Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/QHrcFcPZ25TK4YRmqzCCvBycXJA.roa
File: QHrcFcPZ25TK4YRmqzCCvBycXJA.roa (raw, json)
Hash identifier: VgIZo8rT4oWO1zxB2Arp1/iYMyshvnf5PGuYOubyQe8=
Subject key identifier: 40:7A:DC:15:C3:D9:DB:94:CA:E1:84:66:AB:30:82:BC:1C:9C:5C:90
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 39BF3DD4
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/QHrcFcPZ25TK4YRmqzCCvBycXJA.roa
Signing time: Mon 20 Jun 2022 13:51:44 +0000
ROA not before: Mon 20 Jun 2022 13:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35534
IP address blocks: 178.175.178.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 968834516 (0x39bf3dd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jun 20 13:51:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407adc15c3d9db94cae18466ab3082bc1c9c5c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d8:40:a8:bb:68:ce:0e:71:6d:b3:de:62:07:
3e:40:af:d9:f2:28:5c:17:f6:f8:cc:20:ce:06:49:
28:7e:82:1e:71:6a:30:c6:39:b8:46:05:06:9b:1b:
d8:0f:6a:47:e7:7d:be:1a:31:c2:47:e6:01:31:a7:
46:95:e0:a1:18:2e:22:00:63:e5:cc:be:04:95:c8:
b0:b3:e0:2f:51:34:ff:12:66:28:99:17:a3:61:c9:
0f:c0:fb:b2:ca:c4:df:64:72:e8:27:2f:99:8f:df:
1f:2e:cc:a4:59:b7:0b:23:c7:52:81:fe:b4:66:d0:
40:ee:bd:b1:cb:6d:ed:32:46:b9:01:1f:39:5b:8b:
29:f0:8c:ec:a5:c7:89:9a:fe:77:0a:cd:44:9d:3c:
26:ba:18:91:0b:75:01:ef:25:eb:ab:b0:f2:a8:af:
3d:83:5e:46:80:5c:6b:35:ed:6d:6c:20:67:b9:27:
c0:e9:d0:de:6f:b2:ba:2b:b6:80:5d:58:81:4a:1f:
47:e8:3c:ed:73:28:ba:e5:3d:49:ea:51:32:91:48:
92:13:22:e8:02:fe:c1:56:99:b8:62:18:3f:58:37:
21:ab:94:c4:87:4f:92:8a:cf:a8:f5:48:a2:95:29:
5f:24:a8:84:61:82:ce:e8:ff:e5:c9:24:51:53:4c:
91:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7A:DC:15:C3:D9:DB:94:CA:E1:84:66:AB:30:82:BC:1C:9C:5C:90
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/QHrcFcPZ25TK4YRmqzCCvBycXJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.178.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:5a:7a:36:6b:60:77:b1:92:b1:6d:22:50:0d:c4:18:56:9b:
22:bf:8e:a1:c5:a6:0e:9f:59:d0:8a:3c:55:25:e5:82:ee:14:
74:10:7e:19:04:4c:a6:01:a0:30:63:61:5b:bc:d2:c3:59:25:
aa:10:2c:40:ef:00:a2:74:1c:45:dc:70:b4:95:1c:83:89:ba:
b3:6c:36:7c:a7:02:a8:dc:72:0d:74:92:9c:d1:81:aa:44:65:
a0:f8:36:c8:25:44:13:e6:ad:c4:84:49:a9:7a:bd:d7:18:f8:
21:5f:b8:6e:45:dc:97:63:56:24:00:28:13:09:12:05:86:c2:
e3:05:28:2d:bb:68:c4:9b:bf:a5:01:35:70:b2:d3:a0:cb:fa:
9f:33:ee:0e:47:e0:b9:5a:56:5a:ad:7a:e3:01:15:cc:0a:20:
cc:93:81:73:a3:8e:17:9d:27:f9:4f:c0:42:d7:81:8f:70:69:
8e:50:dc:24:32:90:e8:50:c3:a0:a9:0b:c5:4d:0a:f5:da:14:
e2:90:26:3f:fa:c3:03:50:b3:67:f2:f3:a2:4d:76:d8:bd:a7:
76:df:91:3f:76:96:45:de:35:67:b9:7d:58:8a:50:09:5d:db:
dd:2d:8b:8e:d5:14:89:72:3b:f0:12:e9:bc:08:75:26:51:8d:
c4:48:1a:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOb891DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDYy
MDEzNTE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA3YWRjMTVjM2Q5
ZGI5NGNhZTE4NDY2YWIzMDgyYmMxYzljNWM5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjYQKi7aM4OcW2z3mIHPkCv2fIoXBf2+MwgzgZJKH6CHnFq
MMY5uEYFBpsb2A9qR+d9vhoxwkfmATGnRpXgoRguIgBj5cy+BJXIsLPgL1E0/xJm
KJkXo2HJD8D7ssrE32Ry6CcvmY/fHy7MpFm3CyPHUoH+tGbQQO69sctt7TJGuQEf
OVuLKfCM7KXHiZr+dwrNRJ08JroYkQt1Ae8l66uw8qivPYNeRoBcazXtbWwgZ7kn
wOnQ3m+yuiu2gF1YgUofR+g87XMouuU9SepRMpFIkhMi6AL+wVaZuGIYP1g3IauU
xIdPkorPqPVIopUpXySohGGCzuj/5ckkUVNMkRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAetwVw9nblMrhhGarMIK8HJxckDAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
L1FIcmNGY1BaMjVUSzRZUm1xekNDdkJ5Y1hKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKvsjANBgkqhkiG9w0BAQsFAAOC
AQEAplp6Nmtgd7GSsW0iUA3EGFabIr+OocWmDp9Z0Io8VSXlgu4UdBB+GQRMpgGg
MGNhW7zSw1klqhAsQO8AonQcRdxwtJUcg4m6s2w2fKcCqNxyDXSSnNGBqkRloPg2
yCVEE+atxIRJqXq91xj4IV+4bkXcl2NWJAAoEwkSBYbC4wUoLbtoxJu/pQE1cLLT
oMv6nzPuDkfguVpWWq164wEVzAogzJOBc6OOF50n+U/AQteBj3BpjlDcJDKQ6FDD
oKkLxU0K9doU4pAmP/rDA1CzZ/Lzok122L2ndt+RP3aWRd41Z7l9WIpQCV3b3S2L
jtUUiXI78BLpvAh1JlGNxEgaSw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-ams.rpki-client.org