Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CI6r0DmoJNLaALU_2SFsUWRom9Q.roa
File: CI6r0DmoJNLaALU_2SFsUWRom9Q.roa (raw, json)
Hash identifier: HwbJwSvDfJXs7cfzGI+fLbelQixN9mDCdcnwoI0UEnA=
Subject key identifier: 08:8E:AB:D0:39:A8:24:D2:DA:00:B5:3F:D9:21:6C:51:64:68:9B:D4
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B5824335436B7835E9360CA6F04B4A
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CI6r0DmoJNLaALU_2SFsUWRom9Q.roa
Signing time: Thu 02 Jan 2025 15:49:54 +0000
ROA not before: Thu 02 Jan 2025 15:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 178.253.44.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:82:43:35:43:6b:78:35:e9:36:0c:a6:f0:4b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=088eabd039a824d2da00b53fd9216c5164689bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:04:c3:83:be:cb:6c:21:4d:6c:7b:61:c7:b4:
9b:bf:92:ab:72:11:ac:00:67:cf:f9:62:3c:6e:9f:
c1:ea:d1:5d:df:cb:cf:ae:f9:8b:7a:0c:9b:84:fd:
b7:4b:4a:f8:92:67:34:55:73:c8:fd:3a:38:ee:f2:
6f:54:1d:b5:6e:ce:44:7d:d1:18:8d:5e:8d:01:4e:
d8:f2:36:25:ce:a0:11:8c:1b:0d:7d:7d:84:d3:8a:
79:0c:51:89:c4:ff:c5:f5:e7:2a:13:5f:2e:2b:92:
4e:62:c8:78:c3:67:1d:5f:92:fe:d7:b9:5b:fe:4b:
ea:86:e3:be:3c:4e:2c:14:e6:45:c9:46:e2:bc:55:
de:fa:4d:87:df:2b:a3:76:15:b3:3a:7e:fe:f2:f9:
53:58:98:3b:95:2d:2e:1b:bb:36:a5:e3:fd:ac:c9:
65:58:ea:64:6a:5a:29:34:4a:3c:77:bc:4f:59:bb:
34:c9:9b:c5:53:5b:e5:06:6a:64:72:4c:43:07:34:
cc:f7:f2:c4:be:78:f4:ab:f8:bc:9c:f3:8a:17:7a:
95:d7:e5:d9:02:6c:ee:06:d0:8f:ee:63:56:bc:d1:
24:25:bd:06:70:54:8d:14:ef:d4:b5:a3:5b:6a:f6:
45:e4:8a:59:48:e4:d9:ad:fa:fc:54:74:63:77:09:
c5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:8E:AB:D0:39:A8:24:D2:DA:00:B5:3F:D9:21:6C:51:64:68:9B:D4
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CI6r0DmoJNLaALU_2SFsUWRom9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:a9:db:5c:da:98:ec:f0:46:c5:4b:de:1b:2f:07:f7:e0:9e:
1e:0b:19:b8:cf:ff:a1:31:d4:31:e7:e0:de:23:c1:f6:ef:8e:
29:6b:fa:9c:70:0f:df:d8:38:b3:fe:60:89:91:8b:f5:cb:45:
04:9a:0d:62:86:bf:43:75:2c:c3:bd:2e:0d:9c:94:03:83:e3:
43:a5:57:16:69:db:58:4d:96:e4:a3:a6:ce:29:ed:03:ed:bc:
80:fe:2d:fb:17:32:8a:b9:bd:87:fe:92:a6:fb:c8:4b:8c:ed:
b6:12:c0:90:a3:20:74:b7:4a:31:9c:00:dd:ca:4e:41:37:5a:
43:52:35:b6:59:e5:d1:f6:a2:5a:c2:e6:db:60:10:b7:a6:ee:
b7:3d:b6:75:19:86:a3:db:ae:38:f2:ca:a3:e2:ff:e5:85:4a:
f7:5e:ae:27:26:75:77:60:ec:1b:81:b9:f2:ee:4b:7a:aa:95:
d9:40:ee:18:ef:d6:61:7a:82:3e:a3:60:03:10:8c:0f:f8:ca:
5f:6a:1f:3a:1f:b9:c5:0f:42:09:c4:c9:8b:1f:37:5e:45:1d:
6d:9d:72:67:44:7c:7e:fa:7a:1d:79:28:d7:43:21:11:64:22:
da:88:f9:1d:b7:35:9a:4b:d0:72:f1:35:0e:ac:22:f3:b0:dd:
14:7b:99:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYJDNUNreDXpNgym8EtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODhlYWJkMDM5YTgyNGQyZGEwMGI1M2ZkOTIxNmM1MTY0Njg5YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QTDg77LbCFNbHthx7Sbv5KrchGs
AGfP+WI8bp/B6tFd38vPrvmLegybhP23S0r4kmc0VXPI/To47vJvVB21bs5EfdEY
jV6NAU7Y8jYlzqARjBsNfX2E04p5DFGJxP/F9ecqE18uK5JOYsh4w2cdX5L+17lb
/kvqhuO+PE4sFOZFyUbivFXe+k2H3yujdhWzOn7+8vlTWJg7lS0uG7s2peP9rMll
WOpkalopNEo8d7xPWbs0yZvFU1vlBmpkckxDBzTM9/LEvnj0q/i8nPOKF3qV1+XZ
AmzuBtCP7mNWvNEkJb0GcFSNFO/UtaNbavZF5IpZSOTZrfr8VHRjdwnFDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiOq9A5qCTS2gC1P9khbFFkaJvUMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvQ0k2cjBEbW9KTkxhQUxVXzJTRnNVV1JvbTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv0sMA0G
CSqGSIb3DQEBCwUAA4IBAQA+qdtc2pjs8EbFS94bLwf34J4eCxm4z/+hMdQx5+De
I8H2744pa/qccA/f2Diz/mCJkYv1y0UEmg1ihr9DdSzDvS4NnJQDg+NDpVcWadtY
TZbko6bOKe0D7byA/i37FzKKub2H/pKm+8hLjO22EsCQoyB0t0oxnADdyk5BN1pD
UjW2WeXR9qJawubbYBC3pu63PbZ1GYaj26448sqj4v/lhUr3Xq4nJnV3YOwbgbny
7kt6qpXZQO4Y79ZheoI+o2ADEIwP+Mpfah86H7nFD0IJxMmLHzdeRR1tnXJnRHx+
+nodeSjXQyERZCLaiPkdtzWaS9By8TUOrCLzsN0Ue5mF
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:59 2025 by rpki-client