Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/R4Pjd8Pw1AOTyOYfIad-ZWv4AMk.roa
File: R4Pjd8Pw1AOTyOYfIad-ZWv4AMk.roa (raw, json)
Hash identifier: MZfWKUn2wTX47/BDKlpN+MtVvBiQA+sh/edgbps/NPU=
Subject key identifier: 47:83:E3:77:C3:F0:D4:03:93:C8:E6:1F:21:A7:7E:65:6B:F8:00:C9
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 01857079A36A8DABB171481B1A06B03D7147
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/R4Pjd8Pw1AOTyOYfIad-ZWv4AMk.roa
Signing time: Mon 02 Jan 2023 03:14:57 +0000
ROA not before: Mon 02 Jan 2023 03:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.220.202.0/24 maxlen: 24
77.220.203.0/24 maxlen: 24
77.220.200.0/24 maxlen: 24
77.220.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a3:6a:8d:ab:b1:71:48:1b:1a:06:b0:3d:71:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jan 2 03:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4783e377c3f0d40393c8e61f21a77e656bf800c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ca:3e:2c:d8:2c:94:7f:47:18:8f:6f:b5:89:
56:31:ef:cf:2f:c9:db:16:21:8f:34:95:76:62:47:
14:ac:e9:5d:01:25:a3:82:57:1c:d8:b3:83:ef:e9:
fe:b3:51:a2:c8:67:0b:02:76:4e:af:fc:42:6e:8b:
4a:d6:fa:37:de:1d:a2:79:0a:25:50:c0:2c:9a:d6:
72:48:36:1b:c1:76:8f:52:26:41:74:d0:28:d0:94:
6d:c0:3c:ac:86:f4:f3:dd:94:f1:49:d0:f9:ca:a1:
bf:e7:4f:cb:65:7f:f0:d5:b7:03:8f:8f:10:e6:d7:
d4:d3:35:cc:2c:cd:2f:49:c1:8f:41:be:4c:49:1c:
c0:67:2c:65:3b:fd:ca:ed:51:96:3a:32:3e:15:c4:
7a:a3:4d:15:53:95:64:a3:11:12:11:b7:64:dd:b9:
84:2e:89:49:ec:c5:00:d6:80:6a:80:30:7f:59:51:
17:4c:29:ad:cb:06:4d:78:e8:74:ac:80:c7:a7:87:
fd:02:1a:22:e6:28:80:fa:b2:f0:0f:5a:c3:c7:5f:
e1:6d:b2:cf:62:f7:0d:8a:1f:25:e2:a5:de:ac:79:
8e:2a:e4:4c:4b:bf:84:9e:3a:4d:7d:a8:ea:84:46:
db:37:8f:08:b0:67:b0:c9:bc:f8:b6:37:10:32:b2:
9a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:83:E3:77:C3:F0:D4:03:93:C8:E6:1F:21:A7:7E:65:6B:F8:00:C9
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/R4Pjd8Pw1AOTyOYfIad-ZWv4AMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.200.0/22
Signature Algorithm: sha256WithRSAEncryption
66:f5:f5:01:5e:cb:5c:85:70:c4:d9:a7:a5:4e:3a:c8:f2:ea:
84:07:6e:1f:9b:a0:23:e7:7f:ec:04:4e:60:8f:e7:22:42:22:
12:d5:2e:24:e7:11:ce:23:d7:74:1b:e6:1f:ba:54:1d:aa:c8:
ee:e6:b7:2c:cd:f0:59:a1:05:be:c6:3e:0b:15:36:e6:64:f7:
1f:fb:7d:86:06:86:4c:b7:5e:61:2b:f0:e9:56:ee:86:2a:52:
10:ee:6b:e0:47:c0:9a:6a:3d:28:5f:84:ce:05:98:2a:38:e7:
10:c6:40:c7:90:60:1d:5e:91:94:7d:c2:ed:92:4e:19:11:25:
72:27:f4:62:93:68:08:9b:6f:44:59:9e:0b:16:66:5d:0c:3e:
f1:bf:46:d5:f6:ce:3b:39:eb:e7:ee:fa:32:20:38:73:15:1e:
94:00:e1:21:14:01:28:34:2c:a5:a2:d3:3b:d7:c1:41:ee:26:
94:a8:d0:a9:dd:68:85:51:9c:4e:39:1c:ba:8b:08:bb:17:56:
12:c9:a8:70:4a:1e:85:c3:cf:c7:af:7d:4d:98:a1:83:b4:f0:
2f:d9:24:30:33:0e:37:8d:d3:3b:d9:5c:c1:50:87:61:7f:38:
09:b2:e1:c9:c1:2a:a9:42:cc:b1:16:0a:d0:59:11:85:78:18:
d5:70:3a:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweaNqjauxcUgbGgawPXFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjMwMTAyMDMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzgzZTM3N2MzZjBkNDAzOTNjOGU2MWYyMWE3N2U2NTZiZjgwMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApco+LNgslH9HGI9vtYlWMe/PL8nb
FiGPNJV2YkcUrOldASWjglcc2LOD7+n+s1GiyGcLAnZOr/xCbotK1vo33h2ieQol
UMAsmtZySDYbwXaPUiZBdNAo0JRtwDyshvTz3ZTxSdD5yqG/50/LZX/w1bcDj48Q
5tfU0zXMLM0vScGPQb5MSRzAZyxlO/3K7VGWOjI+FcR6o00VU5VkoxESEbdk3bmE
LolJ7MUA1oBqgDB/WVEXTCmtywZNeOh0rIDHp4f9Ahoi5iiA+rLwD1rDx1/hbbLP
YvcNih8l4qXerHmOKuRMS7+EnjpNfajqhEbbN48IsGewybz4tjcQMrKaKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeD43fD8NQDk8jmHyGnfmVr+ADJMB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvUjRQamQ4UHcxQU9UeU9ZZklhZC1aV3Y0QU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTdzIMA0G
CSqGSIb3DQEBCwUAA4IBAQBm9fUBXstchXDE2aelTjrI8uqEB24fm6Aj53/sBE5g
j+ciQiIS1S4k5xHOI9d0G+YfulQdqsju5rcszfBZoQW+xj4LFTbmZPcf+32GBoZM
t15hK/DpVu6GKlIQ7mvgR8Caaj0oX4TOBZgqOOcQxkDHkGAdXpGUfcLtkk4ZESVy
J/Rik2gIm29EWZ4LFmZdDD7xv0bV9s47Oevn7voyIDhzFR6UAOEhFAEoNCylotM7
18FB7iaUqNCp3WiFUZxOORy6iwi7F1YSyahwSh6Fw8/Hr31NmKGDtPAv2SQwMw43
jdM72VzBUIdhfzgJsuHJwSqpQsyxFgrQWRGFeBjVcDrW
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net