Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/qadHc5o7LeN5oM_k6cTHGjTS-_o.roa
File: qadHc5o7LeN5oM_k6cTHGjTS-_o.roa (raw, json)
Hash identifier: tXKQS/iDncJb4Ionq9r7PbpgASdFeI8ezfr3xYFj938=
Subject key identifier: A9:A7:47:73:9A:3B:2D:E3:79:A0:CF:E4:E9:C4:C7:1A:34:D2:FB:FA
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 0185AA5B3F445F114515CC4730257CF4825B
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/qadHc5o7LeN5oM_k6cTHGjTS-_o.roa
Signing time: Fri 13 Jan 2023 08:59:44 +0000
ROA not before: Fri 13 Jan 2023 08:59:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 77.220.202.0/24 maxlen: 24
77.220.200.0/24 maxlen: 24
77.220.201.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:5b:3f:44:5f:11:45:15:cc:47:30:25:7c:f4:82:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jan 13 08:59:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9a747739a3b2de379a0cfe4e9c4c71a34d2fbfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f5:91:92:d6:49:e2:15:d9:2d:1a:b0:64:1a:
44:32:84:58:b6:e9:a5:91:39:ce:21:ce:e9:b2:08:
25:40:e8:a7:83:39:c6:4b:cb:e4:5a:80:e9:ac:03:
6e:9d:5d:1d:6f:4c:f3:53:6d:d5:44:64:a7:60:7e:
28:86:01:82:d9:13:e1:6f:ad:85:93:8b:68:65:8a:
2f:42:7d:75:2e:b7:c7:fe:52:db:6f:69:85:f4:a2:
6d:98:ff:84:9f:f0:d8:8b:e4:af:33:ad:9e:1b:3f:
88:5d:ef:c4:93:b5:32:8e:17:da:a1:b0:5c:cc:0d:
ec:be:ad:3f:1e:7e:8c:d1:6b:05:c7:eb:d4:29:79:
63:3e:c7:92:55:21:51:de:39:c2:66:5c:4f:f9:bf:
b6:d4:ef:d1:b9:f0:86:36:97:a7:e3:02:20:ed:19:
f3:b9:b1:b7:56:76:ac:ef:6b:97:f8:7b:6a:24:7f:
22:5d:e3:e1:87:07:f5:ab:26:d3:c8:0f:2f:01:f4:
8b:fd:94:53:00:e3:91:5f:63:b0:98:57:e7:22:b9:
71:4e:1f:29:11:ff:00:8b:b6:7e:bd:61:eb:07:3c:
55:3a:99:72:bd:4f:e8:41:8e:b8:b0:2f:41:6b:23:
b8:54:e1:0e:90:c0:df:c5:b0:18:f3:07:39:c6:4f:
54:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A7:47:73:9A:3B:2D:E3:79:A0:CF:E4:E9:C4:C7:1A:34:D2:FB:FA
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/qadHc5o7LeN5oM_k6cTHGjTS-_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.200.0-77.220.202.255
Signature Algorithm: sha256WithRSAEncryption
71:20:12:9b:8a:ee:05:f7:00:97:35:4b:84:1f:f5:98:a8:e2:
80:dc:36:4b:b2:a9:bd:69:8c:8b:eb:20:b0:e7:4d:f9:8a:23:
5e:20:6b:f0:df:51:43:c4:00:c7:0c:cb:dd:23:60:76:bd:12:
f8:42:b9:2b:98:bb:10:be:4c:06:20:7a:1c:a9:c9:b3:f9:26:
c9:de:b4:ed:d1:b2:e1:e7:08:b1:d1:8b:0e:fa:45:e2:10:da:
aa:85:82:0a:d7:60:be:2d:0a:2c:e9:48:3d:7e:7b:12:0f:4d:
55:53:c9:2a:ca:c2:d1:9f:22:17:af:82:1c:b9:42:0a:a2:15:
75:e4:75:05:c3:e3:aa:42:c0:16:94:ca:f4:6f:af:fc:7d:a6:
6e:e4:84:72:57:a7:71:d0:aa:8f:be:ae:53:8a:2c:1f:86:f1:
2e:de:f4:92:16:de:3b:f3:4e:87:05:8e:97:70:f5:03:99:c7:
85:69:0c:d9:7d:a1:85:65:be:ee:fd:7d:ac:8e:61:85:81:44:
f3:70:d2:0a:37:56:f9:0d:e4:8f:4c:74:c5:a1:a6:8f:50:c8:
2e:8d:8a:68:9d:9c:74:5c:3a:da:ad:5c:fe:82:44:de:18:07:
66:f2:bb:7e:c2:33:ec:18:0b:a5:a7:66:25:98:55:9f:48:04:
90:06:e9:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYWqWz9EXxFFFcxHMCV89IJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNmI4ZWU5NzZjOTE4MzY0ZjUxODRmZjMxY2VhNDUyNWE3
OWQzNTMwHhcNMjMwMTEzMDg1OTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE3NDc3MzlhM2IyZGUzNzlhMGNmZTRlOWM0YzcxYTM0ZDJmYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/WRktZJ4hXZLRqwZBpEMoRYtuml
kTnOIc7psgglQOingznGS8vkWoDprANunV0db0zzU23VRGSnYH4ohgGC2RPhb62F
k4toZYovQn11LrfH/lLbb2mF9KJtmP+En/DYi+SvM62eGz+IXe/Ek7UyjhfaobBc
zA3svq0/Hn6M0WsFx+vUKXljPseSVSFR3jnCZlxP+b+21O/RufCGNpen4wIg7Rnz
ubG3Vnas72uX+HtqJH8iXePhhwf1qybTyA8vAfSL/ZRTAOORX2OwmFfnIrlxTh8p
Ef8Ai7Z+vWHrBzxVOplyvU/oQY64sC9BayO4VOEOkMDfxbAY8wc5xk9UJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKmnR3OaOy3jeaDP5OnExxo00vv6MB8GA1UdIwQY
MBaAFA5rjul2yRg2T1GE/zHOpFJaedNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMt
MGNjNThiYTMxMWJhLzEvcWFkSGM1bzdMZU41b01fazZjVEhHalRTLV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jOTY5ZGUtZTY5My00NTdjLTkwYzMtMGNjNThiYTMxMWJh
LzEvRG11TzZYYkpHRFpQVVlUX01jNmtVbHA1MDFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANN3MgD
BABN3MowDQYJKoZIhvcNAQELBQADggEBAHEgEpuK7gX3AJc1S4Qf9Zio4oDcNkuy
qb1pjIvrILDnTfmKI14ga/DfUUPEAMcMy90jYHa9EvhCuSuYuxC+TAYgehypybP5
JsnetO3RsuHnCLHRiw76ReIQ2qqFggrXYL4tCizpSD1+exIPTVVTySrKwtGfIhev
ghy5QgqiFXXkdQXD46pCwBaUyvRvr/x9pm7khHJXp3HQqo++rlOKLB+G8S7e9JIW
3jvzTocFjpdw9QOZx4VpDNl9oYVlvu79fayOYYWBRPNw0go3VvkN5I9MdMWhpo9Q
yC6NimidnHRcOtqtXP6CRN4YB2byu37CM+wYC6WnZiWYVZ9IBJAG6fk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net