Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sT5gbc17csnYDgES1_m1BMliI5U.roa
File: sT5gbc17csnYDgES1_m1BMliI5U.roa (raw, json)
Hash identifier: GWL41iatkiZeLbvmF6S/4RSMZhifx4/TUCP+iO1PDlk=
Subject key identifier: B1:3E:60:6D:CD:7B:72:C9:D8:0E:01:12:D7:F9:B5:04:C9:62:23:95
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305DF3DCDB2CF98D2913DEE68F8D8D
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sT5gbc17csnYDgES1_m1BMliI5U.roa
Signing time: Mon 02 Jan 2023 01:54:55 +0000
ROA not before: Mon 02 Jan 2023 01:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56322
IP address blocks: 77.91.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5d:f3:dc:db:2c:f9:8d:29:13:de:e6:8f:8d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b13e606dcd7b72c9d80e0112d7f9b504c9622395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1c:f7:62:c3:9d:8a:bf:ad:7a:59:df:79:c9:
ca:84:b7:b2:59:98:c7:ea:e3:59:14:f8:98:84:7e:
7e:de:48:41:11:f2:2c:ed:34:f0:28:34:39:71:38:
c6:9d:c1:ca:f9:11:9d:ab:21:08:a5:ff:91:62:2e:
19:71:de:19:24:1e:b3:28:1b:75:98:cd:4b:d5:de:
0d:1d:65:27:1f:90:bc:cc:a3:bf:59:2c:20:3d:7e:
5d:21:6a:80:bd:d7:d0:54:04:74:5f:92:2c:59:8d:
6d:67:14:93:53:25:e2:99:f1:38:11:06:f1:0b:78:
61:85:b5:a3:7c:42:4c:da:a2:47:bb:39:60:81:5f:
f9:64:7b:3f:47:94:59:f8:9b:1d:3e:f0:e9:85:d0:
27:4f:6d:26:fd:17:3d:a7:11:12:26:6c:49:b4:2b:
1e:bf:ee:bb:fc:85:4c:49:97:c1:ce:0c:eb:39:60:
45:41:1d:d4:89:8e:1f:e1:90:00:39:3e:ca:48:09:
d0:81:ba:20:fc:2e:53:6f:37:a8:34:f6:79:85:ee:
10:5b:e1:ca:2f:2c:01:83:bd:c4:0a:de:78:83:c1:
e2:2c:f4:a8:fa:91:a3:18:43:e0:84:ad:4e:44:bd:
5e:97:0e:6e:3f:56:a2:93:98:46:14:7c:d0:4e:ab:
5b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3E:60:6D:CD:7B:72:C9:D8:0E:01:12:D7:F9:B5:04:C9:62:23:95
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/sT5gbc17csnYDgES1_m1BMliI5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.72.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4d:90:4f:60:53:37:9c:b5:ed:33:a3:3e:1e:df:f9:e5:d3:
b3:a1:03:b1:c4:07:cb:19:5f:c5:8a:93:74:c1:ac:4e:ae:a3:
97:45:f4:98:85:b3:ab:af:64:a2:51:5d:c0:28:1f:98:8c:3a:
27:60:e6:45:e4:ba:e8:26:4f:23:a2:a4:c3:f1:56:e3:67:2f:
ea:7b:b4:f4:89:fc:68:8c:c2:fa:5a:71:36:b2:d3:46:c9:cd:
b4:8b:31:ee:e8:e7:dc:c7:3d:b5:ed:2a:a4:52:15:ba:30:ad:
ad:a0:b5:6d:1f:ce:14:8b:e7:99:10:85:8b:7a:d0:bd:b1:2a:
0e:01:c4:61:af:0f:20:d8:25:26:81:9c:6f:0a:d7:27:c7:88:
66:6b:64:78:4e:05:76:37:44:2b:47:cd:dd:43:4b:6c:1e:cb:
5c:35:a5:ab:2a:55:6a:20:8c:7a:84:ea:89:7f:59:7a:c6:d5:
f7:1d:5a:b6:c3:c7:84:26:35:3e:a2:f2:07:79:91:f3:aa:54:
ec:6b:96:cc:86:63:b2:ce:99:00:7d:9d:83:28:d8:01:52:f5:
2c:e4:59:b3:f9:ee:12:ad:87:f5:a5:c0:df:09:9c:31:0f:9a:
7d:af:96:50:0b:b3:53:25:4b:ef:24:85:f2:d7:6a:36:9f:da:
d6:86:d0:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwMF3z3Nss+Y0pE97mj42NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNlNjA2ZGNkN2I3MmM5ZDgwZTAxMTJkN2Y5YjUwNGM5NjIyMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphz3YsOdir+telnfecnKhLeyWZjH
6uNZFPiYhH5+3khBEfIs7TTwKDQ5cTjGncHK+RGdqyEIpf+RYi4Zcd4ZJB6zKBt1
mM1L1d4NHWUnH5C8zKO/WSwgPX5dIWqAvdfQVAR0X5IsWY1tZxSTUyXimfE4EQbx
C3hhhbWjfEJM2qJHuzlggV/5ZHs/R5RZ+JsdPvDphdAnT20m/Rc9pxESJmxJtCse
v+67/IVMSZfBzgzrOWBFQR3UiY4f4ZAAOT7KSAnQgbog/C5TbzeoNPZ5he4QW+HK
LywBg73ECt54g8HiLPSo+pGjGEPghK1ORL1elw5uP1aik5hGFHzQTqtbWQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLE+YG3Ne3LJ2A4BEtf5tQTJYiOVMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3NUNWdiYzE3Y3NuWURnRVMxX20xQk1saUk1VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW0gw
DQYJKoZIhvcNAQELBQADggEBAD1NkE9gUzecte0zoz4e3/nl07OhA7HEB8sZX8WK
k3TBrE6uo5dF9JiFs6uvZKJRXcAoH5iMOidg5kXkuugmTyOipMPxVuNnL+p7tPSJ
/GiMwvpacTay00bJzbSLMe7o59zHPbXtKqRSFbowra2gtW0fzhSL55kQhYt60L2x
Kg4BxGGvDyDYJSaBnG8K1yfHiGZrZHhOBXY3RCtHzd1DS2wey1w1pasqVWogjHqE
6ol/WXrG1fcdWrbDx4QmNT6i8gd5kfOqVOxrlsyGY7LOmQB9nYMo2AFS9SzkWbP5
7hKth/WlwN8JnDEPmn2vllALs1MlS+8khfLXajaf2taG0EA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org