Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/I3SabZPTe64eteUw7DnCi5BoOqQ.roa
File: I3SabZPTe64eteUw7DnCi5BoOqQ.roa (raw, json)
Hash identifier: RXzgBzeEodlNN+UaSiC2ecpCq9DdXiBZTi7PqFu2MP0=
Subject key identifier: 23:74:9A:6D:93:D3:7B:AE:1E:B5:E5:30:EC:39:C2:8B:90:68:3A:A4
Certificate issuer: /CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Certificate serial: 01866AE991CF112400366FD9A05BDA868839
Authority key identifier: FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/I3SabZPTe64eteUw7DnCi5BoOqQ.roa
Signing time: Sun 19 Feb 2023 18:22:17 +0000
ROA not before: Sun 19 Feb 2023 18:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 77.91.84.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6a:e9:91:cf:11:24:00:36:6f:d9:a0:5b:da:86:88:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb32e9f4aa32aba7312fab054b174dce8c515ca3
Validity
Not Before: Feb 19 18:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23749a6d93d37bae1eb5e530ec39c28b90683aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:34:59:2c:86:84:f7:1b:48:1f:0e:aa:4b:
96:6d:2d:3c:83:7e:d7:1d:c1:bb:34:5e:31:fe:7b:
d5:81:3c:e0:fe:64:a4:d2:7d:2d:94:3e:ae:5e:23:
d1:e4:2c:30:e7:03:66:ee:60:1f:2c:94:7b:bc:35:
2a:94:00:5f:5a:9c:6e:f3:99:8e:ca:30:ea:03:f0:
0e:fc:4d:0e:f1:55:8a:18:0b:74:d6:bd:94:17:18:
00:ac:77:5c:0a:b7:a4:0b:d0:87:28:2b:3b:77:ab:
52:00:0a:d9:6a:5d:c9:f5:3a:86:dc:56:c3:77:8f:
f2:c1:ff:76:b9:9e:31:ad:1c:be:90:d3:e9:bb:6c:
73:cd:00:22:aa:67:fc:0f:5e:e4:cc:77:62:a5:64:
ea:e3:70:3a:d3:e7:8c:1e:b8:9a:30:cf:90:4f:13:
a0:f4:35:24:20:54:67:42:5b:a2:61:46:28:83:74:
33:d5:e9:4d:10:f4:91:f8:92:93:07:1b:85:5c:f8:
a5:3b:cf:18:a9:8c:a5:4e:66:37:51:a8:dc:ff:d9:
11:2a:4e:c1:14:e7:f1:30:fd:bb:59:03:9c:64:7f:
14:c9:eb:b4:4d:56:2b:a7:17:d7:37:f8:d5:2a:87:
65:f1:5a:1e:f6:2b:08:ea:6e:09:19:cc:5c:e1:76:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:74:9A:6D:93:D3:7B:AE:1E:B5:E5:30:EC:39:C2:8B:90:68:3A:A4
X509v3 Authority Key Identifier:
keyid:FB:32:E9:F4:AA:32:AB:A7:31:2F:AB:05:4B:17:4D:CE:8C:51:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/I3SabZPTe64eteUw7DnCi5BoOqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/278663-b135-4db1-a044-20624b3c157f/1/1-zLp9Koyq6cxL6sFSxdNzoxRXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.84.0/22
Signature Algorithm: sha256WithRSAEncryption
07:08:a3:25:fa:fa:47:64:56:87:d5:3e:8e:d6:e7:1a:1b:00:
