Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/x0c5K9jLaCXVebRu9BM2NERXkEk.roa
File: x0c5K9jLaCXVebRu9BM2NERXkEk.roa (raw, json)
Hash identifier: XLwwSJaRMqsJFayqm+VV60dZv8g2Fp2qug66s4Oy8Uo=
Subject key identifier: C7:47:39:2B:D8:CB:68:25:D5:79:B4:6E:F4:13:36:34:44:57:90:49
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 018570305FFD09961270ADF450DCAC1ABED5
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/x0c5K9jLaCXVebRu9BM2NERXkEk.roa
Signing time: Mon 02 Jan 2023 01:54:56 +0000
ROA not before: Mon 02 Jan 2023 01:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64419
IP address blocks: 77.91.120.0/24 maxlen: 32
77.91.120.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5f:fd:09:96:12:70:ad:f4:50:dc:ac:1a:be:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Jan 2 01:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c747392bd8cb6825d579b46ef413363444579049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:71:ea:0a:93:66:fc:10:08:0d:1e:d3:7e:5b:
a9:cb:ba:9e:ba:e8:05:57:30:a4:e7:27:0d:b9:11:
04:43:b4:f4:b8:75:aa:f9:43:07:1d:53:24:37:06:
53:4b:f9:79:e6:49:cc:d8:8e:ff:ba:92:30:b3:8f:
31:6c:55:d3:fc:fa:39:7d:6f:8f:dc:41:16:96:23:
73:97:fc:8d:3b:3c:da:96:c5:32:c3:ef:7b:1d:24:
2b:87:75:ea:f7:74:21:65:cf:e1:05:05:b6:32:bc:
ec:fc:6c:76:db:55:b6:c1:a0:4d:82:49:a5:3c:02:
b3:d5:08:c0:f4:9d:13:54:b9:c0:cd:2d:42:79:5d:
d1:1b:d4:bb:e8:c2:ad:62:6b:fc:55:52:26:b7:ea:
43:0c:d2:e1:9f:0e:e7:d1:7c:64:d1:b1:9a:17:86:
39:64:6e:ab:ec:ab:4f:42:3b:06:70:c3:23:e1:ec:
53:36:ab:b2:1c:34:80:6c:15:8e:3e:59:a7:53:e0:
52:d8:70:e1:16:08:4c:b4:d3:9f:c9:50:7f:02:26:
5b:81:75:3c:55:ac:f7:37:5f:ac:6c:4d:4a:d1:c6:
a6:50:af:89:28:57:00:f5:f8:90:2a:56:93:1b:3f:
c5:34:5f:2f:70:5d:33:86:22:35:e6:f6:4f:d3:51:
69:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:47:39:2B:D8:CB:68:25:D5:79:B4:6E:F4:13:36:34:44:57:90:49
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/x0c5K9jLaCXVebRu9BM2NERXkEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.120.0/23
Signature Algorithm: sha256WithRSAEncryption
63:ed:3b:ca:96:c6:85:a7:0f:e1:c0:2d:93:36:84:6d:1f:c1:
94:73:a8:36:27:e5:be:2c:d0:36:00:8b:88:de:a8:16:05:9b:
d2:69:26:a1:f4:92:a6:48:4c:74:3f:21:79:5c:21:41:b1:01:
0e:ae:86:63:72:66:3c:e5:d7:35:dc:02:f3:fe:07:3b:65:8a:
20:33:16:57:35:5e:cf:ed:e6:3d:d0:ce:bd:dd:3c:b6:a5:a7:
57:f9:80:d4:3c:85:7e:bd:bc:f8:8c:29:05:15:da:11:c8:ec:
ae:6a:c6:05:01:47:db:5c:e9:8b:b7:86:e3:d6:c9:79:01:bd:
20:24:cc:ed:5a:5c:f5:09:3d:d0:0f:eb:83:f6:7b:91:ca:26:
25:87:bf:95:08:20:f9:05:92:0b:44:6d:d4:38:9a:e9:24:c0:
a5:f1:8c:33:69:c2:4c:84:f0:11:cd:08:20:b4:67:c0:a2:da:
7c:4a:97:3f:e5:db:7b:62:df:77:1c:05:bb:8d:47:cb:9d:89:
a6:8e:84:8a:c8:01:63:0f:d0:c2:14:de:4d:aa:09:35:93:f2:
d2:6c:c6:37:d1:eb:ee:8d:95:39:84:31:89:92:69:39:c4:3e:
8b:85:5e:4d:c5:0f:9f:03:80:da:e7:03:d5:7f:e8:96:62:45:
95:ac:81:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwMF/9CZYScK30UNysGr7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMTAyMDE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzQ3MzkyYmQ4Y2I2ODI1ZDU3OWI0NmVmNDEzMzYzNDQ0NTc5MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XHqCpNm/BAIDR7Tflupy7qeuugF
VzCk5ycNuREEQ7T0uHWq+UMHHVMkNwZTS/l55knM2I7/upIws48xbFXT/Po5fW+P
3EEWliNzl/yNOzzalsUyw+97HSQrh3Xq93QhZc/hBQW2Mrzs/Gx221W2waBNgkml
PAKz1QjA9J0TVLnAzS1CeV3RG9S76MKtYmv8VVImt+pDDNLhnw7n0Xxk0bGaF4Y5
ZG6r7KtPQjsGcMMj4exTNquyHDSAbBWOPlmnU+BS2HDhFghMtNOfyVB/AiZbgXU8
Vaz3N1+sbE1K0camUK+JKFcA9fiQKlaTGz/FNF8vcF0zhiI15vZP01FpcQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMdHOSvYy2gl1Xm0bvQTNjREV5BJMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL3gwYzVLOWpMYUNYVmViUnU5Qk0yTkVSWGtFay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFNW3gw
DQYJKoZIhvcNAQELBQADggEBAGPtO8qWxoWnD+HALZM2hG0fwZRzqDYn5b4s0DYA
i4jeqBYFm9JpJqH0kqZITHQ/IXlcIUGxAQ6uhmNyZjzl1zXcAvP+BztliiAzFlc1
Xs/t5j3Qzr3dPLalp1f5gNQ8hX69vPiMKQUV2hHI7K5qxgUBR9tc6Yu3huPWyXkB
vSAkzO1aXPUJPdAP64P2e5HKJiWHv5UIIPkFkgtEbdQ4mukkwKXxjDNpwkyE8BHN
CCC0Z8Ci2nxKlz/l23ti33ccBbuNR8udiaaOhIrIAWMP0MIU3k2qCTWT8tJsxjfR
6+6NlTmEMYmSaTnEPouFXk3FD58DgNrnA9V/6JZiRZWsgbI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:16 2023 by rpki-client on console-fra.rpki-client.org