Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mPTGE-wYqWx7lWV7Nl-Z-0xm9Yk.roa
File: mPTGE-wYqWx7lWV7Nl-Z-0xm9Yk.roa (raw, json)
Hash identifier: RluALd42d9BpSQOIRrAMSgaxv/D/JxLnMYIg5N0MuA8=
Subject key identifier: 98:F4:C6:13:EC:18:A9:6C:7B:95:65:7B:36:5F:99:FB:4C:66:F5:89
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B582D06701E5D70480934781C98DE9
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mPTGE-wYqWx7lWV7Nl-Z-0xm9Yk.roa
Signing time: Thu 02 Jan 2025 15:49:54 +0000
ROA not before: Thu 02 Jan 2025 15:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46844
IP address blocks: 178.253.16.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:82:d0:67:01:e5:d7:04:80:93:47:81:c9:8d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f4c613ec18a96c7b95657b365f99fb4c66f589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:16:44:61:81:73:57:22:32:41:79:ef:53:
d5:be:83:a7:1c:26:cb:3a:50:85:92:cf:c9:83:5a:
ee:f0:04:d7:5e:82:72:e6:aa:5f:cb:9f:4d:cc:86:
7e:09:0b:9c:69:84:6b:ed:58:7b:82:e0:f9:0d:d9:
68:e3:72:56:ae:84:9f:f3:ee:7f:cb:be:8b:58:78:
8e:0e:42:10:41:0b:02:01:31:0e:0f:b3:e7:14:27:
45:ae:b8:e9:29:30:ba:b1:98:f7:c7:30:ed:63:f4:
1c:fd:43:2d:3b:77:e8:1b:9c:e0:c8:be:63:b7:9a:
32:31:8d:07:79:79:af:c6:71:59:86:ea:bf:31:46:
fd:75:0f:11:d2:0b:40:cb:ae:85:4c:58:58:d2:55:
56:f1:d3:ff:3e:32:b8:28:6d:1e:e1:4b:b8:36:0c:
f0:02:f9:85:23:ba:d7:02:b0:87:26:5f:e7:f9:67:
9b:fb:d5:9f:ed:83:6c:fb:5e:e7:e7:4a:8d:4a:28:
a0:32:6c:91:8e:0f:ef:af:e5:f9:87:ab:04:7d:ae:
e1:28:65:31:0b:44:e7:aa:5c:24:73:f5:70:0f:c6:
39:1b:22:86:5e:b0:55:af:e2:97:70:c1:0b:ca:33:
a9:9c:3b:f5:10:8e:5e:6e:18:f6:d9:b5:8d:4c:00:
7b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F4:C6:13:EC:18:A9:6C:7B:95:65:7B:36:5F:99:FB:4C:66:F5:89
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mPTGE-wYqWx7lWV7Nl-Z-0xm9Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.16.0/24
Signature Algorithm: sha256WithRSAEncryption
63:23:4e:0d:56:a5:8e:7f:c7:18:45:b2:ec:0b:51:15:8e:ec:
ba:a0:4d:f5:33:b1:e3:0a:74:5f:80:16:3e:76:52:57:59:9e:
4c:00:fa:65:cc:2e:7b:70:0f:05:95:a5:dd:8b:6d:38:a0:92:
60:9e:bd:08:e8:36:73:c6:b8:a2:66:5e:bd:0b:e3:19:d0:fe:
09:5a:eb:5c:ce:63:3c:53:27:fc:bf:26:c5:e5:4d:fd:c5:bd:
48:59:64:0d:2f:bc:8b:83:9a:3f:41:3e:e3:3b:93:90:8d:09:
b5:0a:63:ee:53:57:dd:65:97:d7:d6:5b:96:d8:ed:e4:0e:c6:
37:14:10:a1:44:93:1a:f7:f7:3f:f8:1c:46:ac:0d:34:d9:7f:
b9:7b:ad:c9:a7:ce:9b:d8:b4:26:7c:a8:7a:37:06:14:82:25:
86:2f:8d:02:12:39:07:a6:6c:d3:d6:5b:aa:f8:02:b2:20:d2:
3c:59:6e:e3:bb:d9:9f:ee:88:4d:ce:dd:80:12:1b:b4:3e:87:
85:9c:07:33:4b:e3:d4:a9:7c:6a:45:45:69:b7:ae:56:64:d6:
c9:ea:d5:6b:f4:9a:27:41:00:36:af:6f:6d:f9:2a:94:df:6a:
2e:09:b4:33:74:8c:38:b2:04:8b:e0:ba:69:fd:62:b7:c4:a9:
23:94:0a:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYLQZwHl1wSAk0eByY3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY0YzYxM2VjMThhOTZjN2I5NTY1N2IzNjVmOTlmYjRjNjZmNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC0WRGGBc1ciMkF571PVvoOnHCbL
OlCFks/Jg1ru8ATXXoJy5qpfy59NzIZ+CQucaYRr7Vh7guD5Ddlo43JWroSf8+5/
y76LWHiODkIQQQsCATEOD7PnFCdFrrjpKTC6sZj3xzDtY/Qc/UMtO3foG5zgyL5j
t5oyMY0HeXmvxnFZhuq/MUb9dQ8R0gtAy66FTFhY0lVW8dP/PjK4KG0e4Uu4Ngzw
AvmFI7rXArCHJl/n+Web+9Wf7YNs+17n50qNSiigMmyRjg/vr+X5h6sEfa7hKGUx
C0Tnqlwkc/VwD8Y5GyKGXrBVr+KXcMELyjOpnDv1EI5ebhj22bWNTAB79wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJj0xhPsGKlse5VlezZfmftMZvWJMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbVBUR0Utd1lxV3g3bFdWN05sLVotMHhtOVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv0QMA0G
CSqGSIb3DQEBCwUAA4IBAQBjI04NVqWOf8cYRbLsC1EVjuy6oE31M7HjCnRfgBY+
dlJXWZ5MAPplzC57cA8FlaXdi204oJJgnr0I6DZzxriiZl69C+MZ0P4JWutczmM8
Uyf8vybF5U39xb1IWWQNL7yLg5o/QT7jO5OQjQm1CmPuU1fdZZfX1luW2O3kDsY3
FBChRJMa9/c/+BxGrA002X+5e63Jp86b2LQmfKh6NwYUgiWGL40CEjkHpmzT1luq
+AKyINI8WW7ju9mf7ohNzt2AEhu0PoeFnAczS+PUqXxqRUVpt65WZNbJ6tVr9Jon
QQA2r29t+SqU32ouCbQzdIw4sgSL4Lpp/WK3xKkjlAr/
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:23 2025 by rpki-client