:ce:9e:a1:99:8f:a2:
6d:86:cb:1c:9e:9f:fb:51:68:62:89:86:66:b1:db:51:a4:99:
0d:40:51:ad:7d:ad:eb:f5:c2:94:31:17:9e:ea:a5:33:37:e6:
e8:ad:09:3c:7d:eb:03:c4:e5:df:81:ac:76:49:27:07:74:19:
62:6f:da:e5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYSrccZP/09LRb9cT9Dwcq92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjIxMTI0MjEwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDA0OWQwN2VlYWE4Nzk2NjNmMDljZjhmZjlkYmJkYjg2ZGUyMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5y8BXCiYDIO9CBlBOsqZiUXpBMKy
0GDLCu8/LYg4FyNxt0BQISLqg+QfZhSvYnfizsQsRAMjWFF5FosJrO2Ykv3OKxZZ
JAzCX3PB0sVQktV+KCWI+A3RoT96y4tQ0qTn8iMXiRctdkkJbpXJQqwwVkbpkwFF
sqWpiQAMdOrTO/BnGzhlUiwjsEeUDyFaEvcju8RcX3XkKvLYjCPdhMRUDpN13z+J
yVu6+jsl0onOUXdjBaGBfjdHEcal1CSmfOQT6CkBOa7bscxeFBX6rGdLOmLrm2nf
eyhKO+OkpmC3VXocwFGPngz4a/1lShqp79qfBWiZ+I4KkE/RRnknSxyCLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLAEnQfuqoeWY/Cc+P+du9uG3iEbMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3NBU2RCLTZxaDVaajhKejRfNTI3MjRiZUlScy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABNW0sD
BABNW2UDBABNW2cDBAFNW3owDQYJKoZIhvcNAQELBQADggEBAB+DxqgfLow61kok
arAJUbFUpMLGdqI3i0pAROqRTRzQRe3HLb9LvCtAspFWWn9+H0d6PrNri3uSXkDC
3Vx0bF3MChCX2qOZals/3BW6DurJ1p9mzxsbRThAmLE1yoXO2ntJyISn8JcW9dbd
RxLfXsXYEYm7ESMqk3I1kyn/Hy2rLkWQDbFbdiaG0r5y6RYGCAl5YDfpRKCfWvQU
63jYi8bJvDhazTezzWbFDvQY6s0ohzWLMBdTnY9D9ebHdapVJs6eoZmPom2Gyxye
n/tRaGKJhmax21GkmQ1AUa19rev1wpQxF57qpTM35uitCTx96wPE5d+BrHZJJwd0
GWJv2uU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org