Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FHNNhq_ScosLP-1LuGx3ao_KJPE.roa
File: FHNNhq_ScosLP-1LuGx3ao_KJPE.roa (raw, json)
Hash identifier: 0G9wXK9KMM3K521Et3fmsVklvmFPXQyHsXc7MiQqXPI=
Subject key identifier: 14:73:4D:86:AF:D2:72:8B:0B:3F:ED:4B:B8:6C:77:6A:8F:CA:24:F1
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58A21E790A72B4B563E448BE6B3DF
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FHNNhq_ScosLP-1LuGx3ao_KJPE.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207326
IP address blocks: 178.253.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8a:21:e7:90:a7:2b:4b:56:3e:44:8b:e6:b3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14734d86afd2728b0b3fed4bb86c776a8fca24f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8b:d3:31:b7:c0:b8:a7:ad:96:29:2e:70:c2:
75:0c:10:4d:1f:89:ec:95:db:9c:10:fb:9a:21:c7:
e5:b8:80:2f:41:3c:4c:d3:46:59:58:7d:78:41:ab:
f9:e0:a0:cd:d5:70:eb:37:61:b1:0d:94:ac:60:3a:
e9:68:63:0a:a6:83:1a:40:a3:e7:f1:2e:14:28:c6:
f1:46:37:17:99:94:a6:8c:b6:2c:18:15:97:28:4b:
38:8d:7b:c5:32:36:49:fb:8a:e3:46:93:17:b6:6a:
6b:22:08:91:06:aa:3a:8c:81:31:ab:f6:74:be:ad:
a7:4f:9f:91:13:7b:1f:c7:7a:0a:9b:9c:54:a4:a8:
57:bc:0b:79:db:5c:ec:aa:ff:76:65:2e:ff:1a:8d:
1c:85:d3:cf:b8:09:d2:1a:71:32:db:bf:4c:07:2e:
9b:7b:7f:0f:ab:70:ff:29:d1:33:97:ea:18:b2:ee:
79:88:f8:fc:b1:55:99:fd:5d:bb:af:ee:1a:86:24:
51:c3:09:30:8e:4c:2f:44:2f:fe:8c:32:3b:d7:8a:
b3:bd:70:0f:f1:b2:3b:24:58:ed:f1:8b:d9:df:ac:
2d:c6:1e:6b:55:c9:ec:93:95:0b:45:bc:74:73:62:
78:04:b7:b4:f5:2e:fe:a7:fe:8d:c8:ba:2a:0c:ba:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:73:4D:86:AF:D2:72:8B:0B:3F:ED:4B:B8:6C:77:6A:8F:CA:24:F1
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FHNNhq_ScosLP-1LuGx3ao_KJPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.53.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b7:6e:72:55:aa:a1:24:ee:7c:0a:53:ee:4f:37:f2:fb:c2:
5f:06:f5:9c:f6:48:14:44:63:da:9d:ed:ad:09:2b:e2:72:f0:
89:ac:31:93:bd:12:6e:e8:1b:07:ab:9f:63:e4:66:20:a5:48:
12:15:85:98:11:51:00:25:78:24:b6:5c:8d:bd:6e:c3:da:74:
11:a7:d9:97:0e:81:77:12:a5:31:c2:88:75:d4:2a:0e:7a:7a:
f6:fd:5f:02:69:7b:c4:88:cd:b4:a9:0e:e4:64:ea:eb:ba:70:
c2:29:61:e3:d2:21:61:aa:ab:8c:04:67:8b:39:16:44:25:77:
3a:83:5e:52:98:26:fa:93:87:7b:47:0c:c7:3f:83:24:e8:29:
38:db:37:16:e0:48:e8:af:a3:bf:51:a2:f4:37:dd:17:22:a9:
a3:03:15:1d:48:0e:9b:05:5b:e6:25:14:35:52:6e:c9:eb:d2:
ac:c8:97:8b:47:f1:78:07:89:a2:d0:27:3f:28:d0:15:94:75:
f8:d7:96:34:32:da:aa:23:bb:a9:47:8b:34:04:21:e9:50:f3:
b6:c9:9c:36:24:60:ce:68:bf:a8:df:59:d6:96:61:90:62:da:
44:1f:8f:d8:06:7a:2c:42:6d:b7:3f:54:06:ef:04:28:65:71:
8b:38:16:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYoh55CnK0tWPkSL5rPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDczNGQ4NmFmZDI3MjhiMGIzZmVkNGJiODZjNzc2YThmY2EyNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4vTMbfAuKetlikucMJ1DBBNH4ns
lducEPuaIcfluIAvQTxM00ZZWH14Qav54KDN1XDrN2GxDZSsYDrpaGMKpoMaQKPn
8S4UKMbxRjcXmZSmjLYsGBWXKEs4jXvFMjZJ+4rjRpMXtmprIgiRBqo6jIExq/Z0
vq2nT5+RE3sfx3oKm5xUpKhXvAt521zsqv92ZS7/Go0chdPPuAnSGnEy279MBy6b
e38Pq3D/KdEzl+oYsu55iPj8sVWZ/V27r+4ahiRRwwkwjkwvRC/+jDI714qzvXAP
8bI7JFjt8YvZ36wtxh5rVcnsk5ULRbx0c2J4BLe09S7+p/6NyLoqDLoEnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRzTYav0nKLCz/tS7hsd2qPyiTxMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRkhOTmhxX1Njb3NMUC0xTHVHeDNhb19LSlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv01MA0G
CSqGSIb3DQEBCwUAA4IBAQCLt25yVaqhJO58ClPuTzfy+8JfBvWc9kgURGPane2t
CSvicvCJrDGTvRJu6BsHq59j5GYgpUgSFYWYEVEAJXgktlyNvW7D2nQRp9mXDoF3
EqUxwoh11CoOenr2/V8CaXvEiM20qQ7kZOrrunDCKWHj0iFhqquMBGeLORZEJXc6
g15SmCb6k4d7RwzHP4Mk6Ck42zcW4Ejor6O/UaL0N90XIqmjAxUdSA6bBVvmJRQ1
Um7J69KsyJeLR/F4B4mi0Cc/KNAVlHX415Y0MtqqI7upR4s0BCHpUPO2yZw2JGDO
aL+o31nWlmGQYtpEH4/YBnosQm23P1QG7wQoZXGLOBas
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:18 2025 by rpki-client