Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vs_69sGm-UZkrrhQp74mSx5isW0.roa
File: Vs_69sGm-UZkrrhQp74mSx5isW0.roa (raw, json)
Hash identifier: V5z4bDRGMNNw7qjFfG5padeMcwSHYtBPA4eJ+GDBeWU=
Subject key identifier: 56:CF:FA:F6:C1:A6:F9:46:64:AE:B8:50:A7:BE:26:4B:1E:62:B1:6D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018780126403027E3183650C6E7F6992E90A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vs_69sGm-UZkrrhQp74mSx5isW0.roa
Signing time: Fri 14 Apr 2023 14:01:41 +0000
ROA not before: Fri 14 Apr 2023 14:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25274
IP address blocks: 178.210.238.0/23 maxlen: 23
178.210.240.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:12:64:03:02:7e:31:83:65:0c:6e:7f:69:92:e9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 14 14:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56cffaf6c1a6f94664aeb850a7be264b1e62b16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a1:ae:ff:4c:98:82:ec:cc:db:8a:11:e3:f3:
7e:03:ea:91:38:ea:5a:6c:17:88:61:71:1a:c2:94:
84:c3:c2:df:d5:2a:37:f8:67:bb:16:e7:cb:7a:cd:
50:f2:ba:d5:10:41:77:17:93:bf:61:41:b6:3a:a1:
8c:2d:6b:f0:d6:43:90:94:53:5f:7a:06:40:f8:da:
0b:dd:9d:e2:e0:02:2c:af:d5:87:ee:b1:5b:61:02:
66:ca:de:17:1a:69:f9:2c:50:1b:bb:98:2f:7b:89:
18:44:64:f2:d2:0a:8d:cb:20:6f:2c:0b:e5:8b:3f:
18:4b:2b:83:f6:43:d1:41:9d:3a:74:99:d3:7d:a5:
fb:af:39:51:60:bd:da:51:ff:ff:05:58:66:e2:c4:
0e:c3:9d:27:7d:78:a7:da:9f:ba:fd:75:dd:5e:9c:
b8:9f:b7:82:ad:2c:f5:90:40:35:cc:e3:fb:29:16:
87:08:5e:2b:89:99:c1:1f:75:2c:11:d3:46:a5:14:
76:f9:38:d3:0f:91:09:da:e9:b4:6b:06:42:dd:a3:
cc:1f:39:f3:dd:c9:11:59:46:b5:40:3c:1f:f2:c7:
cc:55:77:21:1f:6b:b2:14:27:a0:ca:ff:84:78:3f:
d6:17:0f:9c:07:17:32:1a:52:60:bd:be:da:b9:16:
1c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:CF:FA:F6:C1:A6:F9:46:64:AE:B8:50:A7:BE:26:4B:1E:62:B1:6D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vs_69sGm-UZkrrhQp74mSx5isW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.238.0-178.210.247.255
Signature Algorithm: sha256WithRSAEncryption
bc:80:3b:79:a0:44:05:3c:33:ba:df:0c:08:25:4d:11:ae:5f:
b0:5c:13:01:6b:68:a9:6a:ab:97:d5:ad:87:95:ef:ae:14:b8:
5a:70:22:a4:f5:d5:0d:55:bb:6a:a8:ca:a1:e8:6d:0f:6f:b9:
0a:3e:67:48:07:49:66:63:96:6f:99:15:18:96:05:75:80:6a:
f8:aa:3e:cf:54:83:73:f3:24:3f:8c:69:ef:90:27:7e:22:b7:
ab:0f:53:fb:72:67:80:a7:fb:a4:75:2f:22:4a:46:3f:f1:7b:
11:3f:31:74:cd:41:cf:e9:b5:49:8d:8f:23:49:9c:08:e4:9f:
fc:c3:2f:92:d1:e6:fd:71:9f:01:4e:6e:79:1b:a0:d5:a5:48:
18:a3:3e:91:bc:5e:fb:f7:93:99:66:11:71:0d:52:04:f1:75:
e8:ac:d8:70:51:06:61:8a:94:c0:c6:b0:75:ed:4b:ee:3c:30:
a2:77:b2:74:cf:64:a9:99:71:97:d4:b0:b2:90:19:b0:b4:60:
55:cd:ed:b1:ab:2a:0f:95:57:9f:39:a2:07:f0:59:93:62:b3:
c9:d5:a9:1a:c3:c8:6d:6b:c9:e5:95:7f:e9:5e:03:b6:b6:6a:
f9:ba:01:05:71:2e:e3:35:e8:b8:7d:55:12:b4:a6:5c:29:c0:
cc:69:66:14
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYeAEmQDAn4xg2UMbn9pkukKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNDE0MTQwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmNmZmFmNmMxYTZmOTQ2NjRhZWI4NTBhN2JlMjY0YjFlNjJiMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaGu/0yYguzM24oR4/N+A+qROOpa
bBeIYXEawpSEw8Lf1So3+Ge7FufLes1Q8rrVEEF3F5O/YUG2OqGMLWvw1kOQlFNf
egZA+NoL3Z3i4AIsr9WH7rFbYQJmyt4XGmn5LFAbu5gve4kYRGTy0gqNyyBvLAvl
iz8YSyuD9kPRQZ06dJnTfaX7rzlRYL3aUf//BVhm4sQOw50nfXin2p+6/XXdXpy4
n7eCrSz1kEA1zOP7KRaHCF4riZnBH3UsEdNGpRR2+TjTD5EJ2um0awZC3aPMHznz
3ckRWUa1QDwf8sfMVXchH2uyFCegyv+EeD/WFw+cBxcyGlJgvb7auRYcuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFbP+vbBpvlGZK64UKe+JkseYrFtMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVnNfNjlzR20tVVprcnJoUXA3NG1TeDVpc1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGy0u4D
BAOy0vAwDQYJKoZIhvcNAQELBQADggEBALyAO3mgRAU8M7rfDAglTRGuX7BcEwFr
aKlqq5fVrYeV764UuFpwIqT11Q1Vu2qoyqHobQ9vuQo+Z0gHSWZjlm+ZFRiWBXWA
aviqPs9Ug3PzJD+Mae+QJ34it6sPU/tyZ4Cn+6R1LyJKRj/xexE/MXTNQc/ptUmN
jyNJnAjkn/zDL5LR5v1xnwFObnkboNWlSBijPpG8Xvv3k5lmEXENUgTxdeis2HBR
BmGKlMDGsHXtS+48MKJ3snTPZKmZcZfUsLKQGbC0YFXN7bGrKg+VV585ogfwWZNi
s8nVqRrDyG1ryeWVf+leA7a2avm6AQVxLuM16Lh9VRK0plwpwMxpZhQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org