Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dmnk76KieMiWJSsRW2-Zff2BI94.roa
File: dmnk76KieMiWJSsRW2-Zff2BI94.roa (raw, json)
Hash identifier: l3ObIGDiEs6Mkb0wIV0L1gx4nEPB7TytxFDQ8xvtZWI=
Subject key identifier: 76:69:E4:EF:A2:A2:78:C8:96:25:2B:11:5B:6F:99:7D:FD:81:23:DE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B6AA4F07CD3409D556A148456F23F2158
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dmnk76KieMiWJSsRW2-Zff2BI94.roa
Signing time: Thu 26 Oct 2023 06:21:16 +0000
ROA not before: Thu 26 Oct 2023 06:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2834
IP address blocks: 178.210.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6a:a4:f0:7c:d3:40:9d:55:6a:14:84:56:f2:3f:21:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 26 06:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7669e4efa2a278c896252b115b6f997dfd8123de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:a3:8b:83:ea:2a:38:ed:88:f8:1b:de:9b:
c4:22:41:30:42:9a:fa:a8:3f:cb:89:9b:fa:a9:2f:
f9:7d:bb:5c:88:dc:73:65:3b:e4:18:ba:48:50:16:
f1:36:d6:8b:52:7a:90:43:7d:45:49:87:1f:83:7d:
1d:ae:55:47:14:dc:71:0d:75:29:06:af:44:98:47:
f1:0a:1a:14:eb:55:48:14:13:bc:e3:4f:27:1c:f3:
a4:98:87:a3:3c:5e:0d:64:74:84:b0:a9:a6:81:78:
21:08:26:9a:c1:e8:43:7d:82:9d:ce:e2:7d:c9:66:
28:ad:de:81:2a:6f:ef:95:38:b4:6d:6e:82:ae:18:
61:f1:8f:3b:b7:c8:4d:ae:6d:b7:f2:c3:3d:2f:ff:
8c:ce:97:84:1c:3a:b0:75:68:5e:18:ae:a3:ee:6d:
ac:ac:46:f6:0b:2d:98:3b:11:2e:74:63:c2:d6:f2:
f2:ec:e0:b4:c9:ec:c2:14:bb:47:f2:89:99:70:d2:
e4:4b:1b:35:1e:9a:29:08:29:7a:90:f5:7f:f1:fd:
7b:63:bf:b3:95:f3:35:b9:52:2d:34:ea:0b:27:32:
dd:ed:06:ec:58:8f:d6:6f:36:8a:53:61:c0:6d:7d:
35:b5:84:c5:84:9d:f5:d1:91:32:74:72:0d:e4:00:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:69:E4:EF:A2:A2:78:C8:96:25:2B:11:5B:6F:99:7D:FD:81:23:DE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dmnk76KieMiWJSsRW2-Zff2BI94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
03:45:4b:34:54:af:6d:d9:8c:6d:12:f3:3e:fd:4c:b2:25:fb:
cd:84:4c:14:70:e8:e6:3c:86:fa:12:7b:8f:48:b3:c6:85:a4:
3b:33:bb:52:c8:8c:21:03:cd:2b:7d:c3:51:ea:7f:13:15:48:
37:3f:dd:ce:09:91:cd:18:c5:cd:83:83:bc:7a:e8:81:41:51:
e2:55:ca:db:43:3e:29:c1:d0:29:44:dc:51:15:09:21:76:00:
b3:27:f6:0a:fd:92:54:cb:de:79:67:a1:e4:7d:4d:ce:01:51:
c3:e6:cd:00:13:e0:5b:92:79:19:a5:b3:eb:7d:94:e0:03:75:
3f:51:3d:f4:d9:90:2d:8c:7a:7d:9a:2b:60:3c:50:96:de:00:
83:2d:a4:fc:80:22:10:e6:52:b2:91:fc:f2:06:74:fb:01:a5:
f0:1d:ec:55:55:0a:9f:87:99:6a:41:5d:77:31:24:8c:55:8d:
1e:f5:ea:39:39:fb:7d:29:f2:26:c0:6f:d2:9a:5b:bd:a4:22:
f5:a6:40:68:11:13:00:9e:c7:ad:fb:d5:09:a2:96:9d:10:6d:
e5:7d:a5:38:43:24:05:82:1f:a8:20:e8:22:99:ad:da:54:c0:
52:0e:8a:9d:23:5d:9b:e1:7f:c0:13:c1:60:fa:c8:94:bf:66:
73:e6:ab:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtqpPB800CdVWoUhFbyPyFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDI2MDYyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjY5ZTRlZmEyYTI3OGM4OTYyNTJiMTE1YjZmOTk3ZGZkODEyM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVWji4PqKjjtiPgb3pvEIkEwQpr6
qD/LiZv6qS/5fbtciNxzZTvkGLpIUBbxNtaLUnqQQ31FSYcfg30drlVHFNxxDXUp
Bq9EmEfxChoU61VIFBO8408nHPOkmIejPF4NZHSEsKmmgXghCCaawehDfYKdzuJ9
yWYord6BKm/vlTi0bW6Crhhh8Y87t8hNrm238sM9L/+MzpeEHDqwdWheGK6j7m2s
rEb2Cy2YOxEudGPC1vLy7OC0yezCFLtH8omZcNLkSxs1HpopCCl6kPV/8f17Y7+z
lfM1uVItNOoLJzLd7QbsWI/WbzaKU2HAbX01tYTFhJ310ZEydHIN5AD92QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZp5O+ionjIliUrEVtvmX39gSPeMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZG1uazc2S2llTWlXSlNzUlcyLVpmZjJCSTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL6MA0G
CSqGSIb3DQEBCwUAA4IBAQADRUs0VK9t2YxtEvM+/UyyJfvNhEwUcOjmPIb6EnuP
SLPGhaQ7M7tSyIwhA80rfcNR6n8TFUg3P93OCZHNGMXNg4O8euiBQVHiVcrbQz4p
wdApRNxRFQkhdgCzJ/YK/ZJUy955Z6HkfU3OAVHD5s0AE+BbknkZpbPrfZTgA3U/
UT302ZAtjHp9mitgPFCW3gCDLaT8gCIQ5lKykfzyBnT7AaXwHexVVQqfh5lqQV13
MSSMVY0e9eo5Oft9KfImwG/Smlu9pCL1pkBoERMAnset+9UJopadEG3lfaU4QyQF
gh+oIOgima3aVMBSDoqdI12b4X/AE8Fg+siUv2Zz5qtV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org