Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Z9oRKHHadC3YQ_O8Dji2uYYtka0.roa
File: Z9oRKHHadC3YQ_O8Dji2uYYtka0.roa (raw, json)
Hash identifier: DuP/X4pnoCz7lWu1M4GMcOIE1BSPvYq6gNiPvNWctI0=
Subject key identifier: 67:DA:11:28:71:DA:74:2D:D8:43:F3:BC:0E:38:B6:B9:86:2D:91:AD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B4942813C341C65FE8D4FF22C3E816811
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Z9oRKHHadC3YQ_O8Dji2uYYtka0.roa
Signing time: Thu 19 Oct 2023 18:46:17 +0000
ROA not before: Thu 19 Oct 2023 18:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216326
IP address blocks: 178.210.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:42:81:3c:34:1c:65:fe:8d:4f:f2:2c:3e:81:68:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 19 18:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67da112871da742dd843f3bc0e38b6b9862d91ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:60:35:d5:65:c6:db:b7:ea:22:6e:30:5a:80:
80:8d:01:89:23:78:e0:a5:58:83:1a:5e:df:0f:9b:
23:30:82:98:b0:cf:4c:95:d4:52:9e:12:45:5d:27:
45:6f:3c:19:43:03:75:5d:42:52:3e:93:b2:54:fe:
85:64:a4:3a:2f:99:3f:3a:db:8e:77:f4:d0:09:71:
f2:67:6c:35:83:09:ee:d8:3d:59:3e:13:e3:d8:b3:
9e:02:c7:99:83:5c:d1:0f:8f:6b:6f:23:46:cd:d2:
5f:18:7b:d4:64:bd:45:97:99:3d:c3:19:9d:09:2f:
2e:b5:dc:35:1d:9f:05:f7:57:09:64:57:4e:c6:ef:
c2:0f:60:fb:7e:47:7a:47:26:24:fa:3d:31:85:89:
b2:40:79:f1:4c:ba:7a:05:37:69:6e:56:94:31:4e:
d4:3e:69:26:af:34:a5:a9:78:33:54:bf:64:c3:44:
2d:66:0d:bd:0d:37:a7:26:0a:a7:66:4c:c8:90:69:
74:76:4c:57:f6:bf:22:17:b0:0a:18:da:5d:8c:77:
2c:d2:15:6b:e0:96:54:6d:a5:f1:7a:77:5f:bf:3d:
52:9c:65:91:cd:83:39:72:dc:0d:26:8a:fe:9e:ac:
98:fd:89:9a:30:0a:b0:44:87:d4:32:32:02:03:fb:
15:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DA:11:28:71:DA:74:2D:D8:43:F3:BC:0E:38:B6:B9:86:2D:91:AD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Z9oRKHHadC3YQ_O8Dji2uYYtka0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.235.0/24
Signature Algorithm: sha256WithRSAEncryption
66:30:65:1b:f1:84:38:86:4e:16:04:4f:b7:ca:51:03:2b:1c:
e6:ac:aa:21:12:d2:99:f4:6d:22:61:5c:13:8e:49:fa:4f:5d:
73:3c:e4:21:56:f1:14:7c:d9:82:ba:51:6c:1d:f7:1e:ba:53:
fc:90:4d:fe:8d:0c:84:b6:54:9b:b6:4c:00:1d:ca:4f:90:13:
28:1c:d1:83:47:c3:7a:f0:2c:37:6f:90:94:2d:ca:fd:90:80:
10:21:ca:56:80:28:d6:52:b7:00:07:bc:33:11:3a:09:f0:74:
f0:90:03:22:c2:3b:aa:18:dd:8c:49:71:2b:b2:5e:e4:79:f5:
da:9b:d0:aa:5d:72:ab:3e:6a:f6:19:3c:4e:f1:26:dd:5b:db:
9e:12:34:34:ba:30:ff:84:9e:86:03:fc:15:07:43:8e:7b:5b:
e6:04:7b:76:dd:d2:46:ca:47:72:be:69:15:ce:cc:79:49:01:
43:da:81:b1:37:e4:27:4a:7c:65:c4:76:5f:62:7e:3b:df:03:
12:12:64:07:88:94:08:bf:8a:01:70:e3:cb:eb:1f:36:58:db:
8a:c2:18:b4:60:de:48:bb:61:60:45:bd:bf:9b:d8:87:f9:6d:
ce:3b:f9:6d:e6:20:a5:9e:ef:4e:e9:3f:13:74:83:de:4e:0e:
07:3a:dd:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtJQoE8NBxl/o1P8iw+gWgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDE5MTg0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RhMTEyODcxZGE3NDJkZDg0M2YzYmMwZTM4YjZiOTg2MmQ5MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmA11WXG27fqIm4wWoCAjQGJI3jg
pViDGl7fD5sjMIKYsM9MldRSnhJFXSdFbzwZQwN1XUJSPpOyVP6FZKQ6L5k/OtuO
d/TQCXHyZ2w1gwnu2D1ZPhPj2LOeAseZg1zRD49rbyNGzdJfGHvUZL1Fl5k9wxmd
CS8utdw1HZ8F91cJZFdOxu/CD2D7fkd6RyYk+j0xhYmyQHnxTLp6BTdpblaUMU7U
PmkmrzSlqXgzVL9kw0QtZg29DTenJgqnZkzIkGl0dkxX9r8iF7AKGNpdjHcs0hVr
4JZUbaXxendfvz1SnGWRzYM5ctwNJor+nqyY/YmaMAqwRIfUMjICA/sVlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfaEShx2nQt2EPzvA44trmGLZGtMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWjlvUktISGFkQzNZUV9POERqaTJ1WVl0a2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstLrMA0G
CSqGSIb3DQEBCwUAA4IBAQBmMGUb8YQ4hk4WBE+3ylEDKxzmrKohEtKZ9G0iYVwT
jkn6T11zPOQhVvEUfNmCulFsHfceulP8kE3+jQyEtlSbtkwAHcpPkBMoHNGDR8N6
8Cw3b5CULcr9kIAQIcpWgCjWUrcAB7wzEToJ8HTwkAMiwjuqGN2MSXErsl7kefXa
m9CqXXKrPmr2GTxO8SbdW9ueEjQ0ujD/hJ6GA/wVB0OOe1vmBHt23dJGykdyvmkV
zsx5SQFD2oGxN+QnSnxlxHZfYn473wMSEmQHiJQIv4oBcOPL6x82WNuKwhi0YN5I
u2FgRb2/m9iH+W3OO/lt5iClnu9O6T8TdIPeTg4HOt3y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org