Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/SzFdzdGBYjgm_9YtBPgjiIyWU1c.roa
File: SzFdzdGBYjgm_9YtBPgjiIyWU1c.roa (raw, json)
Hash identifier: RvzOeNTIMhiPzozrwG+2yUiT8v+POEvTVNiHhO2CoEI=
Subject key identifier: 4B:31:5D:CD:D1:81:62:38:26:FF:D6:2D:04:F8:23:88:8C:96:53:57
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 018DC74ABB3B9D79E15D3CA7C9AE6D8CC756
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/SzFdzdGBYjgm_9YtBPgjiIyWU1c.roa
Signing time: Tue 20 Feb 2024 16:13:00 +0000
ROA not before: Tue 20 Feb 2024 16:13:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 178.210.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:4a:bb:3b:9d:79:e1:5d:3c:a7:c9:ae:6d:8c:c7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Feb 20 16:13:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b315dcdd181623826ffd62d04f823888c965357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:52:d8:45:78:59:4a:db:5f:c7:b6:f1:68:4a:
c2:fb:85:3b:f1:2b:4f:62:14:a5:74:1c:a8:64:f4:
32:ab:ab:11:2f:00:8a:5d:45:21:37:84:e4:e3:ba:
24:d9:06:e2:70:91:24:b6:2e:e8:eb:6c:57:74:d0:
d6:93:a4:ad:b7:19:ad:a5:47:4f:d3:79:ac:8e:05:
dc:ac:42:58:26:1c:17:22:e4:b3:98:53:d5:cb:cc:
7c:03:a5:f4:ee:3a:75:f4:a3:db:d8:56:e0:fc:b0:
5c:d9:3f:70:bf:90:6f:29:79:55:20:15:ed:29:2d:
c3:2a:e7:69:43:40:0f:9b:96:65:6b:b1:a2:c5:28:
ff:8d:24:86:ae:25:08:e0:fe:70:cd:1f:d7:d7:9a:
fb:11:3c:14:2e:40:6f:fe:b3:2b:b4:07:23:be:7d:
d3:51:99:c0:53:b0:e0:dc:e2:91:32:0b:34:10:21:
06:7c:ca:9e:d8:e7:10:78:97:b8:63:b7:67:06:aa:
8d:29:81:34:e7:5e:9c:8b:58:e4:75:5a:9c:e9:6d:
a4:3a:1f:12:25:8f:5a:b7:87:8b:36:71:8c:cc:eb:
88:5f:3c:bb:b3:63:17:e9:e3:6c:37:f3:da:4a:c7:
59:0a:52:6e:88:b0:c3:61:09:21:1f:01:b6:86:a6:
58:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:31:5D:CD:D1:81:62:38:26:FF:D6:2D:04:F8:23:88:8C:96:53:57
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/SzFdzdGBYjgm_9YtBPgjiIyWU1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.181.0/24
Signature Algorithm: sha256WithRSAEncryption
19:56:ce:06:81:46:d3:a8:a8:1e:8a:68:25:ac:dc:4a:91:5a:
cb:40:19:f8:08:12:bd:76:00:d1:23:e4:9f:89:a9:09:98:6b:
1a:13:11:cd:61:42:8e:c6:ce:ff:bc:b5:bd:48:6c:01:04:fe:
64:b5:f4:78:b4:5d:3c:55:49:5a:df:0e:3e:06:bc:2d:e0:e1:
b8:15:dc:04:1f:13:07:4d:2c:88:56:85:ce:d0:3b:2f:a9:8b:
5e:46:1b:7e:b7:2d:89:84:42:c9:e2:91:c4:08:b7:1f:3a:e2:
fb:4b:68:b0:b9:36:09:e7:54:5a:08:fb:ac:dc:75:97:c2:7c:
87:cb:85:91:0f:0b:fb:b4:86:2d:10:02:07:15:07:0a:2b:98:
55:06:df:86:f0:01:2a:97:39:40:19:1f:db:32:eb:04:19:7f:
d9:18:c2:f9:4f:81:a2:65:fb:0c:ed:b4:4d:09:09:a8:35:33:
fa:44:ec:4a:a4:7a:5e:25:cf:34:b6:e9:da:a2:04:78:26:72:
41:6c:3a:2f:da:d8:2f:dd:78:ec:95:09:d2:99:10:32:66:1e:
22:98:4c:d0:7a:4e:ec:6b:22:17:2f:6d:a0:b2:84:b8:44:b9:
41:d3:cc:a0:ba:bd:dd:a3:3e:13:46:a9:7b:60:20:56:90:45:
13:b3:75:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3HSrs7nXnhXTynya5tjMdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjQwMjIwMTYxMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMxNWRjZGQxODE2MjM4MjZmZmQ2MmQwNGY4MjM4ODhjOTY1MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1LYRXhZSttfx7bxaErC+4U78StP
YhSldByoZPQyq6sRLwCKXUUhN4Tk47ok2QbicJEkti7o62xXdNDWk6SttxmtpUdP
03msjgXcrEJYJhwXIuSzmFPVy8x8A6X07jp19KPb2Fbg/LBc2T9wv5BvKXlVIBXt
KS3DKudpQ0APm5Zla7GixSj/jSSGriUI4P5wzR/X15r7ETwULkBv/rMrtAcjvn3T
UZnAU7Dg3OKRMgs0ECEGfMqe2OcQeJe4Y7dnBqqNKYE0516ci1jkdVqc6W2kOh8S
JY9at4eLNnGMzOuIXzy7s2MX6eNsN/PaSsdZClJuiLDDYQkhHwG2hqZYVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsxXc3RgWI4Jv/WLQT4I4iMllNXMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvU3pGZHpkR0JZamdtXzlZdEJQZ2ppSXlXVTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstK1MA0G
CSqGSIb3DQEBCwUAA4IBAQAZVs4GgUbTqKgeimglrNxKkVrLQBn4CBK9dgDRI+Sf
iakJmGsaExHNYUKOxs7/vLW9SGwBBP5ktfR4tF08VUla3w4+Brwt4OG4FdwEHxMH
TSyIVoXO0DsvqYteRht+ty2JhELJ4pHECLcfOuL7S2iwuTYJ51RaCPus3HWXwnyH
y4WRDwv7tIYtEAIHFQcKK5hVBt+G8AEqlzlAGR/bMusEGX/ZGML5T4GiZfsM7bRN
CQmoNTP6ROxKpHpeJc80tunaogR4JnJBbDov2tgv3XjslQnSmRAyZh4imEzQek7s
ayIXL22gsoS4RLlB08ygur3doz4TRql7YCBWkEUTs3XW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:00 2025 by rpki-client