Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/uKAXUbF2TNQhq8vuqoDdbUMnmS4.roa
File: uKAXUbF2TNQhq8vuqoDdbUMnmS4.roa (raw, json)
Hash identifier: Z0mTx1He3+Nk4txS2rZyfdKzdzKKGkc7GQPozM8y5fU=
Subject key identifier: B8:A0:17:51:B1:76:4C:D4:21:AB:CB:EE:AA:80:DD:6D:43:27:99:2E
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B586CA1AB44B8C5C4D711F7245939B
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/uKAXUbF2TNQhq8vuqoDdbUMnmS4.roa
Signing time: Thu 02 Jan 2025 15:49:55 +0000
ROA not before: Thu 02 Jan 2025 15:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60068
IP address blocks: 178.253.16.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:86:ca:1a:b4:4b:8c:5c:4d:71:1f:72:45:93:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8a01751b1764cd421abcbeeaa80dd6d4327992e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:38:1f:ca:e8:a8:ca:34:fa:4e:98:71:cb:
9a:d3:68:06:f0:32:55:eb:9f:96:96:83:c0:6a:d8:
d6:49:ca:85:02:b9:1c:e1:a0:81:ed:08:d6:d7:3b:
c4:98:38:a5:f5:46:5b:06:20:46:61:1e:84:1e:a1:
69:8c:aa:66:e3:8b:d4:eb:93:24:a0:31:5a:dd:6d:
3f:31:bf:b6:4f:fe:1d:b0:bb:4d:94:30:65:d5:32:
49:45:c4:cf:f3:df:23:5c:d1:ec:bc:f1:54:ec:fc:
c9:83:6b:31:aa:94:c3:6b:36:d6:ce:34:7d:97:8f:
b2:26:21:db:50:04:5b:b3:cb:65:ff:a2:cd:78:4e:
6d:0a:04:95:99:a9:e1:1a:5f:2a:68:47:08:55:64:
39:8b:b1:6d:e7:59:50:ce:80:34:71:1e:b3:7c:3b:
d7:15:bc:27:6c:c3:ce:76:a7:e1:1a:31:1b:b5:8b:
06:39:1b:5c:4a:dc:38:2a:93:91:1e:59:2e:0c:3a:
56:a9:7e:d1:d0:5f:1a:70:92:c6:4b:92:81:b2:4e:
64:bb:79:da:32:a0:0a:3b:0a:b3:99:65:b0:4a:55:
11:18:8b:5d:8e:fd:ea:f8:25:cc:76:53:1f:09:37:
32:c0:72:74:de:43:62:a9:bd:fd:27:8a:f4:80:2e:
2c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A0:17:51:B1:76:4C:D4:21:AB:CB:EE:AA:80:DD:6D:43:27:99:2E
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/uKAXUbF2TNQhq8vuqoDdbUMnmS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.16.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:af:ca:59:56:22:bc:b0:68:78:62:81:85:fa:67:3f:0c:5e:
ac:69:41:59:fa:5b:69:a5:1d:45:e7:86:41:2f:c1:70:8f:65:
93:c7:f1:2b:97:24:67:89:c7:88:d7:6d:7e:0f:52:14:b4:c8:
8e:1d:b6:8b:db:23:05:cc:40:95:20:6f:66:ae:56:0f:b8:33:
d7:de:6c:2c:01:03:11:b0:22:3e:08:16:e4:ef:35:51:3a:8d:
76:4f:2c:2a:ec:cb:d1:ef:0f:9f:62:44:ac:46:74:b9:12:9a:
2e:b3:14:54:f8:94:97:36:65:9c:3c:00:44:0e:b8:ab:f5:a0:
09:8a:92:9e:ee:b5:b3:38:38:80:9a:88:5a:71:db:ff:68:1a:
42:e5:b4:32:a9:7c:dc:21:7e:64:76:8d:95:ac:ae:2f:51:95:
2f:2c:e8:10:18:65:f5:8e:b5:e8:49:e5:9f:60:a9:f0:08:c0:
5b:95:ad:97:be:11:78:20:6c:87:18:26:d4:5d:b3:d6:3b:50:
ae:e2:ea:a9:91:81:02:cc:66:b9:29:2d:95:ce:3f:23:42:1a:
71:59:ef:c0:e0:cd:a1:4b:6c:58:83:e6:91:1a:9b:69:56:09:
f7:2b:49:55:3c:c2:56:ab:0f:9c:f8:cc:28:9c:f5:2f:dc:f0:
71:90:79:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYbKGrRLjFxNcR9yRZObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGEwMTc1MWIxNzY0Y2Q0MjFhYmNiZWVhYTgwZGQ2ZDQzMjc5OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoI4H8roqMo0+k6Yccua02gG8DJV
65+WloPAatjWScqFArkc4aCB7QjW1zvEmDil9UZbBiBGYR6EHqFpjKpm44vU65Mk
oDFa3W0/Mb+2T/4dsLtNlDBl1TJJRcTP898jXNHsvPFU7PzJg2sxqpTDazbWzjR9
l4+yJiHbUARbs8tl/6LNeE5tCgSVmanhGl8qaEcIVWQ5i7Ft51lQzoA0cR6zfDvX
FbwnbMPOdqfhGjEbtYsGORtcStw4KpORHlkuDDpWqX7R0F8acJLGS5KBsk5ku3na
MqAKOwqzmWWwSlURGItdjv3q+CXMdlMfCTcywHJ03kNiqb39J4r0gC4sIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLigF1GxdkzUIavL7qqA3W1DJ5kuMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvdUtBWFViRjJUTlFocTh2dXFvRGRiVU1ubVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsv0QMA0G
CSqGSIb3DQEBCwUAA4IBAQBrr8pZViK8sGh4YoGF+mc/DF6saUFZ+ltppR1F54ZB
L8Fwj2WTx/ErlyRniceI121+D1IUtMiOHbaL2yMFzECVIG9mrlYPuDPX3mwsAQMR
sCI+CBbk7zVROo12Tywq7MvR7w+fYkSsRnS5EpousxRU+JSXNmWcPABEDrir9aAJ
ipKe7rWzODiAmohacdv/aBpC5bQyqXzcIX5kdo2VrK4vUZUvLOgQGGX1jrXoSeWf
YKnwCMBbla2XvhF4IGyHGCbUXbPWO1Cu4uqpkYECzGa5KS2Vzj8jQhpxWe/A4M2h
S2xYg+aRGptpVgn3K0lVPMJWqw+c+MwonPUv3PBxkHka
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:52:19 2025 by rpki-client