Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L34wn-hHqyPPvLrWyY6cfdsWUt0.roa
File: L34wn-hHqyPPvLrWyY6cfdsWUt0.roa (raw, json)
Hash identifier: 66KyWu3kyLqCJLlv49IL5e1VJn0cSk6u5v3ducEQTJw=
Subject key identifier: 2F:7E:30:9F:E8:47:AB:23:CF:BC:BA:D6:C9:8E:9C:7D:DB:16:52:DD
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B5878B145C4EE23AB10E941E4606D0
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L34wn-hHqyPPvLrWyY6cfdsWUt0.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61112
IP address blocks: 178.253.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:87:8b:14:5c:4e:e2:3a:b1:0e:94:1e:46:06:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f7e309fe847ab23cfbcbad6c98e9c7ddb1652dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:1f:89:2a:d9:7a:65:41:d8:b8:d0:d0:8e:
f5:a2:c9:2c:04:4f:c9:cf:f1:79:ba:ed:ec:bd:73:
a5:19:6e:f6:de:62:68:7a:33:83:c6:e9:37:e9:1e:
c8:5b:ca:d1:22:36:63:a2:6c:68:98:32:a2:27:53:
4c:99:71:71:7e:51:7b:f9:06:56:05:54:08:bc:4f:
7b:1c:73:65:e8:19:cd:b3:dd:fb:df:64:bd:22:15:
96:96:ba:f8:40:9a:23:a6:fd:78:39:e5:d6:b4:de:
2f:79:f6:8b:25:d7:d9:2a:9a:b4:6d:16:11:38:41:
1e:e2:d7:08:8e:86:7f:92:4c:50:b3:a6:b5:c6:04:
c2:86:0b:64:08:fd:34:ee:cc:8b:54:58:e3:b1:f4:
d8:2c:56:5f:67:45:a8:ce:a4:28:4e:f4:b0:8e:6d:
85:8d:25:7f:b6:95:97:79:51:a9:5e:ee:96:0e:ce:
81:61:95:56:74:29:99:61:f9:0a:40:51:54:c8:b3:
0b:be:e4:cb:ff:a4:20:55:48:c7:ed:61:cb:cc:57:
c1:ea:dc:0a:a1:98:ce:b6:c2:44:13:32:01:b4:7b:
5c:2d:7e:e6:4b:4b:65:54:ae:6f:84:37:f2:db:85:
98:a1:bd:30:07:c0:6f:ba:15:8e:fb:7a:74:52:46:
bf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7E:30:9F:E8:47:AB:23:CF:BC:BA:D6:C9:8E:9C:7D:DB:16:52:DD
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/L34wn-hHqyPPvLrWyY6cfdsWUt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
10:1c:08:f9:ab:40:b4:12:a5:3f:16:98:73:03:36:3e:24:63:
bb:80:f2:c6:cb:fc:67:46:ae:a2:74:c9:29:12:32:0d:36:26:
e6:d2:4e:4c:31:df:a3:a7:fa:52:aa:b8:95:f8:e5:8a:79:47:
86:0b:1b:fb:19:8d:c1:e7:8a:b7:bb:41:af:3e:2b:25:43:80:
2d:d3:07:30:a6:e9:c1:c0:d5:c8:ed:5f:a4:17:dc:6a:f7:28:
4f:f8:5a:de:24:d2:1b:61:db:ff:4c:f5:e9:66:d6:37:7f:a5:
12:48:88:4f:0b:b4:53:0c:93:63:c1:72:36:83:57:bb:2a:ae:
5a:af:10:bc:03:76:f9:93:3e:2d:8e:31:66:0b:fb:72:9c:d2:
93:7c:0d:0e:8e:a2:a3:a3:36:b9:04:0e:14:82:ac:ce:dd:45:
8b:f8:a6:78:44:56:07:27:96:b8:e3:26:db:a0:2c:9a:b6:1f:
4e:9c:b0:ba:2e:a3:34:ec:cf:b6:95:7c:64:f4:95:19:13:a0:
47:1d:20:76:67:a9:b1:71:c8:15:dc:b0:46:df:bc:65:2c:f8:
cb:0c:a0:a3:0c:9e:e5:bd:07:41:b0:6e:9e:b5:b1:6e:54:49:
45:f0:ee:9a:e6:d1:ba:32:2e:66:36:05:af:33:72:95:a1:38:
28:94:54:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYeLFFxO4jqxDpQeRgbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdlMzA5ZmU4NDdhYjIzY2ZiY2JhZDZjOThlOWM3ZGRiMTY1MmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUEfiSrZemVB2LjQ0I71osksBE/J
z/F5uu3svXOlGW723mJoejODxuk36R7IW8rRIjZjomxomDKiJ1NMmXFxflF7+QZW
BVQIvE97HHNl6BnNs93732S9IhWWlrr4QJojpv14OeXWtN4vefaLJdfZKpq0bRYR
OEEe4tcIjoZ/kkxQs6a1xgTChgtkCP007syLVFjjsfTYLFZfZ0WozqQoTvSwjm2F
jSV/tpWXeVGpXu6WDs6BYZVWdCmZYfkKQFFUyLMLvuTL/6QgVUjH7WHLzFfB6twK
oZjOtsJEEzIBtHtcLX7mS0tlVK5vhDfy24WYob0wB8BvuhWO+3p0Uka/+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9+MJ/oR6sjz7y61smOnH3bFlLdMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTDM0d24taEhxeVBQdkxyV3lZNmNmZHNXVXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv0gMA0G
CSqGSIb3DQEBCwUAA4IBAQAQHAj5q0C0EqU/FphzAzY+JGO7gPLGy/xnRq6idMkp
EjINNibm0k5MMd+jp/pSqriV+OWKeUeGCxv7GY3B54q3u0GvPislQ4At0wcwpunB
wNXI7V+kF9xq9yhP+FreJNIbYdv/TPXpZtY3f6USSIhPC7RTDJNjwXI2g1e7Kq5a
rxC8A3b5kz4tjjFmC/tynNKTfA0OjqKjoza5BA4UgqzO3UWL+KZ4RFYHJ5a44ybb
oCyath9OnLC6LqM07M+2lXxk9JUZE6BHHSB2Z6mxccgV3LBG37xlLPjLDKCjDJ7l
vQdBsG6etbFuVElF8O6a5tG6Mi5mNgWvM3KVoTgolFRP
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:51:52 2025 by rpki-client