Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fb4JLJcl-i0nt_-JYenqHiJXhH4.roa
File: fb4JLJcl-i0nt_-JYenqHiJXhH4.roa (raw, json)
Hash identifier: bbQHr5qbph8jzkujBPiAR79Q/qzO+7aTzAAlUjNcDFw=
Subject key identifier: 7D:BE:09:2C:97:25:FA:2D:27:B7:FF:89:61:E9:EA:1E:22:57:84:7E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7B229CD9BEC69C94746D687695BF8
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fb4JLJcl-i0nt_-JYenqHiJXhH4.roa
Signing time: Mon 02 Jan 2023 09:54:47 +0000
ROA not before: Mon 02 Jan 2023 09:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 178.210.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:b2:29:cd:9b:ec:69:c9:47:46:d6:87:69:5b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dbe092c9725fa2d27b7ff8961e9ea1e2257847e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0e:44:94:f8:23:34:33:12:d9:10:d4:26:c9:
b0:03:4b:ad:43:5f:67:ca:bd:b4:ba:2f:c3:ec:8b:
42:b6:e4:6e:eb:17:0c:19:7f:4c:7d:04:0c:66:9f:
2a:ba:f4:2e:91:cb:58:fe:45:00:1e:2e:3a:91:fc:
4a:9e:2f:f7:92:24:46:34:1a:06:cc:ff:7f:42:ad:
c3:85:c2:6d:d2:51:c1:71:af:ac:d0:b0:10:c9:7e:
25:08:5d:07:66:23:f7:01:b4:4b:29:b1:57:58:2b:
a9:c8:d0:4e:d1:d0:d4:6c:48:88:54:25:7f:d7:0e:
63:58:cc:ce:36:06:b1:8f:bf:af:19:9e:ea:d1:2b:
78:70:14:e6:06:a8:27:96:07:0f:ff:ba:9a:ea:62:
a2:bc:c6:b7:b8:52:c6:84:b6:b4:4f:a4:d7:b3:43:
98:04:21:55:63:78:24:28:47:0e:d0:e4:74:bb:b0:
1b:1c:af:d6:e3:70:e7:04:71:37:ed:f1:de:39:17:
b4:5c:66:29:18:a3:03:95:c6:ed:9e:2e:86:ca:d2:
6f:7e:75:d8:2f:38:1a:e2:b6:27:97:a6:e7:e6:2e:
08:79:72:f2:13:f5:dc:91:1b:8f:3a:34:84:3e:cc:
7b:ee:a9:81:f4:08:87:7f:c2:91:d6:d1:d7:09:43:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:BE:09:2C:97:25:FA:2D:27:B7:FF:89:61:E9:EA:1E:22:57:84:7E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fb4JLJcl-i0nt_-JYenqHiJXhH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.253.0/24
Signature Algorithm: sha256WithRSAEncryption
30:cf:5e:1f:11:3d:66:6d:70:18:12:b8:1b:7f:97:2a:4e:da:
cb:82:f0:5e:c9:10:96:49:36:c9:2e:16:58:07:71:e1:ed:34:
52:9b:ef:ab:2a:4c:cd:78:d2:25:6c:a6:cf:c5:4b:26:e1:b7:
a1:ac:4a:16:43:01:7a:93:9a:4c:9a:bf:e7:49:b7:80:06:46:
d0:a7:5b:2b:20:36:4f:fb:1e:3a:85:82:74:e2:37:55:95:39:
81:b8:60:68:30:8c:93:98:d2:2e:32:6d:08:9f:b3:c6:71:63:
08:4f:43:01:d7:d6:8e:86:2e:b9:13:6b:47:c2:f7:cd:9c:a5:
7a:1f:ce:7e:cd:6d:6f:2a:2c:29:7a:ed:dd:5b:7d:26:05:25:
b3:3b:cd:93:83:13:85:37:72:35:a4:fd:83:46:f8:1c:15:7e:
d4:4e:18:51:ee:54:6a:cf:a5:d9:36:8f:62:6b:68:8d:c1:47:
25:7b:23:c9:0f:3f:7e:6b:fb:ce:ba:8e:7f:4e:4b:a6:d3:ec:
89:f7:27:12:c2:18:38:d9:84:50:65:f7:6e:bc:a6:d3:88:0e:
39:c5:db:f2:c0:f6:1d:92:47:fe:af:c2:fd:d9:44:28:7b:2e:
74:1f:b6:20:5a:7b:7d:d8:d7:84:ec:7c:45:2f:0d:1e:2d:22:
7f:92:21:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx57IpzZvsaclHRtaHaVv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGJlMDkyYzk3MjVmYTJkMjdiN2ZmODk2MWU5ZWExZTIyNTc4NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw5ElPgjNDMS2RDUJsmwA0utQ19n
yr20ui/D7ItCtuRu6xcMGX9MfQQMZp8quvQukctY/kUAHi46kfxKni/3kiRGNBoG
zP9/Qq3DhcJt0lHBca+s0LAQyX4lCF0HZiP3AbRLKbFXWCupyNBO0dDUbEiIVCV/
1w5jWMzONgaxj7+vGZ7q0St4cBTmBqgnlgcP/7qa6mKivMa3uFLGhLa0T6TXs0OY
BCFVY3gkKEcO0OR0u7AbHK/W43DnBHE37fHeORe0XGYpGKMDlcbtni6GytJvfnXY
Lzga4rYnl6bn5i4IeXLyE/XckRuPOjSEPsx77qmB9AiHf8KR1tHXCUOQuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2+CSyXJfotJ7f/iWHp6h4iV4R+MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZmI0SkxKY2wtaTBudF8tSlllbnFIaUpYaEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL9MA0G
CSqGSIb3DQEBCwUAA4IBAQAwz14fET1mbXAYErgbf5cqTtrLgvBeyRCWSTbJLhZY
B3Hh7TRSm++rKkzNeNIlbKbPxUsm4behrEoWQwF6k5pMmr/nSbeABkbQp1srIDZP
+x46hYJ04jdVlTmBuGBoMIyTmNIuMm0In7PGcWMIT0MB19aOhi65E2tHwvfNnKV6
H85+zW1vKiwpeu3dW30mBSWzO82TgxOFN3I1pP2DRvgcFX7UThhR7lRqz6XZNo9i
a2iNwUcleyPJDz9+a/vOuo5/Tkum0+yJ9ycSwhg42YRQZfduvKbTiA45xdvywPYd
kkf+r8L92UQoey50H7YgWnt92NeE7HxFLw0eLSJ/kiEO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org