Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q6HzVex8VtSv0IHGeBuEtLSYwOw.roa
File: Q6HzVex8VtSv0IHGeBuEtLSYwOw.roa (raw, json)
Hash identifier: rJQUD4Wk26umyX5bE1EYc/KCBbLAMvKu/G8saX6t3kU=
Subject key identifier: 43:A1:F3:55:EC:7C:56:D4:AF:D0:81:C6:78:1B:84:B4:B4:98:C0:EC
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189B123BDEC83A6122D2E714C265A9D97AE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q6HzVex8VtSv0IHGeBuEtLSYwOw.roa
Signing time: Tue 01 Aug 2023 12:47:36 +0000
ROA not before: Tue 01 Aug 2023 12:47:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 178.210.231.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:23:bd:ec:83:a6:12:2d:2e:71:4c:26:5a:9d:97:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 1 12:47:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43a1f355ec7c56d4afd081c6781b84b4b498c0ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ed:82:3f:f5:fe:81:4d:3b:f8:84:ea:2a:1c:
b4:9d:a2:ea:ff:55:86:0c:85:f2:c2:47:1f:65:26:
0b:76:02:49:df:96:bf:0a:7a:e7:6a:0c:25:a0:9a:
c0:a3:e2:95:57:61:91:aa:eb:16:55:c2:17:b0:83:
db:f3:cb:c4:2a:c2:67:14:a2:2f:a0:93:63:70:6b:
f9:01:55:c6:e6:a4:6a:94:54:62:8f:52:2d:f2:03:
09:e0:65:5e:3b:63:96:fd:b1:6f:c3:20:02:46:ae:
03:01:79:d4:78:b3:b1:87:5b:bb:e0:2d:f8:68:80:
d1:e3:ac:4d:97:c5:d2:cd:bc:08:e2:f7:1b:2c:51:
05:73:91:e4:50:b9:64:e8:8b:7b:06:db:b7:0b:1e:
1b:cb:40:2d:08:1f:8b:2b:c0:2c:b7:00:17:b8:63:
c7:5d:a4:1d:3b:70:53:f9:6d:ae:31:d7:04:df:b5:
b9:96:ae:2b:89:11:44:93:ac:4d:84:75:f3:8a:cb:
7e:24:d7:8c:74:46:f0:69:35:4e:68:4f:f9:fc:99:
f1:9b:03:ed:cc:77:fd:a9:74:2c:c2:2d:3a:32:2f:
dc:dd:4c:01:c1:e3:4f:0a:0b:3d:74:fa:60:4a:32:
b0:95:e7:5b:1f:05:74:40:76:f7:a4:4a:09:08:98:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A1:F3:55:EC:7C:56:D4:AF:D0:81:C6:78:1B:84:B4:B4:98:C0:EC
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q6HzVex8VtSv0IHGeBuEtLSYwOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.230.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:7c:dc:15:5b:26:65:44:a6:07:81:03:f9:17:e1:f2:25:83:
3c:b7:8b:67:e8:70:22:07:db:58:ff:4f:0e:b9:e8:ed:da:b7:
b1:90:6f:00:11:30:54:85:08:29:a0:c3:d1:9a:08:b5:7a:e1:
1c:9d:45:5f:b7:ca:5e:21:c3:8a:4c:82:ac:ff:ea:e9:10:8e:
00:b7:19:bf:75:a7:70:a0:73:2f:e0:5a:9c:8c:1c:15:d0:8c:
62:d3:f9:f4:47:46:62:6a:1f:a6:1e:44:ce:c4:0d:5b:5f:4d:
77:d1:b9:d3:9c:2d:d5:27:b3:09:7f:62:15:dd:6c:4a:85:2d:
d9:0e:e4:60:5e:54:db:8c:81:f3:0b:21:f5:eb:f6:f3:d7:3e:
8f:d1:a5:0a:e9:12:53:2a:8b:8b:8e:cc:fd:6b:2e:d4:75:61:
72:c1:cb:e9:12:22:3b:16:4a:95:27:87:d1:f7:e0:07:89:34:
c2:ce:37:d6:01:95:60:12:e9:06:05:69:64:d9:d8:21:f8:f1:
db:11:dd:dd:26:7d:05:eb:64:96:bd:8c:56:90:a7:d2:b2:cf:
24:0c:8e:8d:fd:93:d8:da:b2:81:de:0e:64:b2:a6:7d:fc:68:
52:6d:98:eb:3c:7b:83:66:ec:93:05:83:70:7a:c3:24:1e:ef:
30:e0:58:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmxI73sg6YSLS5xTCZanZeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODAxMTI0NzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ExZjM1NWVjN2M1NmQ0YWZkMDgxYzY3ODFiODRiNGI0OThjMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO2CP/X+gU07+ITqKhy0naLq/1WG
DIXywkcfZSYLdgJJ35a/CnrnagwloJrAo+KVV2GRqusWVcIXsIPb88vEKsJnFKIv
oJNjcGv5AVXG5qRqlFRij1It8gMJ4GVeO2OW/bFvwyACRq4DAXnUeLOxh1u74C34
aIDR46xNl8XSzbwI4vcbLFEFc5HkULlk6It7Btu3Cx4by0AtCB+LK8AstwAXuGPH
XaQdO3BT+W2uMdcE37W5lq4riRFEk6xNhHXzist+JNeMdEbwaTVOaE/5/JnxmwPt
zHf9qXQswi06Mi/c3UwBweNPCgs9dPpgSjKwledbHwV0QHb3pEoJCJgHJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOh81XsfFbUr9CBxngbhLS0mMDsMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUTZIelZleDhWdFN2MElIR2VCdUV0TFNZd093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstLmMA0G
CSqGSIb3DQEBCwUAA4IBAQA+fNwVWyZlRKYHgQP5F+HyJYM8t4tn6HAiB9tY/08O
uejt2rexkG8AETBUhQgpoMPRmgi1euEcnUVft8peIcOKTIKs/+rpEI4Atxm/dadw
oHMv4FqcjBwV0Ixi0/n0R0Ziah+mHkTOxA1bX0130bnTnC3VJ7MJf2IV3WxKhS3Z
DuRgXlTbjIHzCyH16/bz1z6P0aUK6RJTKouLjsz9ay7UdWFywcvpEiI7FkqVJ4fR
9+AHiTTCzjfWAZVgEukGBWlk2dgh+PHbEd3dJn0F62SWvYxWkKfSss8kDI6N/ZPY
2rKB3g5ksqZ9/GhSbZjrPHuDZuyTBYNwesMkHu8w4FiJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org