Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-6kozceY8zx41CSBwUzLpyjfRSA.roa
File: 1-6kozceY8zx41CSBwUzLpyjfRSA.roa (raw, json)
Hash identifier: dxFu8UL704c4LkEGjmNScPaDKbeH/EF9gV8TLNX/eQQ=
Subject key identifier: FB:A9:28:CD:C7:98:F3:3C:78:D4:24:81:C1:4C:CB:A7:28:DF:45:20
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018EA4774B7F6A51AE51B55819B19771C0DD
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-6kozceY8zx41CSBwUzLpyjfRSA.roa
Signing time: Wed 03 Apr 2024 14:57:45 +0000
ROA not before: Wed 03 Apr 2024 14:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 178.210.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:77:4b:7f:6a:51:ae:51:b5:58:19:b1:97:71:c0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 3 14:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fba928cdc798f33c78d42481c14ccba728df4520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:76:5a:80:3f:31:62:d3:a9:39:8c:b5:13:
18:ff:c5:fa:c9:19:cc:c8:a0:ce:e2:c2:4d:7c:45:
9b:a4:3e:b3:68:57:05:e4:61:f7:28:7b:c1:1e:76:
16:f7:39:a8:66:56:38:88:13:16:d5:7f:cf:47:41:
2d:01:1e:e5:09:70:ca:8f:e5:23:b6:61:57:0a:3f:
40:ac:1e:b5:e5:fc:9a:e6:37:cd:b7:96:5e:59:41:
7f:07:0c:0f:7d:a7:da:c1:35:30:f8:02:e7:c0:f9:
4a:2c:5f:51:41:70:a4:14:c2:f8:3b:67:6d:90:79:
c9:70:54:d7:aa:26:c8:a4:07:20:c7:d5:81:25:40:
92:13:8f:c9:d4:e2:40:b0:ff:97:90:a5:33:7f:3e:
ef:f0:eb:70:1a:bb:a6:5b:4e:91:82:6e:c5:e8:41:
af:2c:c2:d8:6c:c9:50:8b:d5:75:6f:63:97:6d:18:
0a:2a:79:f3:72:53:a7:73:65:2e:af:f1:f1:e5:9d:
ff:fc:a0:38:95:cc:4e:04:42:9e:2b:52:b8:64:af:
40:a5:ca:53:cf:fc:40:a7:19:df:ee:b9:97:a8:f8:
c7:92:bf:08:6f:fd:c6:b2:aa:72:a1:25:b1:5b:31:
ff:8c:99:5a:2a:77:5f:b6:bf:16:b2:ee:b1:23:ca:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A9:28:CD:C7:98:F3:3C:78:D4:24:81:C1:4C:CB:A7:28:DF:45:20
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-6kozceY8zx41CSBwUzLpyjfRSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.238.0/24
Signature Algorithm: sha256WithRSAEncryption
19:f9:bf:7a:f7:5f:9a:ea:63:b4:aa:8c:98:d4:61:5c:5f:aa:
1f:e1:4b:24:68:f0:b2:91:87:8f:ff:a6:2f:0c:76:d2:eb:73:
3b:63:c5:92:c4:88:42:e1:62:66:9c:ec:9b:d9:3b:62:a2:e0:
df:a4:f7:ae:7f:e2:29:1b:bc:7f:66:3d:10:f9:8c:3a:85:4d:
f3:67:0e:df:58:3c:91:8e:d4:54:25:0d:2b:23:b4:8c:ea:f7:
76:7e:4a:3d:6b:0d:fa:6d:ce:84:41:68:af:ab:a0:18:67:d2:
ca:a7:fe:ff:2d:00:b0:a6:8c:50:81:90:51:32:c7:fa:65:f8:
57:0f:bc:57:c5:2e:34:9f:16:8c:04:e7:e3:a9:2d:52:17:9e:
0e:70:a5:50:30:11:f5:8e:59:15:93:da:ea:d3:66:1c:1e:4c:
e9:e2:ee:50:54:a5:ff:8d:4e:0a:d8:6b:ce:24:5c:37:52:47:
0b:06:5d:d5:62:c7:50:3f:28:96:f4:9a:23:58:a1:79:ce:a9:
be:f2:f0:c9:e1:97:1f:36:10:93:d8:a3:be:2c:a4:2d:39:c0:
c6:55:3b:c7:fc:c7:1e:3e:0d:5c:24:80:94:d4:f4:44:62:b1:
4a:36:56:11:f0:85:c9:d6:f1:40:45:7e:7b:e1:c7:48:7c:ec:
db:09:66:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY6kd0t/alGuUbVYGbGXccDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNDAzMTQ1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE5MjhjZGM3OThmMzNjNzhkNDI0ODFjMTRjY2JhNzI4ZGY0NTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfR2WoA/MWLTqTmMtRMY/8X6yRnM
yKDO4sJNfEWbpD6zaFcF5GH3KHvBHnYW9zmoZlY4iBMW1X/PR0EtAR7lCXDKj+Uj
tmFXCj9ArB615fya5jfNt5ZeWUF/BwwPfafawTUw+ALnwPlKLF9RQXCkFML4O2dt
kHnJcFTXqibIpAcgx9WBJUCSE4/J1OJAsP+XkKUzfz7v8OtwGrumW06Rgm7F6EGv
LMLYbMlQi9V1b2OXbRgKKnnzclOnc2Uur/Hx5Z3//KA4lcxOBEKeK1K4ZK9ApcpT
z/xApxnf7rmXqPjHkr8Ib/3GsqpyoSWxWzH/jJlaKndftr8Wsu6xI8q/0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPupKM3HmPM8eNQkgcFMy6co30UgMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMS02a296Y2VZOHp4NDFDU0J3VXpMcHlqZlJTQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGQvNTg5MTI3LTEwOTYtNGM5MS05NmNjLTdlNGQ2ZjZmNmU2
Ni8xL3phcWc0SUkyQTJDczJqUjJaT3VERk9zUjJoQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLS7jAN
BgkqhkiG9w0BAQsFAAOCAQEAGfm/evdfmupjtKqMmNRhXF+qH+FLJGjwspGHj/+m
Lwx20utzO2PFksSIQuFiZpzsm9k7YqLg36T3rn/iKRu8f2Y9EPmMOoVN82cO31g8
kY7UVCUNKyO0jOr3dn5KPWsN+m3OhEFor6ugGGfSyqf+/y0AsKaMUIGQUTLH+mX4
Vw+8V8UuNJ8WjATn46ktUheeDnClUDAR9Y5ZFZPa6tNmHB5M6eLuUFSl/41OCthr
ziRcN1JHCwZd1WLHUD8olvSaI1ihec6pvvLwyeGXHzYQk9ijviykLTnAxlU7x/zH
Hj4NXCSAlNT0RGKxSjZWEfCFydbxQEV+e+HHSHzs2wlmTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org