Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Abx5BUaNb4J_Qrv0chrCNw8HByw.roa
File: Abx5BUaNb4J_Qrv0chrCNw8HByw.roa (raw, json)
Hash identifier: xgTgbQpWXBRy0kGI4Ic8/B5XjoPtNPVOGUREw5+FKGc=
Subject key identifier: 01:BC:79:05:46:8D:6F:82:7F:42:BB:F4:72:1A:C2:37:0F:07:07:2C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018702F55D8624E8DB6B672B8E1780CD2FB6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Abx5BUaNb4J_Qrv0chrCNw8HByw.roa
Signing time: Tue 21 Mar 2023 06:57:27 +0000
ROA not before: Tue 21 Mar 2023 06:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60707
IP address blocks: 178.210.236.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:02:f5:5d:86:24:e8:db:6b:67:2b:8e:17:80:cd:2f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 21 06:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01bc7905468d6f827f42bbf4721ac2370f07072c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:53:a2:7a:d7:33:77:97:d6:5b:04:cc:ac:
c7:34:8a:ac:b4:f8:a1:15:bb:94:c1:6a:87:7c:ce:
3e:e0:53:4b:36:c8:3f:cb:d4:0a:86:40:11:77:8c:
f2:2e:b7:59:1f:3f:b8:a6:97:89:aa:45:56:40:89:
45:5a:06:70:9e:ac:17:c3:7a:a6:4b:69:7d:23:f3:
05:a4:22:04:47:37:f0:b3:1b:c0:28:30:63:4c:31:
54:48:9c:35:65:71:c4:62:0d:6a:b8:70:5b:a5:4f:
34:00:a1:98:35:39:50:0c:51:bb:da:b8:fe:24:1e:
8a:87:bf:57:1d:de:16:71:2d:1b:92:14:c8:80:8e:
f1:28:06:62:f7:80:d6:2a:05:9d:07:27:af:cb:3f:
16:7d:d2:77:f3:16:f6:ae:38:8b:7c:d6:49:7d:04:
63:aa:48:c5:83:16:b4:b1:ad:dd:8c:d2:88:15:ac:
0a:9e:1b:60:bb:ad:8d:aa:e9:95:e1:cb:e9:c8:15:
ff:23:93:e6:2d:d6:18:31:5f:dc:d5:b2:81:00:b6:
5b:8e:cd:2b:a7:4d:d7:10:14:db:ae:54:fd:1d:3c:
bc:d1:28:64:31:1d:96:9d:7a:96:77:49:f3:cd:b7:
cc:a9:e5:3b:5b:5b:6c:c6:6a:02:d7:25:a7:06:78:
4d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BC:79:05:46:8D:6F:82:7F:42:BB:F4:72:1A:C2:37:0F:07:07:2C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Abx5BUaNb4J_Qrv0chrCNw8HByw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.209.0/24
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
18:80:f3:22:a5:9a:47:a0:09:f2:5d:0e:a8:79:5e:35:3a:da:
0b:43:52:88:f2:55:1c:b9:1b:67:0e:2f:5e:3e:ab:8b:82:ea:
d2:43:96:79:f4:8d:7b:3e:77:ee:e8:7e:3a:d4:30:06:ee:92:
b2:f1:c7:2d:30:a0:54:52:be:d8:2a:f4:4d:61:8f:24:a3:ff:
ee:b8:50:ee:ea:14:65:40:09:29:04:39:4d:d0:04:0b:0d:55:
a8:cc:cb:75:1a:46:ff:a5:f0:79:95:b8:32:f4:55:2a:e7:e5:
cc:97:67:eb:9a:95:0e:87:dc:fc:bd:a7:11:b1:e8:7e:aa:dc:
b8:65:29:ab:4b:33:e4:4e:52:f8:d1:ae:fc:15:fd:a5:6b:58:
0b:ae:19:e3:29:ab:54:80:b6:06:3c:10:e3:f7:83:09:77:5b:
4b:cc:d7:be:e1:73:db:88:a0:65:9b:18:e2:64:cf:27:1e:b8:
aa:5a:89:d0:6a:6e:f3:81:44:cd:ff:3a:41:61:f9:28:a1:56:
e0:52:17:ec:00:81:0e:88:5e:84:a5:a2:df:77:9e:c1:30:8a:
72:3e:16:49:ce:ac:b6:fd:89:43:e3:c6:81:be:2b:08:01:f5:
6d:91:b3:e5:5c:c7:f7:e3:1b:14:92:ae:e9:86:b7:d8:ad:62:
c6:bf:50:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcC9V2GJOjba2crjheAzS+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzIxMDY1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJjNzkwNTQ2OGQ2ZjgyN2Y0MmJiZjQ3MjFhYzIzNzBmMDcwNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo35TonrXM3eX1lsEzKzHNIqstPih
FbuUwWqHfM4+4FNLNsg/y9QKhkARd4zyLrdZHz+4ppeJqkVWQIlFWgZwnqwXw3qm
S2l9I/MFpCIERzfwsxvAKDBjTDFUSJw1ZXHEYg1quHBbpU80AKGYNTlQDFG72rj+
JB6Kh79XHd4WcS0bkhTIgI7xKAZi94DWKgWdByevyz8WfdJ38xb2rjiLfNZJfQRj
qkjFgxa0sa3djNKIFawKnhtgu62NqumV4cvpyBX/I5PmLdYYMV/c1bKBALZbjs0r
p03XEBTbrlT9HTy80ShkMR2WnXqWd0nzzbfMqeU7W1tsxmoC1yWnBnhNpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAG8eQVGjW+Cf0K79HIawjcPBwcsMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQWJ4NUJVYU5iNEpfUXJ2MGNockNOdzhIQnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHRAwQA
stLsMA0GCSqGSIb3DQEBCwUAA4IBAQAYgPMipZpHoAnyXQ6oeV41OtoLQ1KI8lUc
uRtnDi9ePquLgurSQ5Z59I17Pnfu6H461DAG7pKy8cctMKBUUr7YKvRNYY8ko//u
uFDu6hRlQAkpBDlN0AQLDVWozMt1Gkb/pfB5lbgy9FUq5+XMl2frmpUOh9z8vacR
seh+qty4ZSmrSzPkTlL40a78Ff2la1gLrhnjKatUgLYGPBDj94MJd1tLzNe+4XPb
iKBlmxjiZM8nHriqWonQam7zgUTN/zpBYfkooVbgUhfsAIEOiF6EpaLfd57BMIpy
PhZJzqy2/YlD48aBvisIAfVtkbPlXMf34xsUkq7phrfYrWLGv1DO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org