Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMh-j6vlm79rRqw28UaancGczVg.roa
File: nMh-j6vlm79rRqw28UaancGczVg.roa (raw, json)
Hash identifier: CFWsiIk6/TrqOayyiIQMY0maAs5W3KhH88YRdkX6E68=
Subject key identifier: 9C:C8:7E:8F:AB:E5:9B:BF:6B:46:AC:36:F1:46:9A:9D:C1:9C:CD:58
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187FF61C2812B8C9D859EDBA803A31DF11C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMh-j6vlm79rRqw28UaancGczVg.roa
Signing time: Tue 09 May 2023 07:20:09 +0000
ROA not before: Tue 09 May 2023 07:20:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202485
IP address blocks: 178.210.229.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ff:61:c2:81:2b:8c:9d:85:9e:db:a8:03:a3:1d:f1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 9 07:20:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cc87e8fabe59bbf6b46ac36f1469a9dc19ccd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:10:d6:cb:32:c9:e2:46:9d:78:17:e6:b2:
f1:bc:e3:70:f5:5b:43:a0:54:06:2a:98:87:b0:b9:
1d:7c:9c:5c:aa:18:e4:c8:03:f1:b1:5f:fd:9e:3c:
6c:de:3f:20:f3:ed:be:07:e3:b4:ef:b4:52:0b:49:
02:9c:1a:85:16:3c:c6:6b:aa:40:70:a1:45:f2:bd:
ac:e6:21:d9:a7:30:94:74:b3:c7:60:be:26:9a:05:
02:54:77:33:7f:ad:35:a6:84:29:e5:d0:67:f8:ca:
27:02:74:d0:6c:0f:08:0a:ed:60:74:47:ef:55:ab:
ec:cf:80:2a:46:95:60:d4:49:b0:76:14:0b:0e:87:
5e:62:c2:b2:b8:01:83:1c:38:9f:e3:b9:13:79:e3:
bc:7f:a0:7f:45:c6:fc:26:7d:ae:8a:d0:ce:45:89:
ae:6f:2f:08:5d:b0:57:41:f4:b2:ef:7a:5c:d5:05:
7d:0b:84:a7:cc:ce:31:3c:9b:fd:f5:86:c0:65:6c:
24:aa:6c:12:40:94:3a:f7:4e:c9:a6:66:3d:6c:52:
a7:a8:3a:cd:09:0e:6e:f9:17:20:9d:54:f4:2d:fa:
59:29:b9:a8:04:01:bc:bd:ba:b7:76:0f:fc:1d:58:
2e:3e:8a:ed:cd:e7:52:06:15:92:30:cd:ad:a1:03:
7b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C8:7E:8F:AB:E5:9B:BF:6B:46:AC:36:F1:46:9A:9D:C1:9C:CD:58
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMh-j6vlm79rRqw28UaancGczVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.229.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7c:34:a4:0a:b6:c9:79:10:ab:b6:29:81:fc:68:82:39:9c:
89:d7:d8:8a:c9:36:f0:3f:4d:46:b9:5c:1d:4a:43:bd:4e:25:
4b:99:38:0b:a9:72:53:fc:76:fb:6c:31:06:06:52:05:7e:fe:
d7:de:3c:c7:b0:83:04:2d:0d:1e:4b:1d:0b:91:e8:10:7e:b4:
c2:c7:5b:0e:db:e0:b5:ee:c3:ac:fe:47:d2:c8:e8:44:dc:38:
a0:1c:66:dc:20:02:6b:cd:22:e8:58:53:18:2e:c2:0a:c8:82:
78:cb:db:84:32:16:56:d8:14:7c:c0:ea:b5:33:74:34:b8:d1:
37:7a:fb:07:c1:00:29:06:9c:c3:86:a2:c9:b2:17:b4:e9:c4:
02:b5:7f:56:e2:b2:fd:8c:32:9d:d2:0b:06:d9:06:cc:aa:3d:
b3:e5:eb:35:ef:6a:4a:8b:cf:e2:04:35:44:75:e1:76:e9:12:
de:da:d5:17:dc:b2:e8:1c:8e:97:67:06:90:6d:a7:36:f6:af:
f1:97:61:5f:3c:76:d7:33:5d:a9:19:2e:bc:48:27:6b:c9:da:
68:98:fb:71:4f:c7:99:16:58:ee:c7:3e:e2:24:36:8d:cd:aa:
b0:a3:e0:53:66:22:df:30:ee:f0:cc:a6:d5:8f:5d:66:66:4d:
7f:af:57:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf/YcKBK4ydhZ7bqAOjHfEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTA5MDcyMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M4N2U4ZmFiZTU5YmJmNmI0NmFjMzZmMTQ2OWE5ZGMxOWNjZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh8Q1ssyyeJGnXgX5rLxvONw9VtD
oFQGKpiHsLkdfJxcqhjkyAPxsV/9njxs3j8g8+2+B+O077RSC0kCnBqFFjzGa6pA
cKFF8r2s5iHZpzCUdLPHYL4mmgUCVHczf601poQp5dBn+MonAnTQbA8ICu1gdEfv
Vavsz4AqRpVg1EmwdhQLDodeYsKyuAGDHDif47kTeeO8f6B/Rcb8Jn2uitDORYmu
by8IXbBXQfSy73pc1QV9C4SnzM4xPJv99YbAZWwkqmwSQJQ6907JpmY9bFKnqDrN
CQ5u+RcgnVT0LfpZKbmoBAG8vbq3dg/8HVguPortzedSBhWSMM2toQN7gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzIfo+r5Zu/a0asNvFGmp3BnM1YMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbk1oLWo2dmxtNzlyUnF3MjhVYWFuY0djelZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstLlMA0G
CSqGSIb3DQEBCwUAA4IBAQB3fDSkCrbJeRCrtimB/GiCOZyJ19iKyTbwP01GuVwd
SkO9TiVLmTgLqXJT/Hb7bDEGBlIFfv7X3jzHsIMELQ0eSx0LkegQfrTCx1sO2+C1
7sOs/kfSyOhE3DigHGbcIAJrzSLoWFMYLsIKyIJ4y9uEMhZW2BR8wOq1M3Q0uNE3
evsHwQApBpzDhqLJshe06cQCtX9W4rL9jDKd0gsG2QbMqj2z5es172pKi8/iBDVE
deF26RLe2tUX3LLoHI6XZwaQbac29q/xl2FfPHbXM12pGS68SCdrydpomPtxT8eZ
Fljuxz7iJDaNzaqwo+BTZiLfMO7wzKbVj11mZk1/r1f7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org