Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/31r3vf7uK5hdJHgbbIYWLDftOfg.roa
File: 31r3vf7uK5hdJHgbbIYWLDftOfg.roa (raw, json)
Hash identifier: Bk9sWJRXRLh9oodR4+uhs5TGTLY6LIwHIOQ2nqJpPvY=
Subject key identifier: DF:5A:F7:BD:FE:EE:2B:98:5D:24:78:1B:6C:86:16:2C:37:ED:39:F8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018BA3BB80739BF2A2ABE8EB97F7F24B909D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/31r3vf7uK5hdJHgbbIYWLDftOfg.roa
Signing time: Mon 06 Nov 2023 08:24:16 +0000
ROA not before: Mon 06 Nov 2023 08:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 178.210.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:bb:80:73:9b:f2:a2:ab:e8:eb:97:f7:f2:4b:90:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 6 08:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df5af7bdfeee2b985d24781b6c86162c37ed39f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:7d:2d:c0:94:b3:66:6c:40:08:2a:0b:fd:
fc:24:82:af:01:a8:b0:48:4d:69:1a:bc:24:06:47:
c6:77:7c:d2:6f:0d:11:a2:c4:a7:a7:4e:26:54:a9:
ea:e3:66:05:e4:62:fb:d2:67:62:8f:82:5d:53:fb:
e7:1a:08:60:96:69:74:d1:c2:26:35:8d:84:20:25:
e0:be:8d:11:ec:80:aa:d2:c0:11:34:39:d5:de:5b:
fa:39:b3:d4:c6:14:ff:55:8e:c8:ce:08:91:b4:41:
0b:8e:f4:2d:f9:c2:d4:b2:18:b9:99:0c:4e:16:30:
75:34:56:d3:12:c5:24:b1:b0:16:b9:0b:83:88:bb:
77:ac:e9:22:66:7a:9c:20:34:a5:85:a5:d5:45:15:
23:f1:06:a7:0c:d2:00:58:44:64:2b:f5:46:b3:50:
0d:b8:aa:a6:de:e4:a8:97:f2:d4:fd:28:aa:ad:2c:
dc:dd:40:32:8d:6b:eb:f2:8c:a2:92:15:c6:96:8f:
b2:d6:64:87:e7:ce:1c:17:1f:a5:c2:8d:b0:1b:25:
8f:ad:9d:da:1a:d8:d7:4a:54:c0:d8:4b:5e:99:65:
5f:0c:91:26:78:b5:3f:2b:6b:21:56:99:d6:a0:b5:
b0:a3:9b:86:2c:f1:1c:01:f0:49:2b:5e:c3:7e:89:
7e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:5A:F7:BD:FE:EE:2B:98:5D:24:78:1B:6C:86:16:2C:37:ED:39:F8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/31r3vf7uK5hdJHgbbIYWLDftOfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.252.0/24
Signature Algorithm: sha256WithRSAEncryption
69:c0:37:d6:94:52:12:5b:61:11:38:56:e5:65:33:71:b5:de:
74:8f:88:14:5f:c9:57:74:04:1f:b5:3d:b1:20:d8:e0:7c:e8:
3c:9d:ae:57:33:61:d5:a6:7b:02:77:53:f5:c0:49:64:80:a6:
3e:fd:4d:52:43:1d:0e:da:16:f6:1a:e0:f6:55:f7:b9:8e:44:
70:9d:ac:d7:fc:01:1b:fd:1e:36:c2:6e:0c:77:58:9e:e5:19:
13:65:7e:30:ea:2d:46:f9:f4:9a:ed:f0:5f:ed:d3:47:10:c4:
e2:37:a4:be:b6:0a:95:f3:4b:3d:54:70:2c:9c:00:4b:5b:ab:
ef:c3:59:f6:35:6e:d4:a6:8d:d9:40:7d:cb:29:de:4a:f3:0a:
9c:42:60:1b:fd:4e:2f:e2:7b:24:e7:a9:d0:cf:93:46:bb:be:
b6:a5:3e:fe:0c:bd:35:ab:b2:bb:36:e3:b4:bc:87:80:1f:87:
3f:49:d0:55:44:fb:65:38:12:7d:11:ac:76:1a:8b:7b:a0:3b:
6b:3a:a3:2b:67:54:a9:b4:61:cc:9b:28:24:88:bf:3e:1f:ef:
84:7c:bf:0b:4f:72:7b:a1:e5:28:27:11:1a:aa:6f:48:67:58:
b7:f1:30:94:5f:89:77:f0:85:28:93:18:20:99:9c:59:22:15:
06:8e:e3:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuju4Bzm/Kiq+jrl/fyS5CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTA2MDgyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjVhZjdiZGZlZWUyYjk4NWQyNDc4MWI2Yzg2MTYyYzM3ZWQzOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuN9LcCUs2ZsQAgqC/38JIKvAaiw
SE1pGrwkBkfGd3zSbw0RosSnp04mVKnq42YF5GL70mdij4JdU/vnGghglml00cIm
NY2EICXgvo0R7ICq0sARNDnV3lv6ObPUxhT/VY7IzgiRtEELjvQt+cLUshi5mQxO
FjB1NFbTEsUksbAWuQuDiLt3rOkiZnqcIDSlhaXVRRUj8QanDNIAWERkK/VGs1AN
uKqm3uSol/LU/SiqrSzc3UAyjWvr8oyikhXGlo+y1mSH584cFx+lwo2wGyWPrZ3a
GtjXSlTA2EtemWVfDJEmeLU/K2shVpnWoLWwo5uGLPEcAfBJK17Dfol+1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9a973+7iuYXSR4G2yGFiw37Tn4MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMzFyM3ZmN3VLNWhkSkhnYmJJWVdMRGZ0T2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL8MA0G
CSqGSIb3DQEBCwUAA4IBAQBpwDfWlFISW2EROFblZTNxtd50j4gUX8lXdAQftT2x
INjgfOg8na5XM2HVpnsCd1P1wElkgKY+/U1SQx0O2hb2GuD2Vfe5jkRwnazX/AEb
/R42wm4Md1ie5RkTZX4w6i1G+fSa7fBf7dNHEMTiN6S+tgqV80s9VHAsnABLW6vv
w1n2NW7Upo3ZQH3LKd5K8wqcQmAb/U4v4nsk56nQz5NGu762pT7+DL01q7K7NuO0
vIeAH4c/SdBVRPtlOBJ9Eax2Got7oDtrOqMrZ1SptGHMmygkiL8+H++EfL8LT3J7
oeUoJxEaqm9IZ1i38TCUX4l38IUokxggmZxZIhUGjuPL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org