Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/xkloEZyfnSr5Ucb1KHmDp-aC4_8.roa
File: xkloEZyfnSr5Ucb1KHmDp-aC4_8.roa (raw, json)
Hash identifier: c4dphJNTd/vnVDPtdODc1bAMWl7JQ0STmUsTwZbnNKg=
Subject key identifier: C6:49:68:11:9C:9F:9D:2A:F9:51:C6:F5:28:79:83:A7:E6:82:E3:FF
Certificate issuer: /CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Certificate serial: 01DDCD42
Authority key identifier: 0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/xkloEZyfnSr5Ucb1KHmDp-aC4_8.roa
Signing time: Sat 01 Jan 2022 07:54:55 +0000
ROA not before: Sat 01 Jan 2022 07:54:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212169
IP address blocks: 77.220.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31313218 (0x1ddcd42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e6b8ee976c918364f5184ff31cea4525a79d353
Validity
Not Before: Jan 1 07:54:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c64968119c9f9d2af951c6f5287983a7e682e3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:89:10:2e:2f:61:62:2b:b8:b9:da:14:14:90:
fe:42:8f:41:76:c3:ae:a4:17:63:5b:c4:92:84:36:
fb:44:4f:90:0c:93:b5:4c:ad:b8:85:24:93:9d:57:
40:cf:b0:2e:6a:16:c0:d1:1e:37:0a:46:16:ac:b8:
cb:58:8e:08:68:a8:67:3f:3c:9b:4f:ea:18:dc:b5:
f2:10:ff:5c:12:8a:e9:9a:b7:d6:71:a5:7e:5d:a7:
af:e4:f0:10:4a:17:6a:9b:cb:a1:e9:49:1e:35:b5:
5f:99:92:2b:4f:26:ce:60:85:b0:38:31:82:b1:0a:
ee:63:4e:73:d9:42:8f:d9:61:48:16:aa:04:e0:3c:
92:f6:70:73:73:b0:31:2c:0e:d8:20:ca:2f:c6:09:
a5:00:20:80:ff:6e:ba:fc:38:54:19:f4:42:74:5c:
be:41:8b:aa:d1:08:0d:2e:89:2e:cc:e7:54:c2:ed:
54:54:f9:c0:3b:80:c7:a6:5c:c5:c5:b9:15:0b:90:
9f:d3:c5:6f:83:9a:7a:46:d2:99:7d:47:00:d3:5f:
f0:f0:81:0c:a7:cc:db:cd:99:a5:b8:59:0b:a4:e6:
4d:45:07:25:cd:4d:80:16:f8:09:ff:60:d1:42:d1:
e3:de:be:8f:ed:ef:d1:b3:8a:b8:08:29:cc:5c:d8:
13:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:49:68:11:9C:9F:9D:2A:F9:51:C6:F5:28:79:83:A7:E6:82:E3:FF
X509v3 Authority Key Identifier:
keyid:0E:6B:8E:E9:76:C9:18:36:4F:51:84:FF:31:CE:A4:52:5A:79:D3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmuO6XbJGDZPUYT_Mc6kUlp501M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/xkloEZyfnSr5Ucb1KHmDp-aC4_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c969de-e693-457c-90c3-0cc58ba311ba/1/DmuO6XbJGDZPUYT_Mc6kUlp501M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.200.0/22
Signature Algorithm: sha256WithRSAEncryption
16:d9:f9:85:ab:da:35:3e:41:ef:16:21:cf:ca:07:5f:90:f5:
