Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/I-MQFwQPl0qcneGB1i0mX5Oo8Ek.roa
File: I-MQFwQPl0qcneGB1i0mX5Oo8Ek.roa (raw, json)
Hash identifier: BfRGZweHRcgluWhnU9EM5UHSfqiRPfQummnXWQtcXkg=
Subject key identifier: 23:E3:10:17:04:0F:97:4A:9C:9D:E1:81:D6:2D:26:5F:93:A8:F0:49
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188C3294F9486E6EEAE61304DF86903C811
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/I-MQFwQPl0qcneGB1i0mX5Oo8Ek.roa
Signing time: Fri 16 Jun 2023 07:44:04 +0000
ROA not before: Fri 16 Jun 2023 07:44:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.250.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:29:4f:94:86:e6:ee:ae:61:30:4d:f8:69:03:c8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 16 07:44:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23e31017040f974a9c9de181d62d265f93a8f049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:0d:2f:9f:12:7e:37:76:c3:f0:0c:1f:44:
75:33:ba:4e:5e:a0:d4:f7:01:24:32:de:d1:f4:23:
25:5f:29:77:0b:95:d3:d7:4a:28:41:7a:5b:b5:9e:
3e:51:52:dc:20:01:28:7d:00:12:cc:e2:8e:32:17:
00:ab:30:f9:86:ba:d7:41:a8:87:0d:01:8b:63:1c:
f9:37:51:bb:2e:40:ba:ae:76:67:4d:ed:5c:21:1e:
aa:ef:d8:79:c7:61:8e:69:46:54:7b:d7:1d:02:c4:
a7:72:f3:54:73:f2:6d:a1:e4:38:3f:50:f9:73:86:
41:6c:8e:ce:e6:98:c5:d2:19:63:7c:0a:ce:40:17:
06:b7:b6:3f:23:7e:97:f4:08:8c:4a:1f:fc:05:20:
f6:af:d6:4b:a7:be:35:58:9e:8d:29:fe:e0:2a:36:
70:20:8d:e8:7f:d4:7c:0e:fc:e1:78:02:87:f5:25:
9b:2e:4a:c4:7e:fc:70:ef:b3:22:ca:42:cd:4c:80:
a5:91:be:b4:30:cb:b7:c5:0d:8f:f1:62:19:d3:8a:
41:37:ae:73:7e:69:5c:9b:8b:ab:5e:59:dc:3e:03:
cc:2e:c4:91:36:33:d8:12:49:69:6e:bb:e5:d0:68:
5b:d2:f3:d0:7e:ca:00:8d:b5:6b:0b:05:2e:17:10:
39:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E3:10:17:04:0F:97:4A:9C:9D:E1:81:D6:2D:26:5F:93:A8:F0:49
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/I-MQFwQPl0qcneGB1i0mX5Oo8Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.159.0/24
88.151.56.0/23
88.209.211.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:91:4c:52:bb:d1:97:5b:cf:e9:89:cb:03:0f:0a:94:f7:11:
24:db:d5:d2:6c:0c:3c:91:c3:7f:e3:7e:83:7c:f7:e5:b7:58:
99:3d:de:9f:b9:da:7f:e0:06:84:da:81:76:e1:22:55:37:8b:
e2:47:47:9f:c4:c2:b7:2c:2c:97:ed:16:f3:84:4d:74:a7:47:
b1:a3:ca:7f:0f:5d:3c:b0:25:6d:60:dd:64:a6:4d:6e:55:24:
e6:5c:b1:22:6d:12:6b:fc:8a:5d:fc:85:59:fc:82:38:33:05:
d6:1a:5e:89:3b:14:6d:2f:f0:8e:d2:6f:20:b5:ad:cd:a0:60:
ab:31:1d:8b:11:2c:6c:e0:a9:79:fd:5b:36:21:09:9c:97:79:
76:8d:5c:a1:97:b2:52:1d:f5:e9:43:b7:18:d7:ad:7d:96:a2:
6d:cf:01:85:e1:17:12:93:04:ce:85:30:03:63:13:fa:92:be:
9a:13:fe:91:c8:63:21:5d:bc:ec:4a:60:38:61:1a:ad:03:de:
1f:30:83:9e:85:95:9d:48:92:ab:34:fd:28:c7:c8:08:be:50:
f1:31:05:f6:09:e5:95:61:d1:07:0a:03:eb:25:44:8a:0c:03:
b5:ba:f0:76:9a:c1:2c:8a:93:00:86:d4:e5:c3:22:60:ae:4d:
ee:47:2c:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjDKU+UhuburmEwTfhpA8gRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE2MDc0NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UzMTAxNzA0MGY5NzRhOWM5ZGUxODFkNjJkMjY1ZjkzYThmMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNoNL58Sfjd2w/AMH0R1M7pOXqDU
9wEkMt7R9CMlXyl3C5XT10ooQXpbtZ4+UVLcIAEofQASzOKOMhcAqzD5hrrXQaiH
DQGLYxz5N1G7LkC6rnZnTe1cIR6q79h5x2GOaUZUe9cdAsSncvNUc/JtoeQ4P1D5
c4ZBbI7O5pjF0hljfArOQBcGt7Y/I36X9AiMSh/8BSD2r9ZLp741WJ6NKf7gKjZw
II3of9R8DvzheAKH9SWbLkrEfvxw77MiykLNTIClkb60MMu3xQ2P8WIZ04pBN65z
fmlcm4urXlncPgPMLsSRNjPYEklpbrvl0Ghb0vPQfsoAjbVrCwUuFxA5ZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCPjEBcED5dKnJ3hgdYtJl+TqPBJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSS1NUUZ3UVBsMHFjbmVHQjFpMG1YNU9vOEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATfKfAwQB
WJc4AwQAWNHTAwQAstL6MA0GCSqGSIb3DQEBCwUAA4IBAQBOkUxSu9GXW8/picsD
DwqU9xEk29XSbAw8kcN/436DfPflt1iZPd6fudp/4AaE2oF24SJVN4viR0efxMK3
LCyX7RbzhE10p0exo8p/D108sCVtYN1kpk1uVSTmXLEibRJr/Ipd/IVZ/II4MwXW
Gl6JOxRtL/CO0m8gta3NoGCrMR2LESxs4Kl5/Vs2IQmcl3l2jVyhl7JSHfXpQ7cY
1619lqJtzwGF4RcSkwTOhTADYxP6kr6aE/6RyGMhXbzsSmA4YRqtA94fMIOehZWd
SJKrNP0ox8gIvlDxMQX2CeWVYdEHCgPrJUSKDAO1uvB2msEsipMAhtTlwyJgrk3u
Ryx+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org