Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s543t7U_pwkajfdDJ_fa_5BnxOM.roa
File: s543t7U_pwkajfdDJ_fa_5BnxOM.roa (raw, json)
Hash identifier: BzGp1/nvJL6WEhTaGOSL775vZ7kPAfc2/ku6yVS+/8A=
Subject key identifier: B3:9E:37:B7:B5:3F:A7:09:1A:8D:F7:43:27:F7:DA:FF:90:67:C4:E3
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01853EAF6C8210894A955E9259513F5AD8D5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s543t7U_pwkajfdDJ_fa_5BnxOM.roa
Signing time: Fri 23 Dec 2022 11:12:42 +0000
ROA not before: Fri 23 Dec 2022 11:12:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 178.210.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:af:6c:82:10:89:4a:95:5e:92:59:51:3f:5a:d8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 23 11:12:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b39e37b7b53fa7091a8df74327f7daff9067c4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:cf:1c:c4:67:97:f4:c8:50:02:53:76:97:
76:8f:8f:a2:49:87:9d:d1:ac:21:8a:54:7a:af:af:
c1:75:8a:eb:ee:88:57:4d:ad:69:72:fd:77:0a:86:
0f:2f:02:ab:68:df:0e:cb:0e:e4:02:42:39:77:af:
82:8a:a8:b3:97:a7:c3:f3:cc:ac:f9:79:ce:7f:4c:
e4:97:b9:44:91:a5:77:12:8d:c9:28:7c:2e:21:32:
a3:de:03:a7:12:38:19:17:33:a5:f4:1e:f5:26:17:
54:19:8d:1b:6d:85:55:20:ea:aa:b6:2b:4c:1c:b7:
5c:7a:20:8c:da:e1:58:1b:b3:7a:56:16:a7:d2:69:
06:d2:56:3f:4c:49:07:94:46:a7:d2:7c:c2:76:3b:
a4:9e:6a:76:74:e1:db:33:6d:88:18:6f:70:0a:0d:
bb:eb:31:69:5b:a9:e9:56:db:bd:f2:db:9e:e6:1d:
7b:8b:ab:29:71:16:ac:27:fe:1e:33:fd:27:a0:f4:
54:6d:6a:1f:90:18:e7:5a:3f:0d:4a:c0:70:30:9c:
45:bf:b7:7b:30:4a:14:5b:ad:36:a9:66:37:15:c8:
70:ef:01:33:03:33:51:4e:8c:2b:56:f5:00:d5:c2:
db:5d:85:46:d6:ac:96:f6:67:93:4b:f0:3a:b7:d5:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9E:37:B7:B5:3F:A7:09:1A:8D:F7:43:27:F7:DA:FF:90:67:C4:E3
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s543t7U_pwkajfdDJ_fa_5BnxOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.248.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a7:19:c1:d0:77:0d:9c:9e:0e:5b:8a:de:3f:71:30:70:1f:
17:f2:a6:7e:e4:e6:c1:5c:a9:a0:14:a0:ec:5d:2f:d2:cb:41:
6e:ea:14:8e:3e:46:be:8e:16:c8:b1:4b:a8:2b:f4:df:04:36:
e1:93:92:9e:45:86:8d:17:a4:43:4e:25:0b:e0:85:e6:e9:5e:
d6:03:7a:6b:6e:4d:a1:50:d0:50:83:ca:30:12:73:77:69:23:
ae:73:98:71:5a:ae:b9:76:36:48:22:53:ab:3f:4f:bb:1b:06:
9e:c6:78:3f:c4:b4:85:11:20:90:aa:d0:73:7e:da:bb:ff:0a:
7d:90:7e:c0:b8:64:ec:52:a2:62:14:c9:7d:9c:59:7c:7d:57:
de:a2:75:b5:51:d2:5c:86:99:9a:4f:75:54:4d:cb:52:2b:c8:
7a:01:17:1b:d1:01:5b:09:74:75:cb:4d:dd:b7:03:d9:6b:ae:
db:8b:c6:30:ad:51:28:4e:ff:6d:b3:95:fa:86:11:03:eb:16:
48:15:9b:91:56:37:64:a0:c3:2a:3b:13:50:a0:af:9c:e3:df:
37:bc:55:3b:a2:6e:7b:54:ad:0f:17:8c:a1:9b:18:fa:39:ca:
36:d1:9e:06:31:49:42:aa:9d:41:66:74:54:ec:e5:32:59:27:
6c:be:8c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU+r2yCEIlKlV6SWVE/WtjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjIzMTExMjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzllMzdiN2I1M2ZhNzA5MWE4ZGY3NDMyN2Y3ZGFmZjkwNjdjNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ezPHMRnl/TIUAJTdpd2j4+iSYed
0awhilR6r6/BdYrr7ohXTa1pcv13CoYPLwKraN8Oyw7kAkI5d6+Ciqizl6fD88ys
+XnOf0zkl7lEkaV3Eo3JKHwuITKj3gOnEjgZFzOl9B71JhdUGY0bbYVVIOqqtitM
HLdceiCM2uFYG7N6Vhan0mkG0lY/TEkHlEan0nzCdjuknmp2dOHbM22IGG9wCg27
6zFpW6npVtu98tue5h17i6spcRasJ/4eM/0noPRUbWofkBjnWj8NSsBwMJxFv7d7
MEoUW602qWY3Fchw7wEzAzNRTowrVvUA1cLbXYVG1qyW9meTS/A6t9XDgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOeN7e1P6cJGo33Qyf32v+QZ8TjMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvczU0M3Q3VV9wd2thamZkREpfZmFfNUJueE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL4MA0G
CSqGSIb3DQEBCwUAA4IBAQB5pxnB0HcNnJ4OW4reP3EwcB8X8qZ+5ObBXKmgFKDs
XS/Sy0Fu6hSOPka+jhbIsUuoK/TfBDbhk5KeRYaNF6RDTiUL4IXm6V7WA3prbk2h
UNBQg8owEnN3aSOuc5hxWq65djZIIlOrP0+7Gwaexng/xLSFESCQqtBzftq7/wp9
kH7AuGTsUqJiFMl9nFl8fVfeonW1UdJchpmaT3VUTctSK8h6ARcb0QFbCXR1y03d
twPZa67bi8YwrVEoTv9ts5X6hhED6xZIFZuRVjdkoMMqOxNQoK+c4983vFU7om57
VK0PF4yhmxj6Oco20Z4GMUlCqp1BZnRU7OUyWSdsvows
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org