Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_NVjfIbr5vVFA4SkR6MsuDYlY1I.roa
File: _NVjfIbr5vVFA4SkR6MsuDYlY1I.roa (raw, json)
Hash identifier: F50PhX5tEhq7MKvo8vB4nKBwOPhfUSGKsQDuRQH8gLs=
Subject key identifier: FC:D5:63:7C:86:EB:E6:F5:45:03:84:A4:47:A3:2C:B8:36:25:63:52
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E79FE8F03458910454449A0A8B966A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_NVjfIbr5vVFA4SkR6MsuDYlY1I.roa
Signing time: Mon 02 Jan 2023 09:54:43 +0000
ROA not before: Mon 02 Jan 2023 09:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25274
IP address blocks: 178.210.238.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:9f:e8:f0:34:58:91:04:54:44:9a:0a:8b:96:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcd5637c86ebe6f5450384a447a32cb836256352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9d:79:c6:3b:10:3c:eb:3f:8a:b3:ca:2b:6d:
f1:87:75:33:a5:46:d8:dd:97:1c:85:41:bd:18:4d:
5c:f2:a1:6b:32:e1:13:5e:62:03:1f:e0:7e:83:40:
f1:26:cb:32:8e:85:77:67:0e:b7:55:fd:2a:68:73:
43:9f:1d:02:46:02:85:d9:05:24:54:ba:48:30:3c:
c2:ff:92:05:2d:9e:08:7f:58:44:b4:28:22:af:b4:
3d:5b:3b:e5:d0:31:56:06:70:5e:34:07:7f:12:0f:
21:e0:e0:76:cf:b5:7a:de:e4:61:b1:19:71:13:df:
9d:ac:8b:88:7f:ca:c1:51:d7:86:4d:95:70:91:e3:
7e:b5:c7:b4:a3:3b:c1:82:22:b6:c9:5d:2a:49:09:
b3:ad:98:df:bc:c8:14:1d:dd:12:a5:73:23:08:d3:
a5:6d:9c:5a:a6:a5:32:2b:ad:75:2d:ba:05:6b:a0:
b1:3e:8c:b6:14:85:ed:51:67:4d:3c:21:4e:90:c3:
47:72:79:7b:90:17:d8:ee:54:86:32:42:fa:eb:1e:
39:11:9e:50:95:03:c3:ff:07:2d:5c:6e:03:c6:7c:
8c:68:ab:ce:86:34:91:c1:26:7a:cb:50:4b:00:58:
b2:cb:7e:3a:60:3a:1b:9f:84:e9:93:d5:7b:1d:13:
d6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D5:63:7C:86:EB:E6:F5:45:03:84:A4:47:A3:2C:B8:36:25:63:52
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_NVjfIbr5vVFA4SkR6MsuDYlY1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.238.0/23
Signature Algorithm: sha256WithRSAEncryption
95:a3:2a:32:f5:58:7e:6d:4d:b6:36:a7:29:43:28:36:8b:f8:
77:9f:2e:c3:86:2d:68:e1:55:2f:37:34:5e:92:79:6e:6f:4d:
08:65:ef:20:39:c4:6b:b4:98:62:8f:ae:d5:d4:2e:a0:2f:23:
0b:e3:81:71:a9:9c:72:f9:8c:de:76:33:51:a1:72:2f:4e:ed:
0b:71:dc:c6:2e:f6:cb:93:18:22:76:95:5e:ac:21:c8:ff:f6:
58:f8:ad:40:62:a3:be:a1:b8:c8:b4:9d:eb:27:90:ff:ad:91:
75:eb:0c:fc:40:02:81:e6:c3:40:d0:d5:ab:37:e6:7b:61:3a:
63:2d:76:e5:42:2d:84:22:5c:ac:51:bb:bf:5e:7a:0a:b4:c3:
06:26:e6:82:1a:40:de:52:0a:35:1f:94:61:a3:c2:39:4d:a1:
9b:ba:d0:ae:9e:21:54:17:41:e4:00:91:fb:c7:8e:47:fb:68:
11:3a:70:b6:8b:64:fd:8f:4f:46:48:51:d0:4a:d5:f5:b3:6e:
05:0e:b2:d6:c8:8f:1f:d5:f0:a1:0f:83:a5:7b:ff:c5:79:55:
b9:17:53:14:cf:61:14:b8:34:d8:5e:a4:7b:12:70:7f:62:00:
e8:f8:6f:bf:4f:d5:db:5f:34:0f:00:ee:db:19:ab:c6:9e:46:
8a:25:a3:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx55/o8DRYkQRURJoKi5ZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q1NjM3Yzg2ZWJlNmY1NDUwMzg0YTQ0N2EzMmNiODM2MjU2MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr515xjsQPOs/irPKK23xh3UzpUbY
3ZcchUG9GE1c8qFrMuETXmIDH+B+g0DxJssyjoV3Zw63Vf0qaHNDnx0CRgKF2QUk
VLpIMDzC/5IFLZ4If1hEtCgir7Q9Wzvl0DFWBnBeNAd/Eg8h4OB2z7V63uRhsRlx
E9+drIuIf8rBUdeGTZVwkeN+tce0ozvBgiK2yV0qSQmzrZjfvMgUHd0SpXMjCNOl
bZxapqUyK611LboFa6CxPoy2FIXtUWdNPCFOkMNHcnl7kBfY7lSGMkL66x45EZ5Q
lQPD/wctXG4DxnyMaKvOhjSRwSZ6y1BLAFiyy346YDobn4Tpk9V7HRPW2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzVY3yG6+b1RQOEpEejLLg2JWNSMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvX05WamZJYnI1dlZGQTRTa1I2TXN1RFlsWTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstLuMA0G
CSqGSIb3DQEBCwUAA4IBAQCVoyoy9Vh+bU22NqcpQyg2i/h3ny7Dhi1o4VUvNzRe
knlub00IZe8gOcRrtJhij67V1C6gLyML44FxqZxy+YzedjNRoXIvTu0LcdzGLvbL
kxgidpVerCHI//ZY+K1AYqO+objItJ3rJ5D/rZF16wz8QAKB5sNA0NWrN+Z7YTpj
LXblQi2EIlysUbu/XnoKtMMGJuaCGkDeUgo1H5Rho8I5TaGbutCuniFUF0HkAJH7
x45H+2gROnC2i2T9j09GSFHQStX1s24FDrLWyI8f1fChD4Ole//FeVW5F1MUz2EU
uDTYXqR7EnB/YgDo+G+/T9XbXzQPAO7bGavGnkaKJaM/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org