Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zdl8pKTFw81LF4Z61Ut_Kj0UZpQ.roa
File: zdl8pKTFw81LF4Z61Ut_Kj0UZpQ.roa (raw, json)
Hash identifier: isldhwIpAEjDmR5AihOrEPBEVrlaDD099cJ6A4lgwc0=
Subject key identifier: CD:D9:7C:A4:A4:C5:C3:CD:4B:17:86:7A:D5:4B:7F:2A:3D:14:66:94
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58C18657FE0C19A1E25462FEB2022
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zdl8pKTFw81LF4Z61Ut_Kj0UZpQ.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215151
IP address blocks: 178.253.52.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8c:18:65:7f:e0:c1:9a:1e:25:46:2f:eb:20:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdd97ca4a4c5c3cd4b17867ad54b7f2a3d146694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:db:72:49:57:fc:25:26:2a:b1:d0:7f:c2:
cc:b3:cd:18:1e:94:fa:33:10:25:cc:51:56:01:d6:
e3:cd:44:43:7c:a1:f5:5b:3e:eb:d5:da:0e:1f:8c:
34:70:aa:cb:a1:6a:30:7d:a5:78:ff:78:0b:83:cd:
dc:27:90:74:10:d9:d7:f7:99:2c:7c:52:18:fb:e5:
d2:30:80:90:2b:ec:23:e9:ee:8f:79:0b:41:9a:a3:
a5:b1:58:78:7c:13:1e:ad:12:3f:bd:b9:d1:b1:07:
f2:0f:ff:84:26:bc:9f:0c:e5:c2:2f:7c:86:e4:57:
37:35:3f:c3:4e:3a:b7:a6:3d:9b:76:3b:12:7d:cb:
42:48:b5:87:eb:e3:2c:4b:eb:88:b6:14:ab:74:cc:
4f:dd:87:b6:da:1b:3f:ff:c3:63:e1:f3:94:37:76:
46:ec:84:49:71:cf:11:fc:14:b3:44:b1:ff:0b:10:
63:1f:24:36:ba:f7:36:56:c1:14:3f:ef:b0:d7:68:
aa:b8:1a:a4:b5:2f:65:e8:25:51:3f:4c:57:f2:a0:
26:c3:d4:4c:98:07:c0:13:b4:99:1c:7d:da:ec:c3:
88:9c:5c:0a:30:a7:4d:7d:28:a2:06:c5:e0:24:12:
a3:03:2d:1b:20:94:9f:c4:ac:36:b5:2d:13:31:1f:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D9:7C:A4:A4:C5:C3:CD:4B:17:86:7A:D5:4B:7F:2A:3D:14:66:94
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/zdl8pKTFw81LF4Z61Ut_Kj0UZpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
07:eb:a5:d2:c0:7d:f9:4c:de:1f:12:fd:77:39:cd:cd:40:e1:
73:ec:df:78:f6:fe:76:6a:a0:ab:fe:65:65:0c:b6:6b:2c:69:
81:02:36:4a:34:03:8f:ed:5c:1a:ad:b4:3a:8b:66:d6:8f:27:
0d:29:c2:41:7a:26:d4:02:c0:e9:a6:94:0e:4e:6c:74:c0:f1:
49:b0:80:87:04:66:c1:37:d4:8f:6e:6a:6f:68:1c:65:4d:8b:
2b:28:63:67:de:d5:7e:70:db:46:28:32:e3:94:2f:1a:d1:c6:
4d:b7:42:d1:e0:38:e7:4f:ba:e0:4b:4e:42:6d:40:de:71:f4:
82:e8:ff:20:c0:07:b5:c9:1f:6b:23:76:4d:20:aa:35:ee:48:
8f:8c:74:ff:cd:ee:cf:7a:c9:84:b2:da:34:fa:b5:16:d3:fd:
b3:cd:ae:95:66:1f:d4:ff:1a:69:8d:21:c3:27:00:de:df:f1:
57:d0:e1:0d:83:6b:e8:ca:c8:f2:da:f9:80:7c:32:c1:3c:af:
2e:fd:46:47:98:40:c1:6f:18:8c:f4:f9:98:14:62:cd:6c:5f:
c1:be:e2:35:ad:52:97:f8:0f:a0:3c:d6:a1:52:6e:3c:d1:3c:
8c:16:2d:d0:de:75:bc:fc:87:3a:1c:a7:a7:7e:de:fe:5b:2a:
e9:1f:f4:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYwYZX/gwZoeJUYv6yAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ5N2NhNGE0YzVjM2NkNGIxNzg2N2FkNTRiN2YyYTNkMTQ2Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3jbcklX/CUmKrHQf8LMs80YHpT6
MxAlzFFWAdbjzURDfKH1Wz7r1doOH4w0cKrLoWowfaV4/3gLg83cJ5B0ENnX95ks
fFIY++XSMICQK+wj6e6PeQtBmqOlsVh4fBMerRI/vbnRsQfyD/+EJryfDOXCL3yG
5Fc3NT/DTjq3pj2bdjsSfctCSLWH6+MsS+uIthSrdMxP3Ye22hs//8Nj4fOUN3ZG
7IRJcc8R/BSzRLH/CxBjHyQ2uvc2VsEUP++w12iquBqktS9l6CVRP0xX8qAmw9RM
mAfAE7SZHH3a7MOInFwKMKdNfSiiBsXgJBKjAy0bIJSfxKw2tS0TMR/c6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM3ZfKSkxcPNSxeGetVLfyo9FGaUMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvemRsOHBLVEZ3ODFMRjRaNjFVdF9LajBVWnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv00MA0G
CSqGSIb3DQEBCwUAA4IBAQAH66XSwH35TN4fEv13Oc3NQOFz7N949v52aqCr/mVl
DLZrLGmBAjZKNAOP7VwarbQ6i2bWjycNKcJBeibUAsDpppQOTmx0wPFJsICHBGbB
N9SPbmpvaBxlTYsrKGNn3tV+cNtGKDLjlC8a0cZNt0LR4DjnT7rgS05CbUDecfSC
6P8gwAe1yR9rI3ZNIKo17kiPjHT/ze7PesmEsto0+rUW0/2zza6VZh/U/xppjSHD
JwDe3/FX0OENg2voysjy2vmAfDLBPK8u/UZHmEDBbxiM9PmYFGLNbF/BvuI1rVKX
+A+gPNahUm480TyMFi3Q3nW8/Ic6HKenft7+WyrpH/TA
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:40:26 2025 by rpki-client