Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/F7OT-iAB7FjVCpzwiVCtbPsNGBA.roa
File: F7OT-iAB7FjVCpzwiVCtbPsNGBA.roa (raw, json)
Hash identifier: SR0YYLrDbUmnDAkf1gg8CePSQKfokp5KhlylcIHBMHs=
Subject key identifier: 17:B3:93:FA:20:01:EC:58:D5:0A:9C:F0:89:50:AD:6C:FB:0D:18:10
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01840F6B7983EFDECAF0F357331AA228B820
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/F7OT-iAB7FjVCpzwiVCtbPsNGBA.roa
Signing time: Tue 25 Oct 2022 13:53:32 +0000
ROA not before: Tue 25 Oct 2022 13:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211279
IP address blocks: 178.175.162.0/23 maxlen: 24
178.175.160.0/23 maxlen: 24
178.175.178.0/23 maxlen: 23
178.175.177.0/24 maxlen: 24
178.175.176.0/23 maxlen: 23
178.175.176.0/24 maxlen: 24
178.175.175.0/24 maxlen: 24
178.175.174.0/23 maxlen: 23
178.175.174.0/24 maxlen: 24
178.175.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:6b:79:83:ef:de:ca:f0:f3:57:33:1a:a2:28:b8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Oct 25 13:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17b393fa2001ec58d50a9cf08950ad6cfb0d1810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:76:8e:e3:5d:2d:8f:d3:f9:03:43:62:2f:de:
f0:dd:88:5f:32:45:da:85:18:48:ed:f5:4d:91:8c:
b9:09:fe:8f:ba:ac:88:2e:3b:47:06:d8:e7:1c:ec:
95:be:eb:87:18:d0:d8:bb:a1:a4:de:eb:0d:8a:30:
83:d0:09:18:80:1a:0b:84:88:53:41:eb:50:47:01:
25:27:b5:d9:30:51:f5:b7:9a:39:07:6d:b8:69:d7:
e2:7e:ab:d4:51:53:c2:b6:1a:02:3d:c3:43:63:90:
c7:d1:14:cd:5b:8b:b3:59:8e:0f:b7:f8:89:16:cc:
40:e4:6b:2c:da:2c:a5:9f:df:c3:d7:d8:bc:55:c3:
35:47:25:eb:1c:e1:f0:e1:c8:de:60:c4:8f:f4:e2:
6f:3e:1c:3d:03:71:2d:26:bb:2f:f6:e5:58:81:35:
49:56:bf:94:1a:e2:31:a5:d5:80:4e:8e:d7:92:78:
d1:50:06:e5:0c:6e:ac:cd:aa:d1:91:e2:1f:1a:f9:
51:be:8c:2e:9f:4d:e0:64:d4:ad:c2:b8:f9:29:85:
93:67:bf:f4:38:0d:89:28:5c:f0:91:34:7e:de:e7:
1e:ae:7a:cb:a3:4c:b9:07:a6:8d:6f:c1:9c:d9:5f:
d1:9c:3c:53:82:a0:ec:6c:27:95:83:7d:56:af:45:
c4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B3:93:FA:20:01:EC:58:D5:0A:9C:F0:89:50:AD:6C:FB:0D:18:10
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/F7OT-iAB7FjVCpzwiVCtbPsNGBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.160.0/22
178.175.174.0-178.175.179.255
Signature Algorithm: sha256WithRSAEncryption
02:6d:a1:ec:23:f6:23:5e:da:ec:97:76:1b:17:93:3e:63:a1:
d7:94:b4:a5:76:5c:1c:bd:34:ec:f4:0b:91:c2:0d:be:34:b4:
12:0a:d3:48:56:0b:e5:07:31:35:b5:4b:e3:f9:67:0c:b4:6f:
3e:06:3f:92:97:62:f5:f0:d3:bd:6c:16:5a:89:b9:cd:15:63:
75:fc:51:0c:2b:ed:10:8a:f2:af:0b:c7:07:f7:6a:ba:0c:ac:
b0:f1:7a:8d:96:a8:b4:66:b4:fa:56:5e:c7:13:40:d3:4b:d8:
26:3b:67:97:43:63:71:f1:97:8d:3f:ee:f9:fc:39:dd:58:61:
38:3c:1b:fe:13:21:13:d7:1d:9e:e7:37:2d:cf:ae:d3:c0:f4:
6d:2e:a6:34:dd:e6:b5:35:6f:fc:6f:25:43:e5:2a:1b:c5:65:
62:b8:14:cf:e6:37:93:b3:ba:9f:c7:2e:75:47:7e:2e:a3:ee:
e4:10:7e:c7:1f:35:3e:be:e3:2a:da:f5:5f:54:22:94:65:af:
e6:5f:d2:0f:e1:ae:8e:13:79:51:e3:51:5b:4b:0d:06:fd:4a:
2e:ac:ae:ce:98:f8:00:ed:a8:f7:00:17:63:2b:ed:dc:45:0f:
34:14:8c:b4:52:11:68:e1:0c:9e:40:be:7c:bd:45:e4:3e:3c:
7f:ac:5a:9b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQPa3mD797K8PNXMxqiKLggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjIxMDI1MTM1MzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IzOTNmYTIwMDFlYzU4ZDUwYTljZjA4OTUwYWQ2Y2ZiMGQxODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3aO410tj9P5A0NiL97w3YhfMkXa
hRhI7fVNkYy5Cf6PuqyILjtHBtjnHOyVvuuHGNDYu6Gk3usNijCD0AkYgBoLhIhT
QetQRwElJ7XZMFH1t5o5B224adfifqvUUVPCthoCPcNDY5DH0RTNW4uzWY4Pt/iJ
FsxA5Gss2iyln9/D19i8VcM1RyXrHOHw4cjeYMSP9OJvPhw9A3EtJrsv9uVYgTVJ
Vr+UGuIxpdWATo7XknjRUAblDG6szarRkeIfGvlRvowun03gZNStwrj5KYWTZ7/0
OA2JKFzwkTR+3ucernrLo0y5B6aNb8Gc2V/RnDxTgqDsbCeVg31Wr0XEFwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBezk/ogAexY1Qqc8IlQrWz7DRgQMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvRjdPVC1pQUI3RmpWQ3B6d2lWQ3RiUHNOR0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCsq+gMAwD
BAGyr64DBAKyr7AwDQYJKoZIhvcNAQELBQADggEBAAJtoewj9iNe2uyXdhsXkz5j
odeUtKV2XBy9NOz0C5HCDb40tBIK00hWC+UHMTW1S+P5Zwy0bz4GP5KXYvXw071s
FlqJuc0VY3X8UQwr7RCK8q8Lxwf3aroMrLDxeo2WqLRmtPpWXscTQNNL2CY7Z5dD
Y3Hxl40/7vn8Od1YYTg8G/4TIRPXHZ7nNy3PrtPA9G0upjTd5rU1b/xvJUPlKhvF
ZWK4FM/mN5Ozup/HLnVHfi6j7uQQfscfNT6+4yra9V9UIpRlr+Zf0g/hro4TeVHj
UVtLDQb9Si6srs6Y+ADtqPcAF2Mr7dxFDzQUjLRSEWjhDJ5Avny9ReQ+PH+sWps=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-ams.rpki-client.org