98:30:7f:55:96:f3:70:56:bb:f7:0d:7a:3e:56:f1:e2:e1:0e:
ea:a4:b7:ad:a1:8d:d5:10:1e:80:ce:eb:e6:86:a5:ba:bf:c9:
18:2d:9e:19:74:12:16:17:88:60:d7:4e:da:bb:47:dd:11:ca:
8a:2e:5d:1b:da:9f:fc:d8:3f:79:e2:ee:12:e1:c4:0e:75:d8:
eb:cd:d8:f4:d4:a1:85:6c:fe:57:0b:3b:01:f8:f2:51:fb:62:
73:d2:75:3a:10:63:91:f1:0f:2f:2c:19:01:bb:67:0b:ff:f2:
2d:cd:7a:52:60:be:8a:b3:d3:ba:43:2a:5d:43:ee:18:b5:d7:
d5:24:5c:4b:3e:ea:0a:c4:54:63:7d:69:2f:ba:6f:bc:a0:80:
3e:75:13:fb:34:05:b3:55:62:dd:c2:ef:14:4d:31:3c:9b:45:
0c:ac:15:3c:d8:7f:71:79:74:be:91:09:10:c0:4e:42:cc:1f:
ab:7c:e9:55:bc:85:b2:85:5a:36:5b:44:26:f8:8b:77:71:25:
2f:ef:71:c4:12:ef:f0:e0:05:2a:85:bc:24:f8:42:fe:b8:22:
aa:4f:95:dc:7a:32:f4:84:1f:88:88:63:3c:7d:e8:5d:ce:89:
4b:70:a9:b3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYZq6ZHPESQANm/ZoFvahog5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzJlOWY0YWEzMmFiYTczMTJmYWIwNTRiMTc0ZGNlOGM1
MTVjYTMwHhcNMjMwMjE5MTgyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc0OWE2ZDkzZDM3YmFlMWViNWU1MzBlYzM5YzI4YjkwNjgzYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj80WSyGhPcbSB8OqkuWbS08g37X
HcG7NF4x/nvVgTzg/mSk0n0tlD6uXiPR5Cww5wNm7mAfLJR7vDUqlABfWpxu85mO
yjDqA/AO/E0O8VWKGAt01r2UFxgArHdcCrekC9CHKCs7d6tSAArZal3J9TqG3FbD
d4/ywf92uZ4xrRy+kNPpu2xzzQAiqmf8D17kzHdipWTq43A60+eMHriaMM+QTxOg
9DUkIFRnQluiYUYog3Qz1elNEPSR+JKTBxuFXPilO88YqYylTmY3Uajc/9kRKk7B
FOfxMP27WQOcZH8Uyeu0TVYrpxfXN/jVKodl8Voe9isI6m4JGcxc4XbSZQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCN0mm2T03uuHrXlMOw5wouQaDqkMB8GA1UdIwQY
MBaAFPsy6fSqMqunMS+rBUsXTc6MUVyjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16THA5S295cTZjeEw2c0ZTeGROem94UlhLTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0
LTIwNjI0YjNjMTU3Zi8xL0kzU2FiWlBUZTY0ZXRlVXc3RG5DaTVCb09xUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvMjc4NjYzLWIxMzUtNGRiMS1hMDQ0LTIwNjI0YjNjMTU3
Zi8xLzEtekxwOUtveXE2Y3hMNnNGU3hkTnpveFJYS00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJNW1Qw
DQYJKoZIhvcNAQELBQADggEBAAcIoyX6+kdkVofVPo7W5xobAJgwf1WW83BWu/cN
ej5W8eLhDuqkt62hjdUQHoDO6+aGpbq/yRgtnhl0EhYXiGDXTtq7R90RyoouXRva
n/zYP3ni7hLhxA512OvN2PTUoYVs/lcLOwH48lH7YnPSdToQY5HxDy8sGQG7Zwv/
8i3NelJgvoqz07pDKl1D7hi119UkXEs+6grEVGN9aS+6b7yggD51E/s0BbNVYt3C
7xRNMTybRQysFTzYf3F5dL6RCRDATkLMH6t86VW8hbKFWjZbRCb4i3dxJS/vccQS
7/DgBSqFvCT4Qv64IqpPldx6MvSEH4iIYzx96F3OiUtwqbM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net