Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/tqytS4QDXcVmj9cnzLci07N37Y8.roa
File: tqytS4QDXcVmj9cnzLci07N37Y8.roa (raw, json)
Hash identifier: PYm8/5gW1rAS1SVvmu4DVbbjJy4Rx+HCZshNraRtK2Y=
Subject key identifier: B6:AC:AD:4B:84:03:5D:C5:66:8F:D7:27:CC:B7:22:D3:B3:77:ED:8F
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D71FA638FB7399821C9B5AE8C45202
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/tqytS4QDXcVmj9cnzLci07N37Y8.roa
Signing time: Wed 01 Jan 2025 21:48:08 +0000
ROA not before: Wed 01 Jan 2025 21:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60627
IP address blocks: 77.237.90.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1f:a6:38:fb:73:99:82:1c:9b:5a:e8:c4:52:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6acad4b84035dc5668fd727ccb722d3b377ed8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2e:4b:ac:9a:78:8a:c0:6f:b9:c8:c0:77:27:
3d:d2:d4:5c:3a:1c:a6:4c:22:4b:1f:b6:fe:4c:de:
09:4c:02:de:e6:56:bd:ce:17:6d:c3:6b:0f:40:ac:
2f:93:28:36:f3:91:dc:7e:17:b8:d9:f2:4e:78:70:
2f:2d:e7:47:6e:b3:8a:70:7f:01:8a:b6:fd:83:c0:
54:90:38:be:70:dd:e8:50:85:59:71:b2:d5:b4:83:
94:93:a5:21:dc:df:51:24:2b:a6:ed:2a:6d:27:e6:
4c:d0:10:14:c9:96:5c:a3:75:83:6e:2f:4c:08:bb:
77:ef:53:69:12:50:8e:c8:b2:db:9e:c1:1d:f2:a0:
c0:1e:e0:b6:e1:d3:c7:58:41:ce:22:34:ca:de:9b:
be:62:21:be:51:c1:97:ad:87:63:9f:b3:9f:50:81:
e6:c3:c1:6b:14:20:a0:43:be:ae:76:c1:94:70:4d:
97:d6:80:a1:8e:8a:04:f7:d9:b6:c8:16:a3:ca:47:
7f:49:4a:f3:78:38:77:c7:9d:f9:64:1d:10:cd:50:
ec:0d:19:f0:ac:15:54:36:2e:de:90:88:94:c9:b6:
68:50:90:92:3f:fb:9f:c9:c1:9a:eb:d7:b6:d6:92:
e8:c5:6d:07:5c:c3:4c:e2:9d:c7:c6:2a:79:fb:66:
ef:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AC:AD:4B:84:03:5D:C5:66:8F:D7:27:CC:B7:22:D3:B3:77:ED:8F
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/tqytS4QDXcVmj9cnzLci07N37Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.90.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:97:d2:7b:f9:53:e8:90:0e:82:0c:76:ae:80:46:d5:6d:61:
17:6e:e6:6e:07:6f:88:70:9f:e0:c4:d2:0a:9f:51:f5:3c:18:
a2:85:1d:31:1c:00:ef:5d:81:9f:4d:e1:45:92:dd:d4:88:a8:
09:97:ae:5c:84:6a:a9:16:cb:7a:70:3e:1a:53:57:5d:17:d5:
a6:f6:93:88:97:3c:c9:9d:5a:55:eb:d9:57:0b:e0:1f:52:63:
95:a6:73:e9:4e:a1:89:02:f6:ac:c7:51:6a:6f:06:86:03:21:
ce:2d:55:fc:51:75:58:2a:b3:4c:f1:26:35:0a:1f:54:2c:e8:
dc:ae:a5:ed:df:99:70:4b:47:06:97:45:2f:9e:86:3f:a4:75:
06:56:38:72:32:a3:62:01:d8:0f:9c:9f:9f:c8:a1:46:78:07:
59:e1:d2:c5:34:28:62:7c:ca:85:c7:42:b7:4e:eb:80:82:fa:
7e:3a:5a:81:eb:78:0b:76:cf:eb:77:14:96:3a:8c:93:18:0c:
20:c4:66:fb:21:a6:c0:15:20:44:45:68:a4:cd:7b:86:27:78:
f5:9a:df:76:bf:e5:8c:aa:cf:43:88:1a:2c:57:19:b8:2c:58:
f3:5f:1b:1a:a0:28:83:89:d6:77:9e:7c:00:8b:55:89:07:78:
c8:be:72:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1x+mOPtzmYIcm1roxFICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFjYWQ0Yjg0MDM1ZGM1NjY4ZmQ3MjdjY2I3MjJkM2IzNzdlZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9i5LrJp4isBvucjAdyc90tRcOhym
TCJLH7b+TN4JTALe5la9zhdtw2sPQKwvkyg285Hcfhe42fJOeHAvLedHbrOKcH8B
irb9g8BUkDi+cN3oUIVZcbLVtIOUk6Uh3N9RJCum7SptJ+ZM0BAUyZZco3WDbi9M
CLt371NpElCOyLLbnsEd8qDAHuC24dPHWEHOIjTK3pu+YiG+UcGXrYdjn7OfUIHm
w8FrFCCgQ76udsGUcE2X1oChjooE99m2yBajykd/SUrzeDh3x535ZB0QzVDsDRnw
rBVUNi7ekIiUybZoUJCSP/ufycGa69e21pLoxW0HXMNM4p3Hxip5+2bvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLasrUuEA13FZo/XJ8y3ItOzd+2PMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvdHF5dFM0UURYY1ZtajljbnpMY2kwN04zN1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATe1aMA0G
CSqGSIb3DQEBCwUAA4IBAQB6l9J7+VPokA6CDHaugEbVbWEXbuZuB2+IcJ/gxNIK
n1H1PBiihR0xHADvXYGfTeFFkt3UiKgJl65chGqpFst6cD4aU1ddF9Wm9pOIlzzJ
nVpV69lXC+AfUmOVpnPpTqGJAvasx1FqbwaGAyHOLVX8UXVYKrNM8SY1Ch9ULOjc
rqXt35lwS0cGl0UvnoY/pHUGVjhyMqNiAdgPnJ+fyKFGeAdZ4dLFNChifMqFx0K3
TuuAgvp+OlqB63gLds/rdxSWOoyTGAwgxGb7IabAFSBERWikzXuGJ3j1mt92v+WM
qs9DiBosVxm4LFjzXxsaoCiDidZ3nnwAi1WJB3jIvnJW
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:38:39 2025 by rpki-client