a8:54:c5:e1:57:25:6a:91:9d:03:99:db:1b:5b:fc:0a:36:f1:
03:24:cd:fd:61:b0:fd:79:51:9b:0c:86:71:84:34:f0:86:10:
16:10:cf:f6:a6:81:71:d9:20:26:a2:ef:5c:f3:fd:2a:09:36:
d6:f7:6d:f4:c4:7c:28:06:d7:13:c6:e7:84:00:37:44:7e:98:
c2:7d:74:51:c5:4d:e0:12:44:1d:29:8c:62:10:f6:8f:36:17:
b1:c5:f0:66:db:fb:64:04:25:26:06:eb:c6:8b:3d:9b:90:10:
11:eb:02:03:66:ae:6d:c2:2f:cb:f5:f1:2d:21:9f:8c:de:01:
f2:58:35:45:87:74:da:b0:cf:44:f8:17:93:b6:1c:57:95:1d:
f8:79:25:c2:f5:cb:ac:cd:f0:7f:9e:4e:0d:68:d5:c7:a3:9c:
dc:d7:99:3b:e7:b0:ae:a6:dd:e0:a7:c6:88:f7:71:df:ba:e0:
79:10:b9:76:3d:96:8d:2b:4b:5b:e1:6a:35:67:e3:86:02:fe:
a0:af:55:8c:97:d4:fc:52:27:0a:f3:00:0f:8d:7c:61:47:06:
a8:26:ba:36:68:e4:2a:8d:5c:9f:92:03:53:34:23:79:d8:f7:
3a:a2:09:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAd3NQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTZiOGVlOTc2YzkxODM2NGY1MTg0ZmYzMWNlYTQ1MjVhNzlkMzUzMB4XDTIyMDEw
MTA3NTQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY0OTY4MTE5Yzlm
OWQyYWY5NTFjNmY1Mjg3OTgzYTdlNjgyZTNmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWJEC4vYWIruLnaFBSQ/kKPQXbDrqQXY1vEkoQ2+0RPkAyT
tUytuIUkk51XQM+wLmoWwNEeNwpGFqy4y1iOCGioZz88m0/qGNy18hD/XBKK6Zq3
1nGlfl2nr+TwEEoXapvLoelJHjW1X5mSK08mzmCFsDgxgrEK7mNOc9lCj9lhSBaq
BOA8kvZwc3OwMSwO2CDKL8YJpQAggP9uuvw4VBn0QnRcvkGLqtEIDS6JLsznVMLt
VFT5wDuAx6ZcxcW5FQuQn9PFb4OaekbSmX1HANNf8PCBDKfM282ZpbhZC6TmTUUH
Jc1NgBb4Cf9g0ULR496+j+3v0bOKuAgpzFzYEwcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGSWgRnJ+dKvlRxvUoeYOn5oLj/zAfBgNVHSMEGDAWgBQOa47pdskYNk9R
hP8xzqRSWnnTUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RtdU82WGJKR0RaUFVZVF9NYzZrVWxwNTAxTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvYzk2OWRlLWU2OTMtNDU3Yy05MGMzLTBjYzU4YmEzMTFiYS8x
L3hrbG9FWnlmblNyNVVjYjFLSG1EcC1hQzRfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
Yzk2OWRlLWU2OTMtNDU3Yy05MGMzLTBjYzU4YmEzMTFiYS8xL0RtdU82WGJKR0Ra
UFVZVF9NYzZrVWxwNTAxTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAk3cyDANBgkqhkiG9w0BAQsFAAOC
AQEAFtn5havaNT5B7xYhz8oHX5D1qFTF4VclapGdA5nbG1v8CjbxAyTN/WGw/XlR
mwyGcYQ08IYQFhDP9qaBcdkgJqLvXPP9Kgk21vdt9MR8KAbXE8bnhAA3RH6Ywn10
UcVN4BJEHSmMYhD2jzYXscXwZtv7ZAQlJgbrxos9m5AQEesCA2aubcIvy/XxLSGf
jN4B8lg1RYd02rDPRPgXk7YcV5Ud+HklwvXLrM3wf55ODWjVx6Oc3NeZO+ewrqbd
4KfGiPdx37rgeRC5dj2WjStLW+FqNWfjhgL+oK9VjJfU/FInCvMAD418YUcGqCa6
NmjkKo1cn5IDUzQjedj3OqIJBQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net