Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/hFFygN9FREirZL_hHsjigdsH8DQ.roa
File: hFFygN9FREirZL_hHsjigdsH8DQ.roa (raw, json)
Hash identifier: jCKM3dVH9iBZoWgqW3gAwcPgD6143nPQb9QvsVMmk1g=
Subject key identifier: 84:51:72:80:DF:45:44:48:AB:64:BF:E1:1E:C8:E2:81:DB:07:F0:34
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 0181F3F1A93B20AC3577EC5ED28BBC00D0D4
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/hFFygN9FREirZL_hHsjigdsH8DQ.roa
Signing time: Tue 12 Jul 2022 19:45:09 +0000
ROA not before: Tue 12 Jul 2022 19:45:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140947
IP address blocks: 77.220.203.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f3:f1:a9:3b:20:ac:35:77:ec:5e:d2:8b:bc:00:d0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jul 12 19:45:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84517280df454448ab64bfe11ec8e281db07f034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:ce:18:fb:96:7e:e5:db:a7:61:44:9d:f7:
8d:e0:24:13:32:5a:08:82:98:e2:f1:45:5d:e3:26:
af:db:44:f5:97:39:70:ab:50:9f:e0:38:ab:0f:92:
4c:63:70:cb:f0:d5:b4:07:a8:92:0a:db:19:e8:cd:
06:98:66:c3:c9:84:26:35:0d:17:4a:6e:0f:7e:d7:
82:88:c4:32:6a:fd:d9:50:27:3d:e6:fa:fc:ca:14:
24:f2:61:7b:90:3f:06:eb:44:94:d3:78:c3:0b:ae:
3b:0f:ab:d9:57:af:c6:e5:ad:be:34:01:0b:70:41:
86:3b:14:d2:0f:11:1a:f0:e9:97:b3:3a:44:b6:63:
f0:4a:a4:20:ab:ce:9b:c3:77:13:c1:fe:20:c7:26:
36:55:2d:7b:cb:ce:c2:dd:65:dd:1c:4e:01:f6:fa:
1b:93:25:eb:9b:80:e3:fb:83:e3:7c:bd:f3:72:24:
33:d0:d5:11:f3:cc:3e:75:1f:f2:60:30:99:be:67:
df:13:10:03:60:df:a6:cf:ef:7e:95:dc:3c:9c:52:
bb:fa:1e:11:90:3e:61:c5:dd:d6:2b:84:9f:d8:d5:
a7:ea:1a:84:00:84:ae:08:e1:97:cc:60:bb:5c:8e:
4a:d9:21:26:bd:e2:f3:65:f2:05:c5:c2:88:b6:da:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:51:72:80:DF:45:44:48:AB:64:BF:E1:1E:C8:E2:81:DB:07:F0:34
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/hFFygN9FREirZL_hHsjigdsH8DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.203.0/24
Signature Algorithm: sha256WithRSAEncryption
60:58:12:69:57:e4:88:bd:0a:49:71:ff:87:a2:71:21:70:22:
09:93:92:85:b0:45:62:1d:7f:28:58:98:26:2f:e0:80:b8:4a:
15:a6:c0:ab:5f:dc:77:59:f3:5a:6b:03:2f:95:fa:bf:f1:1d:
2b:38:9d:29:c2:68:85:a2:62:72:a8:2b:08:30:46:52:87:23:
59:db:39:78:b3:03:03:ee:da:7d:ac:e9:35:9e:72:37:25:fd:
d7:7a:90:e2:53:73:82:ee:9a:35:2e:81:5f:7b:69:bf:ea:de:
fd:fe:58:f4:f6:30:c0:f3:65:74:8a:8e:ee:81:d7:70:b5:7b:
fe:24:c7:ad:c5:a3:14:ce:f8:a7:6f:43:b2:c5:bc:2a:54:71:
25:2b:04:b0:ac:78:99:75:d4:49:59:a6:0a:64:f7:25:80:45:
36:71:47:d1:de:0c:6e:ca:56:29:69:f9:0b:70:c7:74:2f:fd:
7f:f0:e7:cf:05:9e:3f:27:7f:95:4e:94:24:f3:5c:01:ea:b1:
56:fc:22:dd:1c:07:1e:b8:89:20:bd:e1:65:ed:7a:e6:ab:45:
b0:e3:fd:0f:8e:65:0c:7d:42:24:57:2b:c1:ef:75:7f:7f:8e:
97:20:1c:3c:85:5a:bb:d4:18:d2:85:48:10:26:32:8b:6e:1d:
9a:6d:91:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHz8ak7IKw1d+xe0ou8ANDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjIwNzEyMTk0NTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUxNzI4MGRmNDU0NDQ4YWI2NGJmZTExZWM4ZTI4MWRiMDdmMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/7OGPuWfuXbp2FEnfeN4CQTMloI
gpji8UVd4yav20T1lzlwq1Cf4DirD5JMY3DL8NW0B6iSCtsZ6M0GmGbDyYQmNQ0X
Sm4PfteCiMQyav3ZUCc95vr8yhQk8mF7kD8G60SU03jDC647D6vZV6/G5a2+NAEL
cEGGOxTSDxEa8OmXszpEtmPwSqQgq86bw3cTwf4gxyY2VS17y87C3WXdHE4B9vob
kyXrm4Dj+4PjfL3zciQz0NUR88w+dR/yYDCZvmffExADYN+mz+9+ldw8nFK7+h4R
kD5hxd3WK4Sf2NWn6hqEAISuCOGXzGC7XI5K2SEmveLzZfIFxcKIttoM2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRRcoDfRURIq2S/4R7I4oHbB/A0MB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvaEZGeWdOOUZSRWlyWkxfaEhzamlnZHNIOERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzLMA0G
CSqGSIb3DQEBCwUAA4IBAQBgWBJpV+SIvQpJcf+HonEhcCIJk5KFsEViHX8oWJgm
L+CAuEoVpsCrX9x3WfNaawMvlfq/8R0rOJ0pwmiFomJyqCsIMEZShyNZ2zl4swMD
7tp9rOk1nnI3Jf3XepDiU3OC7po1LoFfe2m/6t79/lj09jDA82V0io7ugddwtXv+
JMetxaMUzvinb0OyxbwqVHElKwSwrHiZddRJWaYKZPclgEU2cUfR3gxuylYpafkL
cMd0L/1/8OfPBZ4/J3+VTpQk81wB6rFW/CLdHAceuIkgveFl7Xrmq0Ww4/0PjmUM
fUIkVyvB73V/f46XIBw8hVq71BjShUgQJjKLbh2abZHk
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net