Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iRs54gbVnX3Ad6HJbj4w_rjedSg.roa
File: iRs54gbVnX3Ad6HJbj4w_rjedSg.roa (raw, json)
Hash identifier: 5Cf5E9LbSqrg6XK8vNGkMpe70aFKdDWIQ80DaT4JvS0=
Subject key identifier: 89:1B:39:E2:06:D5:9D:7D:C0:77:A1:C9:6E:3E:30:FE:B8:DE:75:28
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018ABBD9097E4453C585E82FD17EECAB1293
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iRs54gbVnX3Ad6HJbj4w_rjedSg.roa
Signing time: Fri 22 Sep 2023 07:44:37 +0000
ROA not before: Fri 22 Sep 2023 07:44:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 178.210.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:d9:09:7e:44:53:c5:85:e8:2f:d1:7e:ec:ab:12:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 22 07:44:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=891b39e206d59d7dc077a1c96e3e30feb8de7528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:35:0e:d5:3e:ed:0f:16:b9:2c:d3:43:b3:06:
49:92:e7:d2:a0:14:59:6b:a0:6f:c7:58:eb:35:83:
87:20:7d:5a:37:8f:e9:02:66:f4:d3:3b:ed:f2:c3:
89:4d:65:25:c9:bf:7b:2e:ed:74:de:16:93:40:cd:
5e:5a:df:6f:48:d9:a0:f4:93:25:a5:8d:9b:53:af:
f4:76:36:e9:6b:ac:8b:ab:52:5a:a5:c7:0f:8a:34:
a1:c5:80:6a:ef:48:ac:48:fa:c6:4a:5e:65:78:ea:
d9:95:9c:ed:93:f1:78:66:10:bb:df:a0:33:ce:87:
98:d2:8c:bb:ef:93:b3:28:d9:49:40:02:2e:34:87:
52:96:f6:e9:ce:d5:8e:90:e8:2c:0b:b5:8a:38:2f:
ab:e5:13:e3:9b:a3:63:84:5a:5c:b0:92:45:8c:70:
35:1d:38:a0:12:3a:ee:40:33:c7:db:b7:46:7d:f7:
53:55:60:a3:56:53:60:b1:eb:d7:76:90:d3:d7:38:
6c:8b:d1:d0:04:27:24:20:5b:cd:6a:6c:db:d3:13:
a0:1f:5b:43:38:d1:15:d1:02:19:b5:f7:8f:ab:69:
35:e5:7b:5d:2e:aa:92:54:cc:6d:2e:fa:58:40:74:
85:a5:08:a3:76:5b:aa:d6:29:a2:fc:fa:5d:44:24:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1B:39:E2:06:D5:9D:7D:C0:77:A1:C9:6E:3E:30:FE:B8:DE:75:28
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iRs54gbVnX3Ad6HJbj4w_rjedSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
18:94:63:8b:56:89:f5:40:b9:21:3b:b8:70:dd:7e:c4:e8:4c:
4e:5e:02:73:1c:17:af:58:b0:f2:b5:aa:f5:22:42:4d:81:f2:
58:e3:9d:02:9d:e7:f6:96:c6:73:37:45:b6:e2:fe:49:dc:32:
9c:29:34:64:d3:9f:10:20:0a:58:c6:02:04:58:ce:3a:bb:72:
83:7c:ed:8d:92:90:2c:f1:2c:e2:69:d9:80:80:f8:26:fc:ce:
08:92:4c:48:41:17:f8:98:1a:7e:28:a0:c8:09:0d:bf:30:56:
ba:81:19:68:72:da:3a:32:51:6b:c1:02:c2:55:5c:2d:78:3b:
eb:59:b1:61:bd:38:77:11:38:4f:37:36:52:ee:a1:83:0d:77:
d6:6a:9f:d4:2f:7b:d2:20:81:9c:69:0b:6d:d6:4b:36:01:ef:
44:dd:22:cc:71:e8:0e:99:aa:74:56:60:af:20:3b:c7:f2:2a:
f5:ee:cd:38:74:fd:76:cb:d6:d9:11:a4:24:76:2a:c5:c0:8d:
a6:3e:59:da:57:d7:f0:7f:ea:dc:d9:11:55:ef:dc:89:14:51:
42:f5:70:56:3c:d0:1c:da:50:b0:14:86:84:6a:30:16:65:30:
8e:73:d0:e9:fa:9d:03:e8:57:6b:10:8c:e5:8f:2f:41:5a:02:
fe:9a:3c:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq72Ql+RFPFhegv0X7sqxKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTIyMDc0NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFiMzllMjA2ZDU5ZDdkYzA3N2ExYzk2ZTNlMzBmZWI4ZGU3NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjUO1T7tDxa5LNNDswZJkufSoBRZ
a6Bvx1jrNYOHIH1aN4/pAmb00zvt8sOJTWUlyb97Lu103haTQM1eWt9vSNmg9JMl
pY2bU6/0djbpa6yLq1JapccPijShxYBq70isSPrGSl5leOrZlZztk/F4ZhC736Az
zoeY0oy775OzKNlJQAIuNIdSlvbpztWOkOgsC7WKOC+r5RPjm6NjhFpcsJJFjHA1
HTigEjruQDPH27dGffdTVWCjVlNgsevXdpDT1zhsi9HQBCckIFvNamzb0xOgH1tD
ONEV0QIZtfePq2k15XtdLqqSVMxtLvpYQHSFpQijdluq1imi/PpdRCQI+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkbOeIG1Z19wHehyW4+MP643nUoMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaVJzNTRnYlZuWDNBZDZISmJqNHdfcmplZFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL6MA0G
CSqGSIb3DQEBCwUAA4IBAQAYlGOLVon1QLkhO7hw3X7E6ExOXgJzHBevWLDytar1
IkJNgfJY450Cnef2lsZzN0W24v5J3DKcKTRk058QIApYxgIEWM46u3KDfO2NkpAs
8SziadmAgPgm/M4IkkxIQRf4mBp+KKDICQ2/MFa6gRlocto6MlFrwQLCVVwteDvr
WbFhvTh3EThPNzZS7qGDDXfWap/UL3vSIIGcaQtt1ks2Ae9E3SLMcegOmap0VmCv
IDvH8ir17s04dP12y9bZEaQkdirFwI2mPlnaV9fwf+rc2RFV79yJFFFC9XBWPNAc
2lCwFIaEajAWZTCOc9Dp+p0D6FdrEIzljy9BWgL+mjwS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org