Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sSH7AiSSnWXODa-tZs4O0I4NMmg.roa
File: sSH7AiSSnWXODa-tZs4O0I4NMmg.roa (raw, json)
Hash identifier: ee/lH25bE7G+scdG4Rl7KCH/d0DubdQe8MKv5CGbBnQ=
Subject key identifier: B1:21:FB:02:24:92:9D:65:CE:0D:AF:AD:66:CE:0E:D0:8E:0D:32:68
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 127F9D21
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sSH7AiSSnWXODa-tZs4O0I4NMmg.roa
Signing time: Sat 01 Jan 2022 15:05:39 +0000
ROA not before: Sat 01 Jan 2022 15:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206066
IP address blocks: 77.91.122.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310353185 (0x127f9d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 1 15:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b121fb0224929d65ce0dafad66ce0ed08e0d3268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:47:85:44:c8:e1:a0:e6:a7:c4:b7:00:58:9d:
ff:20:10:0e:3b:5d:83:6d:4c:c8:67:7a:aa:5d:fe:
07:33:b7:de:ee:29:ef:b8:44:7d:44:91:d8:bb:db:
41:e5:e0:11:7e:a0:3e:f1:7b:b4:d4:b1:bf:9b:85:
32:9b:d3:79:f8:9a:fb:ec:7b:9b:95:9f:ed:5e:95:
5d:0f:94:87:ec:4d:ab:f8:a3:6a:e8:e1:41:1c:27:
34:ab:88:ab:a3:70:67:93:89:60:b4:6b:6c:8d:68:
07:c0:e2:7f:8c:ee:c4:7e:df:0e:2a:a7:ff:18:d6:
7a:59:a9:7f:9e:ca:79:a5:36:0c:23:f9:5e:38:41:
0a:40:6d:1a:f2:d7:87:97:c9:43:b7:f1:fa:df:35:
26:8f:00:19:06:f6:40:44:99:ca:41:e7:f4:74:94:
51:1d:e7:e2:92:62:1c:6f:b3:5a:b7:17:96:8f:bf:
72:84:c7:32:91:c0:fc:d2:75:fa:73:f2:27:df:80:
fc:b9:de:0e:d2:15:a8:a5:a0:09:5e:d9:ce:7b:e3:
be:92:cb:47:22:33:69:ed:3e:9c:0f:10:64:c2:1e:
f6:7e:5a:bd:b8:92:fb:fc:61:aa:9a:bf:af:0d:12:
7e:4f:07:b9:43:04:ae:fd:f0:25:c8:c4:f7:ed:98:
b8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:FB:02:24:92:9D:65:CE:0D:AF:AD:66:CE:0E:D0:8E:0D:32:68
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sSH7AiSSnWXODa-tZs4O0I4NMmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.122.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:1b:32:f9:f7:b9:1a:05:50:d4:9e:bf:9f:84:3a:7f:87:a6:
bb:ff:c6:5b:fb:0e:60:0a:3d:b0:fd:09:c4:c0:ea:5e:9e:9f:
b6:05:ce:70:6d:90:97:82:a2:c7:5d:5d:bf:c5:69:6c:25:d9:
5b:77:6b:dd:45:07:a7:4b:bf:bb:87:e6:c2:31:22:6b:cb:72:
e5:c4:40:08:cd:48:84:f2:eb:cb:dc:8e:7b:c7:ea:b8:c4:94:
c4:e7:13:57:45:ac:24:c5:54:5d:cb:31:f5:e8:37:20:56:d7:
f5:6f:45:18:1a:59:1a:2d:45:40:3b:04:e2:b1:7a:43:09:4c:
6d:c3:93:9f:7d:e3:52:50:2b:97:d2:92:ac:48:b5:52:10:64:
e5:f1:80:e3:35:8c:75:bc:c4:ce:20:64:8f:dd:06:d8:ac:76:
f3:4f:8a:f2:cf:70:59:4f:b0:e4:2b:a3:b8:d3:08:32:8e:f2:
89:bd:24:91:0d:b8:8b:6d:82:3d:cc:18:a7:41:25:a3:81:ee:
0c:41:64:03:71:2b:49:cd:12:30:35:5f:36:65:59:99:20:d8:
62:c5:bc:b1:31:20:2b:32:23:5a:cf:c5:b8:54:a6:5e:e6:b2:
cc:4f:1b:ed:5f:d0:12:86:05:69:90:04:9f:34:1e:17:0b:62:
b7:c5:c2:fb
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEEn+dITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YjMyZTlmNGFhMzJhYmE3MzEyZmFiMDU0YjE3NGRjZThjNTE1Y2EzMB4XDTIyMDEw
MTE1MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEyMWZiMDIyNDky
OWQ2NWNlMGRhZmFkNjZjZTBlZDA4ZTBkMzI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1HhUTI4aDmp8S3AFid/yAQDjtdg21MyGd6ql3+BzO33u4p
77hEfUSR2LvbQeXgEX6gPvF7tNSxv5uFMpvTefia++x7m5Wf7V6VXQ+Uh+xNq/ij
aujhQRwnNKuIq6NwZ5OJYLRrbI1oB8Dif4zuxH7fDiqn/xjWelmpf57KeaU2DCP5
XjhBCkBtGvLXh5fJQ7fx+t81Jo8AGQb2QESZykHn9HSUUR3n4pJiHG+zWrcXlo+/
coTHMpHA/NJ1+nPyJ9+A/LneDtIVqKWgCV7ZznvjvpLLRyIzae0+nA8QZMIe9n5a
vbiS+/xhqpq/rw0Sfk8HuUMErv3wJcjE9+2YuAECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSxIfsCJJKdZc4Nr61mzg7Qjg0yaDAfBgNVHSMEGDAWgBT7Mun0qjKrpzEv
qwVLF03OjFFcozAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2UyLzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2Yv
MS9zU0g3QWlTU25XWE9EYS10WnM0TzBJNE5NbWcucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Uy
LzI3ODY2My1iMTM1LTRkYjEtYTA0NC0yMDYyNGIzYzE1N2YvMS8xLXpMcDlLb3lx
NmN4TDZzRlN4ZE56b3hSWEtNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTVt6MA0GCSqGSIb3DQEBCwUA
A4IBAQA6GzL597kaBVDUnr+fhDp/h6a7/8Zb+w5gCj2w/QnEwOpenp+2Bc5wbZCX
gqLHXV2/xWlsJdlbd2vdRQenS7+7h+bCMSJry3LlxEAIzUiE8uvL3I57x+q4xJTE
5xNXRawkxVRdyzH16DcgVtf1b0UYGlkaLUVAOwTisXpDCUxtw5OffeNSUCuX0pKs
SLVSEGTl8YDjNYx1vMTOIGSP3QbYrHbzT4ryz3BZT7DkK6O40wgyjvKJvSSRDbiL
bYI9zBinQSWjge4MQWQDcStJzRIwNV82ZVmZINhixbyxMSArMiNaz8W4VKZe5rLM
TxvtX9AShgVpkASfNB4XC2K3xcL7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org