Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YjJjt-xvoJiJRiJCbHlLKwAbmMw.roa
File: YjJjt-xvoJiJRiJCbHlLKwAbmMw.roa (raw, json)
Hash identifier: Tg07Glk42tqubrschJx3kq0CturMzFb7AMlANX4EbDQ=
Subject key identifier: 62:32:63:B7:EC:6F:A0:98:89:46:22:42:6C:79:4B:2B:00:1B:98:CC
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D7223490BC536B6BA2F074408A0413
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YjJjt-xvoJiJRiJCbHlLKwAbmMw.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209836
IP address blocks: 77.237.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:22:34:90:bc:53:6b:6b:a2:f0:74:40:8a:04:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=623263b7ec6fa098894622426c794b2b001b98cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fc:d3:f9:8e:0d:6c:40:78:1b:a2:9a:d3:b0:
69:a2:37:26:81:ab:0b:0f:80:cd:51:4f:e1:eb:95:
ad:66:75:d7:96:96:ee:df:fa:b9:17:a2:c4:66:d5:
f5:d6:36:33:b1:05:b6:9b:7d:be:1b:a7:61:20:50:
eb:e1:5a:8c:d5:ce:1a:7b:b7:ef:29:88:66:c5:9b:
13:fb:d6:59:d8:86:83:68:32:bb:ad:ca:f0:96:8f:
16:8f:f1:9d:99:6d:fa:cb:e5:b2:9e:d9:e6:6e:ca:
38:59:4d:03:c0:fc:46:50:fa:30:b5:2b:95:ba:73:
28:0a:84:03:94:82:f4:b4:d3:d5:76:1b:a6:07:4a:
da:f2:39:a7:ab:4c:7e:4e:ce:63:00:f4:f2:5f:9d:
22:d2:51:0d:4a:51:4e:7f:33:a1:a8:a7:32:21:5b:
11:29:ef:eb:ec:8d:ce:90:74:f1:cd:83:2d:aa:eb:
84:eb:32:fb:88:5f:97:e1:ed:cc:cd:dd:eb:ed:0b:
df:ca:b1:91:65:3d:bb:c0:1a:23:6a:75:ca:c4:be:
02:38:d3:ec:8a:10:f5:60:11:88:b1:0e:9a:7d:00:
cc:e4:aa:25:7b:30:a5:ce:c8:91:dd:58:b2:7a:dc:
ed:c0:6e:b6:25:5d:8f:42:1e:cb:ff:6b:6f:6f:4f:
8e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:32:63:B7:EC:6F:A0:98:89:46:22:42:6C:79:4B:2B:00:1B:98:CC
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YjJjt-xvoJiJRiJCbHlLKwAbmMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.73.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ea:33:e2:e7:09:58:6c:58:0b:17:15:7b:db:27:ad:0f:8b:
53:c8:60:80:37:0d:f2:7e:02:c3:1c:92:e5:09:8a:3e:5c:e9:
b2:eb:dc:d4:ca:3f:04:4f:2f:2c:82:dd:51:3b:ed:91:bd:ed:
77:e3:a5:2b:98:b3:25:d2:a4:b2:48:d4:7f:ef:a3:92:d2:ba:
33:6f:33:d1:f4:15:32:c3:58:62:5e:2f:d9:82:1b:d3:38:90:
f3:a4:ad:25:83:6e:2f:2a:48:2d:8d:0b:59:9b:d4:87:bb:32:
aa:47:eb:b5:41:5d:d9:4f:b2:e3:69:e3:95:fb:67:cc:9e:98:
64:ac:30:28:4a:f1:20:74:08:ef:ad:b4:2c:21:40:3e:af:db:
8f:f0:13:80:79:de:37:7e:c6:be:9c:ba:57:68:c5:20:b3:0c:
3a:39:f0:b4:7f:bd:4f:7d:b8:a0:27:00:f8:1e:9a:09:62:44:
e1:ae:f8:ce:9a:3b:4a:52:57:ab:0c:b2:a9:c7:47:99:4d:ed:
57:f5:45:c7:d2:17:aa:16:5c:b0:a0:f7:3b:70:4d:54:cf:91:
33:1d:9c:3e:f9:ec:df:7a:d3:0e:96:38:5d:a4:14:97:60:7e:
51:a9:0e:48:54:0e:9e:f9:d8:d7:fa:8c:9f:af:6d:7d:e4:f2:
af:5f:b7:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1yI0kLxTa2ui8HRAigQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjMyNjNiN2VjNmZhMDk4ODk0NjIyNDI2Yzc5NGIyYjAwMWI5OGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvzT+Y4NbEB4G6Ka07BpojcmgasL
D4DNUU/h65WtZnXXlpbu3/q5F6LEZtX11jYzsQW2m32+G6dhIFDr4VqM1c4ae7fv
KYhmxZsT+9ZZ2IaDaDK7rcrwlo8Wj/GdmW36y+Wyntnmbso4WU0DwPxGUPowtSuV
unMoCoQDlIL0tNPVdhumB0ra8jmnq0x+Ts5jAPTyX50i0lENSlFOfzOhqKcyIVsR
Ke/r7I3OkHTxzYMtquuE6zL7iF+X4e3Mzd3r7QvfyrGRZT27wBojanXKxL4CONPs
ihD1YBGIsQ6afQDM5KolezClzsiR3ViyetztwG62JV2PQh7L/2tvb0+OuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIyY7fsb6CYiUYiQmx5SysAG5jMMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWWpKanQteHZvSmlKUmlKQ2JIbExLd0FibU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATe1JMA0G
CSqGSIb3DQEBCwUAA4IBAQBH6jPi5wlYbFgLFxV72yetD4tTyGCANw3yfgLDHJLl
CYo+XOmy69zUyj8ETy8sgt1RO+2Rve1346UrmLMl0qSySNR/76OS0rozbzPR9BUy
w1hiXi/ZghvTOJDzpK0lg24vKkgtjQtZm9SHuzKqR+u1QV3ZT7LjaeOV+2fMnphk
rDAoSvEgdAjvrbQsIUA+r9uP8BOAed43fsa+nLpXaMUgsww6OfC0f71PfbigJwD4
HpoJYkThrvjOmjtKUlerDLKpx0eZTe1X9UXH0heqFlywoPc7cE1Uz5EzHZw++ezf
etMOljhdpBSXYH5RqQ5IVA6e+djX+oyfr2195PKvX7dA
-----END CERTIFICATE-----
Generated at Sat May 10 08:30:21 2025 by rpki-client