Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/G26hfCnbVXD4O6iQLDOA1s20Gps.roa
File: G26hfCnbVXD4O6iQLDOA1s20Gps.roa (raw, json)
Hash identifier: NIDb1e/SyYrmoj2VMJLfQbBN8iFo0/LBKvvs58uuTtk=
Subject key identifier: 1B:6E:A1:7C:29:DB:55:70:F8:3B:A8:90:2C:33:80:D6:CD:B4:1A:9B
Certificate issuer: /CN=0a39f9a00278e69d1b3dddaa0bf0cd17d2e66708
Certificate serial: 01856CEF0DA9EBB7918C911DFB1EDBDE0C9A
Authority key identifier: 0A:39:F9:A0:02:78:E6:9D:1B:3D:DD:AA:0B:F0:CD:17:D2:E6:67:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/G26hfCnbVXD4O6iQLDOA1s20Gps.roa
Signing time: Sun 01 Jan 2023 10:44:43 +0000
ROA not before: Sun 01 Jan 2023 10:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8866
IP address blocks: 77.76.0.0/20 maxlen: 24
77.76.0.0/19 maxlen: 24
77.76.16.0/20 maxlen: 24
77.76.32.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:0d:a9:eb:b7:91:8c:91:1d:fb:1e:db:de:0c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a39f9a00278e69d1b3dddaa0bf0cd17d2e66708
Validity
Not Before: Jan 1 10:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b6ea17c29db5570f83ba8902c3380d6cdb41a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:df:b2:68:b2:8a:fd:ce:a7:02:e0:2b:0f:
a8:1c:c0:6a:69:cf:48:c2:8b:cf:4f:f4:19:7c:ed:
47:db:39:d1:50:30:2d:d6:4c:22:e2:40:0b:73:14:
d0:c7:72:2b:c0:57:2b:78:90:22:9c:b0:8d:8c:b1:
c0:fa:0c:7a:a8:9b:9b:1b:c1:98:c7:c8:d1:52:6e:
16:6f:52:cf:73:e7:1a:2c:41:a2:73:f2:be:a0:f0:
5c:e7:93:35:46:77:7a:9d:78:69:48:fe:b7:9f:ce:
3a:90:1c:b2:3a:a7:1d:2a:53:35:68:3f:61:21:ec:
d7:2b:d1:2c:94:d3:34:0b:11:49:4a:2a:50:7b:8a:
80:bb:0c:59:57:01:11:74:41:d7:88:54:a4:bc:2f:
6a:cd:25:f9:3b:be:02:50:42:b4:a2:3f:a4:b6:7a:
67:2d:48:f2:85:5b:91:e0:a3:65:1f:10:ba:09:0e:
41:cb:46:aa:53:47:38:26:dc:5a:2f:39:33:71:0f:
a1:df:54:00:ca:ef:2e:f7:db:2a:dd:a4:0c:ec:80:
04:ed:ab:e1:bb:94:37:1c:0b:98:6e:6f:e2:08:b8:
52:f4:f5:8c:3f:29:8a:76:e2:c4:2c:bd:2b:df:e7:
e0:ff:64:2c:6c:f1:75:64:2c:e5:98:85:cf:e1:98:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:6E:A1:7C:29:DB:55:70:F8:3B:A8:90:2C:33:80:D6:CD:B4:1A:9B
X509v3 Authority Key Identifier:
keyid:0A:39:F9:A0:02:78:E6:9D:1B:3D:DD:AA:0B:F0:CD:17:D2:E6:67:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/G26hfCnbVXD4O6iQLDOA1s20Gps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.0.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:19:2e:22:1e:c4:32:82:1a:33:4d:60:59:04:fa:b8:f1:d3:
