Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/jTMUagPumRa-7Y1oB-HmC1XIu6o.roa
File: jTMUagPumRa-7Y1oB-HmC1XIu6o.roa (raw, json)
Hash identifier: OQcEFQKNB/Bv6ZD9BmWMiV4xDFmm3V77PRCGOYxKbtc=
Subject key identifier: 8D:33:14:6A:03:EE:99:16:BE:ED:8D:68:07:E1:E6:0B:55:C8:BB:AA
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 01857079A3F1D10697272ED17E8B49A82774
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/jTMUagPumRa-7Y1oB-HmC1XIu6o.roa
Signing time: Mon 02 Jan 2023 03:14:58 +0000
ROA not before: Mon 02 Jan 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140947
IP address blocks: 77.220.203.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a3:f1:d1:06:97:27:2e:d1:7e:8b:49:a8:27:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jan 2 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d33146a03ee9916beed8d6807e1e60b55c8bbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1c:ef:dd:e4:80:35:18:32:54:06:9d:b8:0f:
5f:e4:34:44:a0:07:d5:7a:a4:3b:11:b4:ab:b3:d9:
bb:73:31:05:6c:a3:85:af:7e:fb:30:b1:bf:76:7a:
ed:47:76:71:25:0c:64:12:28:5a:28:5c:86:c6:25:
27:8f:54:09:e4:95:fd:03:9c:0b:9f:a7:b5:9b:87:
b7:ec:88:1b:71:25:9e:b9:52:a1:c5:20:02:e3:73:
3d:4c:aa:bc:4e:c3:d3:3b:4b:3e:c2:1f:65:d4:5d:
c3:58:ed:7d:47:b5:8a:b2:a9:28:e7:d4:3f:a6:60:
a4:75:c3:eb:ca:b3:26:0f:17:37:de:1d:f5:5d:b6:
98:44:93:f9:fa:74:20:cb:cc:87:3b:3d:af:f1:c4:
33:7c:1b:dd:9b:23:51:9e:53:69:e8:29:af:dd:55:
d2:4c:f8:a4:8e:25:95:2a:79:7f:d7:0b:b1:a6:d2:
42:63:46:71:aa:70:c1:0b:b6:30:5e:59:ab:08:41:
83:90:ec:69:51:49:c8:28:1b:e9:42:cf:0e:f2:c0:
5f:e4:38:4b:e6:a2:cb:f0:c9:e4:1f:43:c8:b2:94:
c7:83:f3:d8:f7:64:ac:f2:c8:58:27:f9:6d:58:e5:
86:92:bd:73:af:5d:3b:bf:e5:c7:75:df:94:28:5f:
ac:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:33:14:6A:03:EE:99:16:BE:ED:8D:68:07:E1:E6:0B:55:C8:BB:AA
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/jTMUagPumRa-7Y1oB-HmC1XIu6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.203.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5c:68:df:a5:f0:02:b8:30:87:e9:e0:03:da:55:09:4c:59:
1a:c5:eb:66:42:cd:29:cb:02:61:23:ca:84:9c:e0:cc:ee:c5:
39:f9:a7:11:98:e6:4f:9e:2c:24:98:bb:52:86:c1:db:7d:75:
d6:77:7d:89:39:60:56:1a:35:a8:ac:f8:d0:a2:a6:68:64:bc:
8d:45:8b:66:b6:23:3b:56:bb:a0:50:62:70:32:31:2d:0a:91:
45:87:55:1c:8b:ca:dd:93:14:7d:1b:2f:d6:cb:3d:ee:64:42:
90:31:ef:d7:59:b3:f8:a1:ad:db:20:69:a0:4d:47:29:4d:ea:
51:f5:38:37:4b:92:9c:18:c2:f8:3b:67:b5:af:99:92:d0:17:
0a:40:b2:bc:a1:00:0f:b8:96:94:a4:cd:c2:2e:9b:69:41:a6:
e7:e6:b2:4c:b9:95:07:f2:82:9e:3b:b2:68:0f:b8:95:7f:6e:
41:ff:55:a0:8d:a0:0a:a8:70:8f:90:02:16:6d:98:da:ce:ff:
93:82:aa:45:36:b9:17:fc:77:33:34:83:e8:aa:ca:8f:6d:70:
e5:26:0d:d5:8b:c6:92:ba:8a:5f:ba:2c:04:a1:e4:ff:92:2d:
e4:1e:99:67:63:bf:0f:96:b3:d9:f3:47:6b:72:9d:31:8f:5f:
30:06:e7:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweaPx0QaXJy7RfotJqCd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDMzMTQ2YTAzZWU5OTE2YmVlZDhkNjgwN2UxZTYwYjU1YzhiYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xzv3eSANRgyVAaduA9f5DREoAfV
eqQ7EbSrs9m7czEFbKOFr377MLG/dnrtR3ZxJQxkEihaKFyGxiUnj1QJ5JX9A5wL
n6e1m4e37IgbcSWeuVKhxSAC43M9TKq8TsPTO0s+wh9l1F3DWO19R7WKsqko59Q/
pmCkdcPryrMmDxc33h31XbaYRJP5+nQgy8yHOz2v8cQzfBvdmyNRnlNp6Cmv3VXS
TPikjiWVKnl/1wuxptJCY0ZxqnDBC7YwXlmrCEGDkOxpUUnIKBvpQs8O8sBf5DhL
5qLL8MnkH0PIspTHg/PY92Ss8shYJ/ltWOWGkr1zr107v+XHdd+UKF+srwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0zFGoD7pkWvu2NaAfh5gtVyLuqMB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvalRNVWFnUHVtUmEtN1kxb0ItSG1DMVhJdTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATdzLMA0G
CSqGSIb3DQEBCwUAA4IBAQA3XGjfpfACuDCH6eAD2lUJTFkaxetmQs0pywJhI8qE
nODM7sU5+acRmOZPniwkmLtShsHbfXXWd32JOWBWGjWorPjQoqZoZLyNRYtmtiM7
VrugUGJwMjEtCpFFh1Uci8rdkxR9Gy/Wyz3uZEKQMe/XWbP4oa3bIGmgTUcpTepR
9Tg3S5KcGML4O2e1r5mS0BcKQLK8oQAPuJaUpM3CLptpQabn5rJMuZUH8oKeO7Jo
D7iVf25B/1WgjaAKqHCPkAIWbZjazv+TgqpFNrkX/HczNIPoqsqPbXDlJg3Vi8aS
uopfuiwEoeT/ki3kHplnY78PlrPZ80drcp0xj18wBucc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net