Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/v_i39fg8wU90kf9dlWzbTdkVkuw.roa
File: v_i39fg8wU90kf9dlWzbTdkVkuw.roa (raw, json)
Hash identifier: QWkVyweiNnUyPCTIF1idf95Z2bL1/pS3jpicuq0eToU=
Subject key identifier: BF:F8:B7:F5:F8:3C:C1:4F:74:91:FF:5D:95:6C:DB:4D:D9:15:92:EC
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01866F9887987411CBC2544BF9E7F095FE6D
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/v_i39fg8wU90kf9dlWzbTdkVkuw.roa
Signing time: Mon 20 Feb 2023 16:11:52 +0000
ROA not before: Mon 20 Feb 2023 16:11:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 77.91.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:98:87:98:74:11:cb:c2:54:4b:f9:e7:f0:95:fe:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 20 16:11:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bff8b7f5f83cc14f7491ff5d956cdb4dd91592ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:45:9a:93:f5:74:5c:8c:8d:e3:16:75:eb:f7:
94:e8:69:6f:63:2b:89:92:57:a8:a3:56:1b:b2:c6:
4d:ff:64:d3:b3:e4:b1:1b:b4:7b:4a:de:b1:4d:b2:
43:66:76:80:d5:5d:55:2a:04:ba:e6:40:57:63:9b:
59:ca:02:3d:c3:e6:30:4f:32:51:b7:46:e5:b5:ac:
89:20:e7:60:c9:1b:2b:1e:2b:4d:2b:71:05:98:db:
5a:92:84:8a:b6:7d:8b:f8:cb:22:0a:84:dd:23:e2:
1f:9e:bf:c0:3a:0e:43:5f:7b:7f:fa:69:bd:df:40:
bd:05:27:b2:42:fe:d5:90:ab:15:3d:de:cc:61:d2:
5e:b3:04:79:ec:7e:0a:cf:0a:b2:a2:75:c4:9d:40:
23:77:d2:16:28:24:fe:cb:9d:86:86:c4:69:98:8c:
d3:9a:a3:e6:03:43:98:0e:10:1d:c3:c9:97:58:6f:
cb:10:22:f3:73:9f:3f:fb:6f:e7:9f:7d:af:4c:c6:
f1:cd:16:6b:ec:13:47:d6:f1:67:a6:36:05:ca:1b:
e5:94:1f:de:70:db:6b:08:bd:5c:11:6f:2f:be:2d:
2e:5e:43:a6:a0:b6:ac:9e:b9:cb:ba:b6:18:01:7f:
df:0a:ff:73:99:52:dd:ad:48:52:05:f1:d2:f0:61:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F8:B7:F5:F8:3C:C1:4F:74:91:FF:5D:95:6C:DB:4D:D9:15:92:EC
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/v_i39fg8wU90kf9dlWzbTdkVkuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.75.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b6:15:84:eb:8b:18:3b:80:46:9a:40:09:72:6b:1e:d2:44:
fc:82:72:50:11:11:c4:25:d2:66:43:90:2b:6c:d8:73:88:39:
fa:af:16:bd:c4:3f:2f:ca:07:c5:23:33:40:d8:f3:62:fa:5e:
a2:df:1c:e6:1e:3b:06:6b:e8:94:25:89:a4:12:bb:7b:c5:37:
80:b4:68:9b:df:da:e6:b7:8f:98:e4:d4:43:1f:ec:27:e8:ed:
07:ac:66:dc:e7:6c:5b:c9:b0:36:1d:e5:49:79:db:cc:ad:cf:
d4:75:68:ed:59:0b:ff:31:6e:85:6c:e4:ea:07:18:dc:b0:6e:
a1:e0:06:20:f4:56:cf:bb:d9:d1:47:89:7c:6d:30:71:98:a5:
7b:2b:33:5b:2a:97:10:a6:6e:13:f1:8e:55:98:32:f8:5f:8c:
e6:8b:8c:e9:e6:23:ff:4a:cf:a5:8f:27:f3:ab:b5:0b:7d:e1:
ef:78:0e:67:1f:7c:9b:9b:07:45:e6:b1:0b:8c:e9:87:d0:57:
26:53:0c:07:b9:84:83:f4:77:8e:1d:e3:7d:47:a1:1a:2e:b2:
55:5c:0b:ce:9e:77:c2:86:47:5b:84:3e:fb:8c:18:e8:23:6f:
e4:80:e7:06:5e:3c:8e:9a:02:07:c0:e1:74:dd:9a:74:60:42:
2c:7e:47:01
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZvmIeYdBHLwlRL+efwlf5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjIwMTYxMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmY4YjdmNWY4M2NjMTRmNzQ5MWZmNWQ5NTZjZGI0ZGQ5MTU5MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0Wak/V0XIyN4xZ16/eU6GlvYyuJ
kleoo1YbssZN/2TTs+SxG7R7St6xTbJDZnaA1V1VKgS65kBXY5tZygI9w+YwTzJR
t0bltayJIOdgyRsrHitNK3EFmNtakoSKtn2L+MsiCoTdI+Ifnr/AOg5DX3t/+mm9
30C9BSeyQv7VkKsVPd7MYdJeswR57H4KzwqyonXEnUAjd9IWKCT+y52GhsRpmIzT
mqPmA0OYDhAdw8mXWG/LECLzc58/+2/nn32vTMbxzRZr7BNH1vFnpjYFyhvllB/e
cNtrCL1cEW8vvi0uXkOmoLasnrnLurYYAX/fCv9zmVLdrUhSBfHS8GHnGwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL/4t/X4PMFPdJH/XZVs203ZFZLsMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3ZfaTM5Zmc4d1U5MGtmOWRsV3piVGRrVmt1dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABNW0sw
DQYJKoZIhvcNAQELBQADggEBABO2FYTrixg7gEaaQAlyax7SRPyCclAREcQl0mZD
kCts2HOIOfqvFr3EPy/KB8UjM0DY82L6XqLfHOYeOwZr6JQliaQSu3vFN4C0aJvf
2ua3j5jk1EMf7Cfo7QesZtznbFvJsDYd5Ul528ytz9R1aO1ZC/8xboVs5OoHGNyw
bqHgBiD0Vs+72dFHiXxtMHGYpXsrM1sqlxCmbhPxjlWYMvhfjOaLjOnmI/9Kz6WP
J/OrtQt94e94DmcffJubB0XmsQuM6YfQVyZTDAe5hIP0d44d431HoRouslVcC86e
d8KGR1uEPvuMGOgjb+SA5wZePI6aAgfA4XTdmnRgQix+RwE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:07 2023 by rpki-client on console-ams.rpki-client.org