Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1Wr7PAcDOMDJiQkCiUyeHtCojdw.roa
File: 1Wr7PAcDOMDJiQkCiUyeHtCojdw.roa (raw, json)
Hash identifier: V8HZ1cM/dwjFQvbUk/KBbTvzzfE26zr2jM/Pl2WHOxQ=
Subject key identifier: D5:6A:FB:3C:07:03:38:C0:C9:89:09:02:89:4C:9E:1E:D0:A8:8D:DC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01832268E8500B87AF54891958864C031839
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1Wr7PAcDOMDJiQkCiUyeHtCojdw.roa
Signing time: Fri 09 Sep 2022 13:20:44 +0000
ROA not before: Fri 09 Sep 2022 13:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 178.210.249.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:68:e8:50:0b:87:af:54:89:19:58:86:4c:03:18:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 9 13:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d56afb3c070338c0c9890902894c9e1ed0a88ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8e:50:2b:5e:c4:bc:88:4f:14:65:b3:76:81:
b3:12:8a:54:b7:dd:15:c5:9d:33:ba:d7:9a:12:6c:
1a:04:2f:dd:7c:94:10:43:7e:73:3e:0e:5c:5a:94:
85:0d:55:a2:f4:69:9a:19:74:2b:09:f3:60:bd:63:
86:91:7a:94:95:58:eb:0b:33:ac:fc:17:8d:94:b2:
ce:7d:8d:e4:dc:73:5a:e7:23:cf:fc:83:e8:db:b0:
de:7c:f5:02:86:91:88:97:43:f4:6d:55:2d:27:62:
af:1c:4d:b7:de:97:02:fd:13:7e:8e:33:43:68:19:
17:c2:7b:b7:ed:69:b3:0b:a2:d1:11:e1:97:56:c7:
cf:ea:35:f7:05:ad:5c:89:3e:80:57:be:8b:35:d2:
5e:7b:06:c8:51:45:94:c3:9c:93:2a:0b:97:cd:e0:
76:eb:6a:65:26:f9:e7:ad:6d:80:1f:b4:93:cf:b5:
b5:1f:37:5c:6f:68:3f:5e:ea:c3:dd:cf:24:be:69:
e0:b2:ab:2a:e6:2c:8e:f1:56:0b:cd:0a:73:38:a5:
11:f0:e8:a3:0c:98:d1:f1:2e:30:e9:f1:f2:aa:bb:
f6:2d:06:50:00:02:63:85:87:e4:34:91:71:53:58:
a9:d0:37:c9:be:57:5f:33:45:65:cd:2f:86:02:14:
eb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:6A:FB:3C:07:03:38:C0:C9:89:09:02:89:4C:9E:1E:D0:A8:8D:DC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1Wr7PAcDOMDJiQkCiUyeHtCojdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.207.0/24
178.210.249.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:17:12:fc:65:64:20:0d:42:ac:e4:ad:94:49:6b:39:8f:20:
96:64:13:15:21:ac:49:84:6c:28:0a:d3:16:6e:b5:9a:59:f6:
e8:e5:04:11:4e:46:9e:45:16:70:54:7d:17:f4:44:60:93:1e:
ba:c9:c0:46:70:78:8d:3f:3e:07:f5:1c:6d:0d:ce:a5:81:33:
f8:29:e4:ae:f7:a6:49:bc:36:d3:b3:93:65:9e:97:5c:05:be:
cf:ae:97:7d:52:d9:76:f2:49:30:11:e9:a1:65:99:c1:1c:48:
55:fe:9e:5a:42:2f:3d:91:f9:16:74:d9:94:37:87:a3:57:8b:
8d:18:68:35:71:a7:99:06:cc:c0:8e:88:7a:d9:19:0d:de:12:
cd:ae:93:f9:4c:61:b1:d1:8f:b1:65:b0:f9:3e:aa:8e:e7:7f:
67:de:b6:ed:6f:32:60:7d:00:7c:60:64:6e:fd:6b:5a:d4:55:
69:47:30:91:bc:e6:1a:12:1b:5b:cf:db:44:e3:4d:7f:2a:97:
87:f5:94:db:3c:b2:72:76:ba:a2:09:ac:3d:19:c5:f3:a2:9c:
58:54:70:35:12:de:7c:ea:68:c6:82:60:3a:15:54:b8:f9:9b:
05:ba:85:b4:58:fd:38:7c:f1:d3:22:9a:3f:10:25:e8:c8:40:
81:45:4c:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMiaOhQC4evVIkZWIZMAxg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwOTA5MTMyMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTZhZmIzYzA3MDMzOGMwYzk4OTA5MDI4OTRjOWUxZWQwYTg4ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI5QK17EvIhPFGWzdoGzEopUt90V
xZ0zuteaEmwaBC/dfJQQQ35zPg5cWpSFDVWi9GmaGXQrCfNgvWOGkXqUlVjrCzOs
/BeNlLLOfY3k3HNa5yPP/IPo27DefPUChpGIl0P0bVUtJ2KvHE233pcC/RN+jjND
aBkXwnu37WmzC6LREeGXVsfP6jX3Ba1ciT6AV76LNdJeewbIUUWUw5yTKguXzeB2
62plJvnnrW2AH7STz7W1Hzdcb2g/XurD3c8kvmngsqsq5iyO8VYLzQpzOKUR8Oij
DJjR8S4w6fHyqrv2LQZQAAJjhYfkNJFxU1ip0DfJvldfM0VlzS+GAhTrxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVq+zwHAzjAyYkJAolMnh7QqI3cMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMVdyN1BBY0RPTURKaVFrQ2lVeWVIdENvamR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHPAwQA
stL5MA0GCSqGSIb3DQEBCwUAA4IBAQBMFxL8ZWQgDUKs5K2USWs5jyCWZBMVIaxJ
hGwoCtMWbrWaWfbo5QQRTkaeRRZwVH0X9ERgkx66ycBGcHiNPz4H9RxtDc6lgTP4
KeSu96ZJvDbTs5NlnpdcBb7Prpd9Utl28kkwEemhZZnBHEhV/p5aQi89kfkWdNmU
N4ejV4uNGGg1caeZBszAjoh62RkN3hLNrpP5TGGx0Y+xZbD5PqqO539n3rbtbzJg
fQB8YGRu/Wta1FVpRzCRvOYaEhtbz9tE401/KpeH9ZTbPLJydrqiCaw9GcXzopxY
VHA1Et586mjGgmA6FVS4+ZsFuoW0WP04fPHTIpo/ECXoyECBRUxN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org