Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/ZnWFVySdtvVQyFKLzK6deT-Deiw.roa
File: ZnWFVySdtvVQyFKLzK6deT-Deiw.roa (raw, json)
Hash identifier: f0A+MIMZ1PPs6NUFMjow76M7DLqyL+TMcc9aY0uE8mE=
Subject key identifier: 66:75:85:57:24:9D:B6:F5:50:C8:52:8B:CC:AE:9D:79:3F:83:7A:2C
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 01857079A484DB7F73B0FF3A1D3987946E7D
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/ZnWFVySdtvVQyFKLzK6deT-Deiw.roa
Signing time: Mon 02 Jan 2023 03:14:58 +0000
ROA not before: Mon 02 Jan 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 77.220.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a4:84:db:7f:73:b0:ff:3a:1d:39:87:94:6e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jan 2 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66758557249db6f550c8528bccae9d793f837a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2b:be:b8:3d:87:d1:12:2e:79:2b:87:1c:84:
cc:61:2d:6d:81:91:2a:84:52:0d:26:f1:45:23:48:
dc:a5:49:2d:a4:46:90:77:05:f6:2b:36:e3:5f:55:
ac:df:83:ac:43:ba:51:cd:4f:76:4e:3a:c2:85:f9:
66:79:92:3f:70:7a:f9:b7:55:7d:1a:70:99:b1:b6:
fd:f3:07:d9:3e:e6:77:c5:ff:5c:67:1a:0f:e3:83:
dd:ab:d8:9e:ca:8f:23:5e:13:a0:45:82:45:d4:62:
e0:7d:8c:a9:3a:39:f2:07:b3:75:25:f9:20:c8:08:
95:cb:ea:de:f2:e8:ec:b8:c7:e0:7a:8c:35:49:95:
10:82:fd:19:0b:b2:7e:6e:23:34:4f:97:17:a0:90:
a3:82:54:50:f3:e3:6e:d2:0c:a0:ce:ed:aa:0e:2b:
f2:53:89:78:93:c6:39:10:34:c7:2d:f0:c9:cc:dc:
6b:34:81:b4:5c:c6:bc:78:e8:a3:b8:9b:02:39:a7:
64:18:56:73:56:64:b2:5f:e9:cc:41:69:66:39:53:
7d:44:56:f2:87:b2:69:f4:89:31:fe:f1:72:29:a6:
b6:75:17:42:8d:e5:cc:1d:e2:5c:7e:89:a4:9e:fe:
c7:a9:c7:ac:4f:88:38:7d:ea:17:ba:e6:48:ac:c2:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:75:85:57:24:9D:B6:F5:50:C8:52:8B:CC:AE:9D:79:3F:83:7A:2C
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/ZnWFVySdtvVQyFKLzK6deT-Deiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:74:6c:94:ab:b8:3b:cd:fb:91:fa:96:a8:53:19:e1:6b:9e:
cd:28:ad:ee:62:b2:0b:5d:f5:29:3b:19:cb:2e:8d:8a:37:75:
c6:d7:a4:00:db:e5:b0:bf:c3:bb:db:1d:45:6e:51:c2:1a:d9:
bb:1c:83:0e:45:78:ae:ae:de:5f:a7:b6:72:1d:39:3e:8f:6a:
b6:a3:2e:86:7a:ad:6b:d8:d8:33:cf:bb:fe:ab:90:02:fe:01:
b0:26:fa:80:de:f4:73:96:bc:e9:be:b4:42:e7:47:87:27:3e:
c0:93:35:b7:28:64:c2:96:49:b0:4a:0b:48:9d:87:0d:42:62:
bb:0f:e7:c8:88:98:2f:39:06:9b:20:2b:8c:a2:2b:4d:85:d0:
df:1c:f8:49:52:f0:e2:26:b1:7b:11:cf:67:23:05:3f:2b:fe:
66:fc:f1:3d:6b:78:e1:be:c0:3f:18:0e:65:28:7c:5c:37:50:
94:c0:61:26:d7:5f:f5:49:ef:61:e3:91:53:48:73:21:96:6c:
6a:6d:db:5d:2b:ab:17:5a:8a:d5:5e:21:c7:fa:78:a7:81:c2:
86:7e:37:64:32:12:3d:2d:45:da:75:7d:78:72:dc:ef:15:01:
37:a2:78:e1:0c:0a:18:81:29:c7:39:cd:52:8f:5e:09:06:72:
68:18:03:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweaSE239zsP86HTmHlG59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc1ODU1NzI0OWRiNmY1NTBjODUyOGJjY2FlOWQ3OTNmODM3YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiu+uD2H0RIueSuHHITMYS1tgZEq
hFINJvFFI0jcpUktpEaQdwX2KzbjX1Ws34OsQ7pRzU92TjrChflmeZI/cHr5t1V9
GnCZsbb98wfZPuZ3xf9cZxoP44Pdq9ieyo8jXhOgRYJF1GLgfYypOjnyB7N1Jfkg
yAiVy+re8ujsuMfgeow1SZUQgv0ZC7J+biM0T5cXoJCjglRQ8+Nu0gygzu2qDivy
U4l4k8Y5EDTHLfDJzNxrNIG0XMa8eOijuJsCOadkGFZzVmSyX+nMQWlmOVN9RFby
h7Jp9Ikx/vFyKaa2dRdCjeXMHeJcfomknv7HqcesT4g4feoXuuZIrMI5AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZ1hVcknbb1UMhSi8yunXk/g3osMB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvWm5XRlZ5U2R0dlZReUZLTHpLNmRlVC1EZWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzIMA0G
CSqGSIb3DQEBCwUAA4IBAQCjdGyUq7g7zfuR+paoUxnha57NKK3uYrILXfUpOxnL
Lo2KN3XG16QA2+Wwv8O72x1FblHCGtm7HIMORXiurt5fp7ZyHTk+j2q2oy6Geq1r
2Ngzz7v+q5AC/gGwJvqA3vRzlrzpvrRC50eHJz7AkzW3KGTClkmwSgtInYcNQmK7
D+fIiJgvOQabICuMoitNhdDfHPhJUvDiJrF7Ec9nIwU/K/5m/PE9a3jhvsA/GA5l
KHxcN1CUwGEm11/1Se9h45FTSHMhlmxqbdtdK6sXWorVXiHH+ningcKGfjdkMhI9
LUXadX14ctzvFQE3onjhDAoYgSnHOc1Sj14JBnJoGAP3
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net