Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4zVb4donqTGkLuCWMWDuM13wqac.roa
File: 4zVb4donqTGkLuCWMWDuM13wqac.roa (raw, json)
Hash identifier: yGbJ/qnKUK6maIYjG3bRjhH5rFVIBFQ+mEP0EwbZJj0=
Subject key identifier: E3:35:5B:E1:DA:27:A9:31:A4:2E:E0:96:31:60:EE:33:5D:F0:A9:A7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824A6D25A7C9141C3011B38E41408AA60F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4zVb4donqTGkLuCWMWDuM13wqac.roa
Signing time: Fri 29 Jul 2022 14:47:23 +0000
ROA not before: Fri 29 Jul 2022 14:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25274
IP address blocks: 178.210.238.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:6d:25:a7:c9:14:1c:30:11:b3:8e:41:40:8a:a6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 29 14:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3355be1da27a931a42ee0963160ee335df0a9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:85:58:76:c5:c6:f7:b5:6a:6c:0a:b1:7f:a0:
59:9a:aa:84:1f:b9:30:c4:73:b4:ed:fd:b9:a4:89:
00:17:8f:35:47:3d:c4:52:80:d7:0b:47:1f:12:e4:
af:34:67:a0:94:3c:b3:3b:ef:f4:67:7e:4f:83:cb:
cb:65:d6:e7:54:76:30:72:79:17:c2:37:bf:20:1f:
4f:bb:dc:fc:fc:00:ba:49:6c:1a:aa:00:96:19:b9:
cd:26:82:f4:06:2e:04:16:2e:56:a9:6a:56:6b:79:
22:50:f7:4c:fe:8b:28:01:ef:f8:76:60:cb:02:f2:
00:cd:f3:56:c8:28:1b:20:4a:83:0b:67:00:5e:37:
85:c4:45:77:00:7a:e3:fa:fd:96:91:cf:5d:0e:cc:
58:f4:cc:fa:b0:73:49:11:15:34:6b:01:18:99:eb:
90:b8:9d:8a:d6:a2:91:0b:cc:12:ad:4f:26:34:a1:
13:6f:7a:05:ca:c0:7c:c0:e8:13:b0:53:57:c7:49:
85:0d:36:7a:9f:be:a8:b4:09:5c:73:97:9d:43:c6:
3e:55:3c:4c:b0:4a:90:ce:d0:60:d1:84:48:3c:e1:
c7:ac:12:ce:8d:81:ef:3a:80:d9:12:8e:b7:0b:03:
53:28:cb:f3:b6:51:c9:74:d6:56:a5:23:a2:f7:b3:
48:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:35:5B:E1:DA:27:A9:31:A4:2E:E0:96:31:60:EE:33:5D:F0:A9:A7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4zVb4donqTGkLuCWMWDuM13wqac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.238.0/23
Signature Algorithm: sha256WithRSAEncryption
45:68:c2:c7:d9:f6:01:1b:cc:4b:9f:5b:a5:14:88:84:11:c9:
6e:4d:50:46:8b:1c:03:a6:a2:49:78:f0:6e:07:23:dd:e2:67:
14:31:16:7c:f9:d3:cc:c3:2f:1a:84:a9:dc:4c:0e:d3:9e:98:
08:63:b8:b1:6b:b3:b7:9c:c4:f9:cb:4c:34:67:1b:5e:ba:d8:
23:73:85:29:70:3a:5c:95:b8:88:6f:92:41:0b:47:f7:41:71:
c1:3d:d8:28:7c:b5:48:20:6f:b0:11:c7:3f:c0:f2:09:9f:25:
1a:ce:4d:82:fe:39:8f:05:85:04:a4:55:92:bc:01:88:31:90:
e0:a0:e6:55:a6:0c:7e:d9:d6:7a:85:37:05:cf:bf:fa:ae:c8:
e0:f2:91:25:53:69:d1:4d:b2:50:a3:1b:5a:eb:68:4f:cf:ec:
2c:a2:cb:a6:56:f1:d8:03:e1:97:3c:24:09:8d:41:64:6b:3c:
8f:c1:95:99:6c:d2:09:ef:1d:51:5e:ee:f6:ac:de:9c:07:fb:
94:1a:38:d9:59:a7:3b:9b:7a:66:bd:1c:83:9f:d5:d0:48:93:
f3:35:c5:c2:70:74:e6:0f:e4:28:86:96:b4:c5:97:dd:cd:ac:
d8:22:cc:23:81:25:d7:af:f2:2e:2a:6a:e1:6d:09:0a:89:4f:
54:c2:40:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJKbSWnyRQcMBGzjkFAiqYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI5MTQ0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzM1NWJlMWRhMjdhOTMxYTQyZWUwOTYzMTYwZWUzMzVkZjBhOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYVYdsXG97VqbAqxf6BZmqqEH7kw
xHO07f25pIkAF481Rz3EUoDXC0cfEuSvNGeglDyzO+/0Z35Pg8vLZdbnVHYwcnkX
wje/IB9Pu9z8/AC6SWwaqgCWGbnNJoL0Bi4EFi5WqWpWa3kiUPdM/osoAe/4dmDL
AvIAzfNWyCgbIEqDC2cAXjeFxEV3AHrj+v2Wkc9dDsxY9Mz6sHNJERU0awEYmeuQ
uJ2K1qKRC8wSrU8mNKETb3oFysB8wOgTsFNXx0mFDTZ6n76otAlcc5edQ8Y+VTxM
sEqQztBg0YRIPOHHrBLOjYHvOoDZEo63CwNTKMvztlHJdNZWpSOi97NI3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOM1W+HaJ6kxpC7gljFg7jNd8KmnMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNHpWYjRkb25xVEdrTHVDV01XRHVNMTN3cWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstLuMA0G
CSqGSIb3DQEBCwUAA4IBAQBFaMLH2fYBG8xLn1ulFIiEEcluTVBGixwDpqJJePBu
ByPd4mcUMRZ8+dPMwy8ahKncTA7TnpgIY7ixa7O3nMT5y0w0Zxteutgjc4UpcDpc
lbiIb5JBC0f3QXHBPdgofLVIIG+wEcc/wPIJnyUazk2C/jmPBYUEpFWSvAGIMZDg
oOZVpgx+2dZ6hTcFz7/6rsjg8pElU2nRTbJQoxta62hPz+wsosumVvHYA+GXPCQJ
jUFkazyPwZWZbNIJ7x1RXu72rN6cB/uUGjjZWac7m3pmvRyDn9XQSJPzNcXCcHTm
D+Qohpa0xZfdzazYIswjgSXXr/IuKmrhbQkKiU9UwkAV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org