Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/smdmdnY3tGkFcZeXTPTTrfMWUjs.roa
File: smdmdnY3tGkFcZeXTPTTrfMWUjs.roa (raw, json)
Hash identifier: DsdBhYceg2KUJjlB4IVHL6FkfyEP7Csw/hLBFaQhAeI=
Subject key identifier: B2:67:66:76:76:37:B4:69:05:71:97:97:4C:F4:D3:AD:F3:16:52:3B
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305AEED06F14B1EDBDE80B212E87EC
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/smdmdnY3tGkFcZeXTPTTrfMWUjs.roa
Signing time: Mon 02 Jan 2023 01:54:55 +0000
ROA not before: Mon 02 Jan 2023 01:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 77.91.75.0/24 maxlen: 24
77.91.74.0/24 maxlen: 24
77.91.73.0/24 maxlen: 24
77.91.102.0/24 maxlen: 24
77.91.100.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5a:ee:d0:6f:14:b1:ed:bd:e8:0b:21:2e:87:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b26766767637b469057197974cf4d3adf316523b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e2:ee:ab:36:fa:b6:d8:e1:d5:13:d9:e4:00:
0b:95:ec:3b:ff:8f:62:24:61:80:c4:5b:50:3d:ef:
b6:00:76:21:02:76:7a:38:37:e4:55:81:88:45:02:
76:34:5a:04:a6:15:c0:a7:8b:11:f4:8b:34:89:ef:
de:6d:21:9d:20:94:26:a0:86:fe:81:85:2d:e5:d5:
87:4c:d0:4b:68:6e:f5:17:2d:e1:07:9f:4c:94:eb:
26:c8:9e:24:c2:60:75:ab:a2:34:87:69:1d:69:5c:
27:af:84:30:98:8d:c5:19:4f:fc:2e:4a:26:53:22:
53:3e:57:ba:99:a5:b4:49:a3:5d:46:38:79:43:bb:
6e:8f:26:09:be:2c:b2:39:4d:15:d9:a2:3a:6d:8d:
0c:72:fa:2a:1c:bc:8b:99:3b:e9:09:a6:3c:dc:8b:
53:fb:8a:87:82:b1:29:19:01:30:32:d1:9c:eb:5c:
8f:96:27:34:df:87:24:ae:7c:b1:00:0c:39:73:79:
c2:9e:09:87:a6:c9:d8:8b:51:85:1f:a0:c0:0e:39:
db:fc:da:ff:88:e6:46:bf:e7:24:d3:d3:35:6b:90:
3f:31:e8:42:0c:ec:04:55:b5:9e:c9:5a:d0:6c:2d:
06:10:f9:f7:af:af:2c:5c:0f:5b:42:64:31:26:11:
a1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:67:66:76:76:37:B4:69:05:71:97:97:4C:F4:D3:AD:F3:16:52:3B
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/smdmdnY3tGkFcZeXTPTTrfMWUjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.73.0-77.91.75.255
77.91.100.0/24
77.91.102.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c6:b3:d9:bd:05:ce:f1:7a:d0:6a:db:4f:fb:e4:50:7a:9b:
4e:66:b4:0f:45:a1:09:49:7e:2e:df:b5:8d:dd:12:ad:d7:6f:
49:c4:94:f4:fc:1d:fe:fa:c6:c2:79:23:99:9b:14:b5:ce:62:
0d:fa:ed:95:6e:53:b7:e2:96:f0:cf:45:a0:1a:40:d8:e6:8b:
e6:a7:28:35:a3:4a:b6:9d:dc:15:2b:fe:45:e0:3a:fd:26:81:
ce:58:b0:07:fa:96:34:e8:32:e9:c5:8f:3d:ba:64:32:c4:82:
ee:84:0b:0e:08:b5:49:9e:bd:ca:04:f7:6a:c9:18:1c:36:7e:
6a:ae:a0:8d:e3:bc:72:77:7c:6e:86:70:b0:43:b0:ad:73:cd:
c1:e7:54:60:48:9b:7f:9a:ab:06:12:8e:67:02:dc:89:c3:11:
ac:a6:a8:42:6d:c2:e7:81:1c:22:04:06:b2:25:d4:f4:15:b3:
d3:6b:53:44:46:52:b1:21:5f:99:33:9c:30:56:fc:fd:9e:b9:
ac:14:86:45:52:ab:2e:e2:cc:f1:f5:af:bd:ab:ba:5c:69:20:
d3:e7:aa:96:86:e9:74:f4:92:33:b4:c4:44:00:af:34:5a:45:
41:e5:2f:f3:ba:32:0e:50:17:9d:9a:68:c1:2f:a6:fd:6e:1a:
1c:82:a6:78
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVwMFru0G8Use296AshLofsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY3NjY3Njc2MzdiNDY5MDU3MTk3OTc0Y2Y0ZDNhZGYzMTY1MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeLuqzb6ttjh1RPZ5AALlew7/49i
JGGAxFtQPe+2AHYhAnZ6ODfkVYGIRQJ2NFoEphXAp4sR9Is0ie/ebSGdIJQmoIb+
gYUt5dWHTNBLaG71Fy3hB59MlOsmyJ4kwmB1q6I0h2kdaVwnr4QwmI3FGU/8Lkom
UyJTPle6maW0SaNdRjh5Q7tujyYJviyyOU0V2aI6bY0McvoqHLyLmTvpCaY83ItT
+4qHgrEpGQEwMtGc61yPlic034ckrnyxAAw5c3nCngmHpsnYi1GFH6DADjnb/Nr/
iOZGv+ck09M1a5A/MehCDOwEVbWeyVrQbC0GEPn3r68sXA9bQmQxJhGh2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLJnZnZ2N7RpBXGXl0z0063zFlI7MB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3NtZG1kblkzdEdrRmNaZVhUUFRUcmZNV1Vqcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBowDAMEAE1b
SQMEAk1bSAMEAE1bZAMEAE1bZjANBgkqhkiG9w0BAQsFAAOCAQEAX8az2b0FzvF6
0GrbT/vkUHqbTma0D0WhCUl+Lt+1jd0SrddvScSU9Pwd/vrGwnkjmZsUtc5iDfrt
lW5Tt+KW8M9FoBpA2OaL5qcoNaNKtp3cFSv+ReA6/SaBzliwB/qWNOgy6cWPPbpk
MsSC7oQLDgi1SZ69ygT3askYHDZ+aq6gjeO8cnd8boZwsEOwrXPNwedUYEibf5qr
BhKOZwLcicMRrKaoQm3C54EcIgQGsiXU9BWz02tTREZSsSFfmTOcMFb8/Z65rBSG
RVKrLuLM8fWvvau6XGkg0+eqlobpdPSSM7TERACvNFpFQeUv87oyDlAXnZpowS+m
/W4aHIKmeA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org