Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MCf5puTL_w3WeI0-OOrGZuiidRo.roa
File: MCf5puTL_w3WeI0-OOrGZuiidRo.roa (raw, json)
Hash identifier: WjdZqzRVR02QJ0QNi5Xhrnqodq3WQuLBh+vtvpL4Ok8=
Subject key identifier: 30:27:F9:A6:E4:CB:FF:0D:D6:78:8D:3E:38:EA:C6:66:E8:A2:75:1A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01892F216086C6F5111E9FC2ACB6555EFC9E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MCf5puTL_w3WeI0-OOrGZuiidRo.roa
Signing time: Fri 07 Jul 2023 06:54:23 +0000
ROA not before: Fri 07 Jul 2023 06:54:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 178.210.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2f:21:60:86:c6:f5:11:1e:9f:c2:ac:b6:55:5e:fc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 7 06:54:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3027f9a6e4cbff0dd6788d3e38eac666e8a2751a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:40:f6:63:be:c9:cc:38:14:99:8f:f7:66:8c:
8d:fb:f8:46:78:a6:1e:15:e7:a4:5d:af:dc:e2:0d:
c3:ca:e3:03:3d:1b:8a:68:30:42:f2:14:36:34:cd:
ad:79:c6:79:01:60:21:68:a0:0b:c8:30:75:fa:3a:
eb:73:d8:41:13:1d:24:8b:b0:0f:3c:bc:5c:da:00:
b0:72:5f:ab:1c:0d:84:71:f4:97:aa:6f:3b:73:d5:
b7:e1:88:17:0c:7a:23:89:65:e6:4d:96:75:73:ab:
63:cd:6d:7a:f5:39:c6:8f:8b:a2:30:7a:7a:9c:06:
30:67:c3:7f:65:43:3b:f3:88:7c:f3:07:44:81:0c:
6e:d8:bf:a2:6c:68:74:ca:09:e8:c4:f9:d7:d4:76:
51:0f:cb:02:9d:69:da:e8:68:38:c0:e7:75:65:4f:
0d:d6:22:03:1b:e4:11:88:fb:e7:cd:de:0d:fc:54:
63:5d:61:a8:7e:8a:43:b2:48:2b:33:21:bc:a3:a8:
d5:64:bd:21:96:3e:af:d1:a1:d2:43:9d:c1:8b:3c:
16:d3:f0:d1:1e:94:c7:22:60:bf:c6:9e:62:3b:17:
70:ac:87:1c:d8:12:00:aa:ea:e2:9a:79:9f:84:a5:
20:74:49:ff:3d:1f:ee:e0:bb:80:34:6c:9a:cb:b7:
40:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:27:F9:A6:E4:CB:FF:0D:D6:78:8D:3E:38:EA:C6:66:E8:A2:75:1A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MCf5puTL_w3WeI0-OOrGZuiidRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.231.0/24
Signature Algorithm: sha256WithRSAEncryption
60:91:2c:29:aa:bd:20:1c:be:28:0a:fc:e4:4f:b6:48:17:96:
00:41:f2:7b:ce:be:7a:ea:7d:3c:23:9f:14:e2:d8:57:9f:e4:
ee:56:30:68:1f:b5:81:f3:1a:f1:64:0b:12:26:45:ff:70:b7:
b7:cf:bf:c7:f9:1c:b3:eb:4f:29:56:3f:88:e8:4c:36:ce:a2:
49:21:25:3d:87:e2:a2:54:30:88:83:11:0b:65:bd:e4:36:15:
bf:0e:14:a6:1a:90:d7:47:1f:ed:46:d3:7b:df:b8:93:1e:83:
a9:5a:2b:c3:32:2b:39:72:ac:5e:d9:7c:64:55:2c:66:a3:c8:
7c:97:23:9a:57:1c:7c:a3:90:e9:68:10:c2:e9:9e:b3:a8:63:
ed:fc:34:cf:80:fb:87:64:4b:bb:1f:30:c1:2a:fb:68:e9:06:
60:8d:7a:2f:ca:a7:7a:78:f3:e2:4a:82:0a:85:c9:f3:ad:b2:
ce:c7:3e:86:52:b9:f5:b6:2d:15:4e:21:e4:f9:6b:f2:cb:b6:
6b:00:28:f4:17:8a:09:53:9c:95:c8:52:83:21:e8:f7:9f:f3:
82:60:8c:88:7b:7d:75:31:65:c1:0e:be:f1:dd:70:88:6c:dd:
ef:48:cd:82:60:29:18:ba:17:a2:f8:b8:bc:34:48:72:bf:70:
b8:8e:4b:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkvIWCGxvURHp/CrLZVXvyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzA3MDY1NDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI3ZjlhNmU0Y2JmZjBkZDY3ODhkM2UzOGVhYzY2NmU4YTI3NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtED2Y77JzDgUmY/3ZoyN+/hGeKYe
FeekXa/c4g3DyuMDPRuKaDBC8hQ2NM2tecZ5AWAhaKALyDB1+jrrc9hBEx0ki7AP
PLxc2gCwcl+rHA2EcfSXqm87c9W34YgXDHojiWXmTZZ1c6tjzW169TnGj4uiMHp6
nAYwZ8N/ZUM784h88wdEgQxu2L+ibGh0ygnoxPnX1HZRD8sCnWna6Gg4wOd1ZU8N
1iIDG+QRiPvnzd4N/FRjXWGofopDskgrMyG8o6jVZL0hlj6v0aHSQ53BizwW0/DR
HpTHImC/xp5iOxdwrIcc2BIAqurimnmfhKUgdEn/PR/u4LuANGyay7dAvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAn+abky/8N1niNPjjqxmboonUaMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTUNmNXB1VExfdzNXZUkwLU9PckdadWlpZFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstLnMA0G
CSqGSIb3DQEBCwUAA4IBAQBgkSwpqr0gHL4oCvzkT7ZIF5YAQfJ7zr566n08I58U
4thXn+TuVjBoH7WB8xrxZAsSJkX/cLe3z7/H+Ryz608pVj+I6Ew2zqJJISU9h+Ki
VDCIgxELZb3kNhW/DhSmGpDXRx/tRtN737iTHoOpWivDMis5cqxe2XxkVSxmo8h8
lyOaVxx8o5DpaBDC6Z6zqGPt/DTPgPuHZEu7HzDBKvto6QZgjXovyqd6ePPiSoIK
hcnzrbLOxz6GUrn1ti0VTiHk+Wvyy7ZrACj0F4oJU5yVyFKDIej3n/OCYIyIe311
MWXBDr7x3XCIbN3vSM2CYCkYuhei+Li8NEhyv3C4jktS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org