Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bIs9Kt3lE1bUsRRAQLDNd8va3c4.roa
File: bIs9Kt3lE1bUsRRAQLDNd8va3c4.roa (raw, json)
Hash identifier: 3xbtwdQB3/dj3vfr8VYPhK87CS4JfB0LRud1pegoJfU=
Subject key identifier: 6C:8B:3D:2A:DD:E5:13:56:D4:B1:14:40:40:B0:CD:77:CB:DA:DD:CE
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B582945F571C55AE9553A22EB925F5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bIs9Kt3lE1bUsRRAQLDNd8va3c4.roa
Signing time: Thu 02 Jan 2025 15:49:54 +0000
ROA not before: Thu 02 Jan 2025 15:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41378
IP address blocks: 178.253.52.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:82:94:5f:57:1c:55:ae:95:53:a2:2e:b9:25:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c8b3d2adde51356d4b1144040b0cd77cbdaddce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:f2:88:91:d7:54:f7:eb:a6:da:35:77:90:
e6:29:19:81:e6:7f:9e:c3:24:4e:71:03:96:33:8c:
12:bd:fc:12:a1:91:6f:6a:69:1c:1d:d0:9d:ea:a3:
46:31:e1:2f:e6:b2:67:57:cd:55:b4:a9:de:d6:92:
69:7b:6f:1e:20:fc:04:a3:60:4a:3a:f9:b2:f7:70:
4e:fa:1b:5e:ef:7b:45:c5:21:fd:58:07:66:51:c9:
06:32:35:2c:c9:9d:a2:4a:68:c3:e7:de:6b:d3:54:
d2:b7:b7:9b:df:c0:79:62:c8:ee:a5:8e:95:ce:7e:
c9:6d:a0:1f:5f:ec:76:d0:08:7e:e5:03:99:d0:6a:
b4:05:5c:74:fe:ff:d4:0c:e6:0c:d9:06:00:09:3d:
db:74:ba:44:14:80:75:da:bc:e5:96:04:49:a5:06:
a5:5b:ef:e5:2c:58:10:05:21:52:da:db:4b:6f:9c:
84:4b:bf:fa:16:8b:c9:1d:5e:f0:13:ff:15:66:ee:
6c:0d:dc:d9:75:fc:c9:40:72:12:35:8e:86:f1:7e:
3a:1b:5a:99:72:75:57:8b:5c:a4:aa:ba:4c:3f:55:
c3:1e:61:74:6e:44:9d:f7:0e:a3:78:43:65:26:0d:
34:69:43:6a:c3:af:e3:7b:a0:11:1b:61:7f:6f:bc:
39:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8B:3D:2A:DD:E5:13:56:D4:B1:14:40:40:B0:CD:77:CB:DA:DD:CE
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/bIs9Kt3lE1bUsRRAQLDNd8va3c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
03:69:e0:81:03:90:7d:57:92:01:b6:dc:d0:43:01:3c:37:9e:
2f:42:da:00:50:c9:77:b0:2f:14:a3:98:6a:9b:55:ea:8e:0e:
b6:23:25:da:1c:6f:02:64:17:9c:4d:bb:d8:d1:12:f4:22:59:
e0:ed:52:70:ff:dc:02:3a:55:21:60:e8:07:8a:89:38:a5:6a:
7d:98:78:a0:1e:7f:53:d0:18:a6:5e:de:e7:77:a2:6a:52:99:
26:da:37:4c:40:5b:e4:65:b8:91:02:0b:79:91:18:e2:7b:ed:
05:41:1a:88:04:6e:ab:1a:c1:bf:5e:8c:cb:5e:3b:b5:c9:43:
9b:ba:ee:b6:18:f7:2f:cb:b7:55:a3:eb:8f:51:61:e9:30:d2:
fd:da:6b:98:71:d8:b4:cd:ce:62:7b:8b:77:c9:16:fc:e0:1a:
d1:ca:ab:82:0a:bb:20:0e:a8:18:aa:af:55:4e:7f:59:34:d0:
43:b1:d2:e3:c7:c8:b4:e9:75:1d:5e:9c:98:77:31:c1:8f:22:
c9:65:a6:6a:e4:cd:d3:00:7a:f6:95:a7:d2:ca:6e:3e:3b:af:
bb:b5:11:48:cd:9c:a1:e0:82:32:c8:95:a1:4a:9b:4f:99:a5:
90:01:4d:69:27:ab:02:bc:26:31:19:0d:9c:3d:e7:e4:e4:a5:
0f:ba:ec:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYKUX1ccVa6VU6IuuSX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhiM2QyYWRkZTUxMzU2ZDRiMTE0NDA0MGIwY2Q3N2NiZGFkZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq7yiJHXVPfrpto1d5DmKRmB5n+e
wyROcQOWM4wSvfwSoZFvamkcHdCd6qNGMeEv5rJnV81VtKne1pJpe28eIPwEo2BK
Ovmy93BO+hte73tFxSH9WAdmUckGMjUsyZ2iSmjD595r01TSt7eb38B5YsjupY6V
zn7JbaAfX+x20Ah+5QOZ0Gq0BVx0/v/UDOYM2QYACT3bdLpEFIB12rzllgRJpQal
W+/lLFgQBSFS2ttLb5yES7/6FovJHV7wE/8VZu5sDdzZdfzJQHISNY6G8X46G1qZ
cnVXi1ykqrpMP1XDHmF0bkSd9w6jeENlJg00aUNqw6/je6ARG2F/b7w5qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyLPSrd5RNW1LEUQECwzXfL2t3OMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvYklzOUt0M2xFMWJVc1JSQVFMRE5kOHZhM2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv00MA0G
CSqGSIb3DQEBCwUAA4IBAQADaeCBA5B9V5IBttzQQwE8N54vQtoAUMl3sC8Uo5hq
m1Xqjg62IyXaHG8CZBecTbvY0RL0Ilng7VJw/9wCOlUhYOgHiok4pWp9mHigHn9T
0BimXt7nd6JqUpkm2jdMQFvkZbiRAgt5kRjie+0FQRqIBG6rGsG/XozLXju1yUOb
uu62GPcvy7dVo+uPUWHpMNL92muYcdi0zc5ie4t3yRb84BrRyquCCrsgDqgYqq9V
Tn9ZNNBDsdLjx8i06XUdXpyYdzHBjyLJZaZq5M3TAHr2lafSym4+O6+7tRFIzZyh
4IIyyJWhSptPmaWQAU1pJ6sCvCYxGQ2cPefk5KUPuuyS
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:46:36 2025 by rpki-client