Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Z1prQo0uSkG5dsXMmaxJypPGSQY.roa
File: Z1prQo0uSkG5dsXMmaxJypPGSQY.roa (raw, json)
Hash identifier: c8TIYuL/B0PY4TfG33D/jeTe2RSQGr2JeaIIJTWCqXs=
Subject key identifier: 67:5A:6B:42:8D:2E:4A:41:B9:76:C5:CC:99:AC:49:CA:93:C6:49:06
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 0189C2B34DC2A5317B65D72DDD661F12F0AF
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Z1prQo0uSkG5dsXMmaxJypPGSQY.roa
Signing time: Fri 04 Aug 2023 22:37:58 +0000
ROA not before: Fri 04 Aug 2023 22:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.145.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:b3:4d:c2:a5:31:7b:65:d7:2d:dd:66:1f:12:f0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Aug 4 22:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=675a6b428d2e4a41b976c5cc99ac49ca93c64906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:e8:7a:fb:50:3c:cb:7f:3b:be:19:00:c1:
7c:a4:2a:e4:3c:6c:32:ac:83:11:7c:4a:ad:84:87:
ed:10:34:a6:7c:e3:0a:5d:6f:5b:07:3a:eb:df:f6:
bb:71:ce:a7:73:b7:2d:9a:6b:26:03:11:9f:c2:56:
57:42:73:a2:6a:de:a3:2b:27:1f:fa:d6:5e:82:7d:
2d:5c:e4:36:ed:5a:d6:06:59:a6:28:92:9a:b1:4d:
99:41:f3:6c:81:40:b9:65:63:f1:0a:9e:10:09:1e:
5d:a8:2c:4a:45:18:59:ea:9e:34:5e:09:8c:32:bd:
cb:41:aa:16:0d:f2:90:03:82:0b:8a:9f:91:2e:2e:
cb:8f:8b:84:ad:8d:0a:6a:3f:dc:19:22:d9:f1:b1:
50:a6:db:ce:48:05:0b:9d:3b:e1:1e:a5:fe:74:cc:
a4:b6:f2:2a:99:6c:82:ba:e3:5e:e4:5b:22:70:c0:
87:a0:25:21:82:76:24:ad:a3:8d:db:55:8d:de:00:
2b:45:83:0a:bb:30:21:1d:13:d5:e1:aa:aa:fd:5d:
83:a0:96:0c:f5:75:b8:e9:1a:e3:58:cc:46:d4:d6:
e9:e8:d7:cd:a7:0c:e3:e0:c9:80:f1:0e:9b:61:79:
b3:e6:a8:65:9e:52:51:b8:ab:5d:1f:91:29:da:da:
47:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5A:6B:42:8D:2E:4A:41:B9:76:C5:CC:99:AC:49:CA:93:C6:49:06
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Z1prQo0uSkG5dsXMmaxJypPGSQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/24
77.92.145.0/24
Signature Algorithm: sha256WithRSAEncryption
98:06:2f:3c:65:e7:25:e6:c4:ad:5f:18:d6:a4:9d:f3:a0:07:
2b:78:1d:a7:4b:4b:04:ee:52:79:f1:2a:70:fe:d9:15:18:61:
29:c0:73:1c:ca:8a:1b:ff:5c:10:d6:c6:55:3e:8a:77:5b:e1:
66:56:3c:4e:e9:3a:51:97:7f:65:b1:c5:da:e5:5a:aa:53:c5:
8d:94:b5:bd:a9:98:fd:6d:3a:75:ce:25:ba:c9:43:64:a2:35:
d6:94:5b:7f:94:12:e5:32:86:ea:a7:df:cc:06:be:79:4f:b9:
39:5b:d3:87:27:16:7f:cb:ed:98:4b:bf:a5:43:d4:45:1b:42:
03:78:a5:c6:a0:b5:a2:f8:67:fb:95:1e:87:bd:94:4d:ee:89:
a6:79:af:02:e6:95:c4:e4:76:7a:fc:8d:1d:e8:7d:1a:05:12:
11:ad:4a:a7:ac:be:a4:a6:4f:29:23:5b:6e:dc:f1:e8:be:81:
9b:41:69:a5:6c:99:07:9b:28:ee:c0:50:24:05:a6:14:be:67:
6d:e8:1f:0d:52:da:81:ac:5d:9c:d6:3b:d2:98:78:e9:f5:dc:
8e:a0:39:57:a3:37:ff:52:ae:35:38:8f:15:7e:0c:3d:c1:70:
68:3c:07:3d:73:f0:72:58:7d:4f:a3:22:6a:05:5d:c8:bf:9c:
5a:d7:4b:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnCs03CpTF7Zdct3WYfEvCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwODA0MjIzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVhNmI0MjhkMmU0YTQxYjk3NmM1Y2M5OWFjNDljYTkzYzY0OTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCPoevtQPMt/O74ZAMF8pCrkPGwy
rIMRfEqthIftEDSmfOMKXW9bBzrr3/a7cc6nc7ctmmsmAxGfwlZXQnOiat6jKycf
+tZegn0tXOQ27VrWBlmmKJKasU2ZQfNsgUC5ZWPxCp4QCR5dqCxKRRhZ6p40XgmM
Mr3LQaoWDfKQA4ILip+RLi7Lj4uErY0Kaj/cGSLZ8bFQptvOSAULnTvhHqX+dMyk
tvIqmWyCuuNe5FsicMCHoCUhgnYkraON21WN3gArRYMKuzAhHRPV4aqq/V2DoJYM
9XW46RrjWMxG1Nbp6NfNpwzj4MmA8Q6bYXmz5qhlnlJRuKtdH5Ep2tpHnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGdaa0KNLkpBuXbFzJmsScqTxkkGMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvWjFwclFvMHVTa0c1ZHNYTW1heEp5cFBHU1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVyOAwQA
TVyRMA0GCSqGSIb3DQEBCwUAA4IBAQCYBi88Zecl5sStXxjWpJ3zoAcreB2nS0sE
7lJ58Spw/tkVGGEpwHMcyoob/1wQ1sZVPop3W+FmVjxO6TpRl39lscXa5VqqU8WN
lLW9qZj9bTp1ziW6yUNkojXWlFt/lBLlMobqp9/MBr55T7k5W9OHJxZ/y+2YS7+l
Q9RFG0IDeKXGoLWi+Gf7lR6HvZRN7ommea8C5pXE5HZ6/I0d6H0aBRIRrUqnrL6k
pk8pI1tu3PHovoGbQWmlbJkHmyjuwFAkBaYUvmdt6B8NUtqBrF2c1jvSmHjp9dyO
oDlXozf/Uq41OI8Vfgw9wXBoPAc9c/ByWH1PoyJqBV3Iv5xa10up
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:59 2023 by rpki-client on console.sobornost.net