Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/up6Y7FXKkHSNJTsoOLVPqXLyS9U.roa
File: up6Y7FXKkHSNJTsoOLVPqXLyS9U.roa (raw, json)
Hash identifier: 3xwp9QgOfPMVncKqT6LrwQkPdheKZzSiT9v2wJVRKUM=
Subject key identifier: BA:9E:98:EC:55:CA:90:74:8D:25:3B:28:38:B5:4F:A9:72:F2:4B:D5
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 0184ADFF778308875E3743C421A0D0E91AC8
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/up6Y7FXKkHSNJTsoOLVPqXLyS9U.roa
Signing time: Fri 25 Nov 2022 08:55:11 +0000
ROA not before: Fri 25 Nov 2022 08:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 77.91.103.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:ff:77:83:08:87:5e:37:43:c4:21:a0:d0:e9:1a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Nov 25 08:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba9e98ec55ca90748d253b2838b54fa972f24bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b8:3f:ee:eb:77:6d:05:db:b2:fa:37:35:f8:
e0:ff:8c:52:11:2c:ef:8f:24:be:42:be:33:bc:b0:
b9:e1:87:35:1c:95:be:4a:2a:06:ba:6a:bb:0a:a2:
2b:5c:33:32:b0:26:21:01:5e:01:6f:35:11:00:01:
f7:69:30:95:6e:94:ce:3c:7f:47:da:b4:97:df:ed:
85:0d:4a:de:77:23:c1:b8:ee:66:22:0b:aa:ef:4f:
01:ce:5e:61:c1:60:0d:a0:7d:d6:f6:b4:b5:8c:a0:
ec:f3:13:d5:0c:b0:55:52:c6:dd:2b:42:31:25:10:
e5:e2:1e:7e:cd:ee:df:36:68:ff:63:65:1a:4c:b6:
b2:94:76:2b:9a:4f:ed:65:5a:94:09:e4:c3:6f:82:
0d:25:a1:a8:1f:b2:39:ba:32:39:b2:7e:f1:53:28:
b8:ce:0d:02:ee:03:c4:1c:2f:b7:47:c3:89:8e:84:
04:f4:5f:18:5e:74:4c:8e:38:f4:52:2c:55:06:a6:
b6:9a:c3:6d:32:94:03:3a:2a:e0:6b:18:1a:f1:e4:
c4:69:fe:cb:bc:d6:80:2b:06:7f:4d:19:59:c8:3d:
2b:f3:75:40:d8:c0:9c:1c:a6:35:a4:2b:7f:40:bb:
1a:19:3d:d6:85:e3:97:16:99:76:a0:b8:5a:72:e0:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9E:98:EC:55:CA:90:74:8D:25:3B:28:38:B5:4F:A9:72:F2:4B:D5
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/up6Y7FXKkHSNJTsoOLVPqXLyS9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.103.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4b:d5:ae:2e:57:43:f3:de:3e:73:14:0b:08:23:be:d4:5d:
a8:2e:d9:fc:4a:93:ca:e3:48:1a:02:2a:ea:83:05:eb:6f:da:
3e:88:80:96:32:f4:d2:f3:3e:8a:07:0b:86:18:3a:9c:1d:57:
3b:19:de:0d:b0:2e:88:53:12:05:1e:7e:2e:a4:17:68:77:20:
b7:73:11:4a:52:e5:f1:9d:ee:5b:db:d9:8f:4c:96:f8:8c:6c:
fc:d2:89:2d:bd:d1:93:be:e1:6c:ac:0a:7f:8f:9e:31:2c:74:
d7:d5:e0:09:63:63:f0:d9:c5:56:6c:74:f9:79:83:dc:82:b2:
6a:87:1d:88:82:d5:af:aa:62:6a:33:e2:1e:be:d5:58:57:68:
55:3c:47:dd:e5:f4:a2:2f:f0:46:46:67:62:0f:a3:69:ba:78:
16:9a:56:38:23:b0:1e:cc:d8:0c:26:f1:c2:86:22:04:d8:74:
53:9a:72:9a:fc:16:e1:8f:35:0f:b3:10:99:d8:24:6a:63:dd:
eb:7e:5a:d0:ae:34:69:71:9c:18:ad:94:35:24:fb:3d:a1:de:
53:fd:ad:45:17:52:00:fe:90:d6:fd:cf:89:99:43:3d:f9:f2:
fa:85:e8:ef:f0:3b:d0:15:36:39:16:d0:ab:60:69:e3:0b:b0:
15:68:ca:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYSt/3eDCIdeN0PEIaDQ6RrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjIxMTI1MDg1NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTllOThlYzU1Y2E5MDc0OGQyNTNiMjgzOGI1NGZhOTcyZjI0YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7g/7ut3bQXbsvo3Nfjg/4xSESzv
jyS+Qr4zvLC54Yc1HJW+SioGumq7CqIrXDMysCYhAV4BbzURAAH3aTCVbpTOPH9H
2rSX3+2FDUredyPBuO5mIguq708Bzl5hwWANoH3W9rS1jKDs8xPVDLBVUsbdK0Ix
JRDl4h5+ze7fNmj/Y2UaTLaylHYrmk/tZVqUCeTDb4INJaGoH7I5ujI5sn7xUyi4
zg0C7gPEHC+3R8OJjoQE9F8YXnRMjjj0UixVBqa2msNtMpQDOirgaxga8eTEaf7L
vNaAKwZ/TRlZyD0r83VA2MCcHKY1pCt/QLsaGT3WheOXFpl2oLhacuCQuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLqemOxVypB0jSU7KDi1T6ly8kvVMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3VwNlk3RlhLa0hTTkpUc29PTFZQcVhMeVM5VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW2cw
DQYJKoZIhvcNAQELBQADggEBAJBL1a4uV0Pz3j5zFAsII77UXagu2fxKk8rjSBoC
KuqDBetv2j6IgJYy9NLzPooHC4YYOpwdVzsZ3g2wLohTEgUefi6kF2h3ILdzEUpS
5fGd7lvb2Y9MlviMbPzSiS290ZO+4WysCn+PnjEsdNfV4AljY/DZxVZsdPl5g9yC
smqHHYiC1a+qYmoz4h6+1VhXaFU8R93l9KIv8EZGZ2IPo2m6eBaaVjgjsB7M2Awm
8cKGIgTYdFOacpr8FuGPNQ+zEJnYJGpj3et+WtCuNGlxnBitlDUk+z2h3lP9rUUX
UgD+kNb9z4mZQz358vqF6O/wO9AVNjkW0KtgaeMLsBVoyhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:05 2024 by rpki-client on console-fra.rpki-client.org