Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/WTHjpSyD8c8XbgKm4IzhOJronqA.roa
File: WTHjpSyD8c8XbgKm4IzhOJronqA.roa (raw, json)
Hash identifier: AauMdzjGqF70v2ROGFX/4LXnZUaboJEFu0i88gxd0AM=
Subject key identifier: 59:31:E3:A5:2C:83:F1:CF:17:6E:02:A6:E0:8C:E1:38:9A:E8:9E:A0
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 38B36A2E
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/WTHjpSyD8c8XbgKm4IzhOJronqA.roa
Signing time: Tue 01 Mar 2022 09:20:32 +0000
ROA not before: Tue 01 Mar 2022 09:20:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211279
IP address blocks: 178.175.178.0/23 maxlen: 24
178.175.176.0/23 maxlen: 24
178.175.174.0/23 maxlen: 24
178.175.186.0/23 maxlen: 23
178.175.184.0/23 maxlen: 24
178.175.182.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 951282222 (0x38b36a2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Mar 1 09:20:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5931e3a52c83f1cf176e02a6e08ce1389ae89ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:28:65:a1:e9:bf:1a:f1:4f:04:5c:f5:e5:32:
c5:b5:33:10:cd:39:10:69:d3:57:b3:ad:fc:06:6b:
8a:13:16:cb:68:ed:69:19:70:ec:d1:48:e1:ea:12:
0a:28:50:01:89:85:e6:93:0a:9d:aa:3e:07:25:df:
c8:98:b6:59:a0:c7:5b:37:d3:67:7b:a6:e2:01:bf:
4e:98:3a:db:f7:a9:01:f9:e1:6e:ef:da:45:f5:db:
12:3b:74:2f:e9:71:1f:6d:ac:e2:4e:93:d3:a4:bf:
6e:6d:1d:14:41:2f:83:de:20:86:bf:cf:66:32:63:
4f:80:cf:3c:e1:03:5e:4b:e0:13:74:fe:be:2d:95:
2f:7c:50:19:8e:da:f9:7c:e9:85:fa:e2:b7:04:ed:
42:2a:66:33:b3:db:08:92:c2:d2:ee:4d:e5:63:fb:
86:d5:d6:cd:0c:fc:2d:be:36:b8:69:5f:3e:eb:09:
5f:54:85:31:8a:84:d1:6a:22:06:a6:6c:03:29:00:
25:a1:eb:91:22:46:a9:34:c3:2a:5e:aa:29:62:07:
21:b7:0d:13:ec:19:2f:2c:1f:54:9b:c2:60:ca:7c:
5a:58:00:b9:88:fa:eb:19:f7:32:da:a3:fa:81:3c:
25:a7:a2:75:7a:8f:7c:31:e0:50:f4:d6:23:69:47:
62:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:31:E3:A5:2C:83:F1:CF:17:6E:02:A6:E0:8C:E1:38:9A:E8:9E:A0
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/WTHjpSyD8c8XbgKm4IzhOJronqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.174.0-178.175.179.255
178.175.182.0-178.175.187.255
Signature Algorithm: sha256WithRSAEncryption
b8:28:af:ba:94:29:68:4c:22:2f:c4:d2:f1:d3:b9:9c:42:eb:
32:ae:fe:b5:dc:a6:6d:b3:b6:db:24:0b:ad:b0:a0:70:6f:74:
8e:1c:4a:36:7d:0b:25:f9:d2:5f:0b:4b:a3:b6:0d:3b:c9:5b:
9f:f0:53:0d:05:f0:89:86:6d:e3:bb:81:28:09:43:ad:a5:85:
de:e5:03:1c:2b:18:42:60:cd:c6:b4:7c:a0:ba:ba:7a:02:88:
f9:68:43:94:57:27:4d:24:92:29:f3:42:c8:52:41:ac:3e:7f:
ec:cf:b2:a1:cf:de:d9:3a:5f:90:6b:09:e3:0c:7b:79:80:f7:
28:46:b9:d8:c7:23:09:29:24:93:6a:e5:8a:45:d2:41:87:cf:
00:86:53:68:f3:74:94:f9:b7:48:e4:19:a2:e0:2f:39:35:34:
59:59:a4:c9:9d:2f:87:26:8f:43:be:b2:05:c8:0b:5d:e8:d8:
1a:e8:98:a8:ed:7a:cb:0f:61:c8:8d:bf:7d:0f:07:9f:40:f5:
6b:65:98:6d:fc:c6:c7:82:4a:97:a1:f0:99:1b:dd:03:67:34:
1a:6e:08:7c:b2:0c:c4:1c:91:f2:d6:75:d9:2a:45:33:fe:ef:
39:db:90:ab:3d:ac:02:c3:e2:93:89:d4:d9:dc:fc:4e:cb:3d:
10:11:e1:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEOLNqLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTFiOTE1MDQ5ODMwOTE1MDZhMWE5NDQ0NTdhNDU1OGI5NGRhYjdmMB4XDTIyMDMw
MTA5MjAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkzMWUzYTUyYzgz
ZjFjZjE3NmUwMmE2ZTA4Y2UxMzg5YWU4OWVhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8oZaHpvxrxTwRc9eUyxbUzEM05EGnTV7Ot/AZrihMWy2jt
aRlw7NFI4eoSCihQAYmF5pMKnao+ByXfyJi2WaDHWzfTZ3um4gG/Tpg62/epAfnh
bu/aRfXbEjt0L+lxH22s4k6T06S/bm0dFEEvg94ghr/PZjJjT4DPPOEDXkvgE3T+
vi2VL3xQGY7a+XzphfritwTtQipmM7PbCJLC0u5N5WP7htXWzQz8Lb42uGlfPusJ
X1SFMYqE0WoiBqZsAykAJaHrkSJGqTTDKl6qKWIHIbcNE+wZLywfVJvCYMp8WlgA
uYj66xn3Mtqj+oE8JaeidXqPfDHgUPTWI2lHYqkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRZMeOlLIPxzxduAqbgjOE4muieoDAfBgNVHSMEGDAWgBS5G5FQSYMJFQah
qURFekVYuU2rfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VSdVJVRW1EQ1JVR29hbEVSWHBGV0xsTnEzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8x
L1dUSGpwU3lEOGM4WGJnS200SXpoT0pyb25xQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzRlMTdmLWY5ZjQtNDc4OS05MmI3LTlkZDZlODhmY2M4ZC8xL3VSdVJVRW1EQ1JV
R29hbEVSWHBGV0xsTnEzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQBsq+uAwQCsq+wMAwDBAGyr7YD
BAKyr7gwDQYJKoZIhvcNAQELBQADggEBALgor7qUKWhMIi/E0vHTuZxC6zKu/rXc
pm2zttskC62woHBvdI4cSjZ9CyX50l8LS6O2DTvJW5/wUw0F8ImGbeO7gSgJQ62l
hd7lAxwrGEJgzca0fKC6unoCiPloQ5RXJ00kkinzQshSQaw+f+zPsqHP3tk6X5Br
CeMMe3mA9yhGudjHIwkpJJNq5YpF0kGHzwCGU2jzdJT5t0jkGaLgLzk1NFlZpMmd
L4cmj0O+sgXIC13o2BromKjtessPYciNv30PB59A9WtlmG38xseCSpeh8Jkb3QNn
NBpuCHyyDMQckfLWddkqRTP+7znbkKs9rALD4pOJ1Nnc/E7LPRAR4YI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:03 2025 by rpki-client