3b:79:ce:55:6a:8d:ad:c5:3c:f7:31:83:63:6a:d4:c1:75:92:
79:bf:17:39:e0:fe:b7:3f:70:8e:10:5b:d7:52:4c:a4:95:03:
37:90:bf:ab:bb:c5:33:8e:35:05:03:95:8b:ab:06:bd:06:76:
0c:e8:06:1e:ee:e2:12:ba:92:59:bb:7a:be:05:b3:fd:23:78:
13:7a:15:8d:e4:97:91:8c:1d:a8:23:e5:96:3b:23:c2:82:48:
36:47:50:32:33:22:d8:e1:a4:28:e8:26:88:83:99:89:49:32:
bb:6a:62:aa:f0:0d:42:89:dd:60:22:7f:ea:f4:64:eb:ea:4d:
2d:01:71:95:fc:80:b9:95:91:42:3b:1e:0f:dd:2c:07:f0:11:
07:0a:94:10:ab:50:78:a9:6e:e7:41:6a:0b:65:e4:01:81:25:
21:45:75:ad:e2:2f:b0:92:16:4c:0c:3e:6e:61:6e:1b:28:b9:
75:ca:c6:ac:65:aa:ee:22:ac:c1:0b:c4:6a:2b:0a:54:3e:f1:
96:73:ee:4f:ee:c9:0a:72:90:67:47:9d:a9:15:cd:17:4c:cc:
b4:d7:50:54:69:c0:2b:a3:94:f1:6c:4f:22:c8:02:d7:a0:2f:
7b:b8:6f:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7w2p67eRjJEd+x7b3gyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzlmOWEwMDI3OGU2OWQxYjNkZGRhYTBiZjBjZDE3ZDJl
NjY3MDgwHhcNMjMwMTAxMTA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjZlYTE3YzI5ZGI1NTcwZjgzYmE4OTAyYzMzODBkNmNkYjQxYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszXfsmiyiv3OpwLgKw+oHMBqac9I
wovPT/QZfO1H2znRUDAt1kwi4kALcxTQx3IrwFcreJAinLCNjLHA+gx6qJubG8GY
x8jRUm4Wb1LPc+caLEGic/K+oPBc55M1Rnd6nXhpSP63n846kByyOqcdKlM1aD9h
IezXK9EslNM0CxFJSipQe4qAuwxZVwERdEHXiFSkvC9qzSX5O74CUEK0oj+ktnpn
LUjyhVuR4KNlHxC6CQ5By0aqU0c4JtxaLzkzcQ+h31QAyu8u99sq3aQM7IAE7avh
u5Q3HAuYbm/iCLhS9PWMPymKduLELL0r3+fg/2QsbPF1ZCzlmIXP4ZjI4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtuoXwp21Vw+DuokCwzgNbNtBqbMB8GA1UdIwQY
MBaAFAo5+aACeOadGz3dqgvwzRfS5mcIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2puNW9BSjQ1cDBiUGQycUNfRE5GOUxtWndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hOWFmMGUtZTkxYS00ZjFjLWI3MmMt
MWUyYjFjODdkMzE3LzEvRzI2aGZDbmJWWEQ0TzZpUUxET0ExczIwR3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hOWFmMGUtZTkxYS00ZjFjLWI3MmMtMWUyYjFjODdkMzE3
LzEvQ2puNW9BSjQ1cDBiUGQycUNfRE5GOUxtWndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGTUwAMA0G
CSqGSIb3DQEBCwUAA4IBAQBeGS4iHsQyghozTWBZBPq48dM7ec5Vao2txTz3MYNj
atTBdZJ5vxc54P63P3COEFvXUkyklQM3kL+ru8UzjjUFA5WLqwa9BnYM6AYe7uIS
upJZu3q+BbP9I3gTehWN5JeRjB2oI+WWOyPCgkg2R1AyMyLY4aQo6CaIg5mJSTK7
amKq8A1Cid1gIn/q9GTr6k0tAXGV/IC5lZFCOx4P3SwH8BEHCpQQq1B4qW7nQWoL
ZeQBgSUhRXWt4i+wkhZMDD5uYW4bKLl1ysasZaruIqzBC8RqKwpUPvGWc+5P7skK
cpBnR52pFc0XTMy011BUacAro5TxbE8iyALXoC97uG/V
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:58 2023 by rpki-client on console.sobornost.net