Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tElB5MiOLTECDdJcVwZccyeWZHc.roa
File: tElB5MiOLTECDdJcVwZccyeWZHc.roa (raw, json)
Hash identifier: /LmSLuQTO2Naow9CC55LMuyaiTrFfokPeux9/ZF+QEQ=
Subject key identifier: B4:49:41:E4:C8:8E:2D:31:02:0D:D2:5C:57:06:5C:73:27:96:64:77
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188E9AC816B7F33239EF20A7541C78FD590
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tElB5MiOLTECDdJcVwZccyeWZHc.roa
Signing time: Fri 23 Jun 2023 19:12:56 +0000
ROA not before: Fri 23 Jun 2023 19:12:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 178.210.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e9:ac:81:6b:7f:33:23:9e:f2:0a:75:41:c7:8f:d5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 23 19:12:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44941e4c88e2d31020dd25c57065c7327966477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:1d:d9:8a:4f:59:5b:6f:61:51:0a:40:6f:
01:ea:de:04:86:66:c1:c5:72:52:08:61:89:7c:ac:
d2:ee:ed:8b:68:7b:a1:45:84:48:a2:e7:90:a7:3c:
c5:1c:c6:b4:a9:f7:4f:03:2d:b9:dc:d6:4c:c2:90:
5b:e4:ee:0d:be:d7:6f:c2:d0:9b:86:b2:7c:74:19:
b4:f7:a8:1f:35:d4:9c:cd:71:33:f9:2b:9a:c5:c9:
2d:52:5d:4a:48:6c:b9:4c:f3:b8:e6:39:d8:b7:54:
ca:a0:c5:10:c2:1c:96:f8:68:99:83:41:54:ad:e2:
d1:67:ee:bd:c8:5f:8d:a2:3f:44:aa:49:e6:14:d8:
ef:66:3e:97:54:54:d0:bc:e9:f2:08:25:a4:7c:f4:
d2:d6:1f:cb:f3:d4:72:ba:fc:70:bb:ae:f5:fd:52:
e9:de:89:00:62:66:9b:31:67:71:0f:fa:5d:c9:9d:
17:62:05:40:e1:ba:38:22:2a:a9:a5:25:70:fa:bc:
00:32:20:2c:8c:08:17:6b:fc:2e:ba:67:01:37:0d:
a1:01:4c:f6:37:eb:45:97:f1:d0:3b:57:11:76:54:
34:c6:ca:df:07:a3:e0:35:dc:c9:e7:a1:3e:2a:b2:
31:4c:f9:8b:a2:f5:9f:35:92:5f:39:a4:dc:20:c2:
a4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:49:41:E4:C8:8E:2D:31:02:0D:D2:5C:57:06:5C:73:27:96:64:77
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tElB5MiOLTECDdJcVwZccyeWZHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:c4:8f:89:3f:2f:8b:f0:5b:58:0e:3b:79:f3:e3:92:87:1f:
1c:1f:63:fa:c1:c7:9b:56:34:27:29:cb:fc:0b:52:29:26:57:
12:3a:0f:a6:d8:33:f1:29:8f:6c:5e:fd:09:e9:ea:01:33:29:
76:cd:79:60:33:11:45:79:16:cb:9b:2c:75:5b:58:62:a9:10:
b1:b5:0b:6a:f8:39:21:18:ee:29:26:5d:fd:72:15:dc:33:83:
e2:7f:35:0a:e0:c0:c7:72:99:3a:b7:11:2a:f8:b0:18:4f:61:
2b:38:0c:47:be:4a:a8:5b:6e:46:79:6e:10:e2:fe:29:61:a7:
71:63:6c:19:17:cf:f6:3e:5c:d4:c4:9d:ad:c2:a5:5d:f0:e6:
b6:cd:7f:a4:26:d0:5b:65:05:c9:8d:3d:7a:55:2d:d8:24:38:
b6:11:da:4c:c8:16:20:37:d0:39:e0:24:ce:44:79:f8:83:01:
97:96:db:cb:37:76:be:23:dd:5b:76:f9:d4:78:5c:59:1f:26:
c4:ce:fe:a5:a4:64:c5:7e:30:ab:ff:5d:e1:6a:fb:03:fb:b3:
88:29:4d:e6:3f:28:20:c0:e3:98:86:c8:f8:1d:9a:73:a1:e8:
1a:aa:36:64:dc:a6:6e:63:91:b4:51:6f:c8:07:ce:1c:f7:a8:
86:c1:2d:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjprIFrfzMjnvIKdUHHj9WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjIzMTkxMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDQ5NDFlNGM4OGUyZDMxMDIwZGQyNWM1NzA2NWM3MzI3OTY2NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygId2YpPWVtvYVEKQG8B6t4EhmbB
xXJSCGGJfKzS7u2LaHuhRYRIoueQpzzFHMa0qfdPAy253NZMwpBb5O4NvtdvwtCb
hrJ8dBm096gfNdSczXEz+SuaxcktUl1KSGy5TPO45jnYt1TKoMUQwhyW+GiZg0FU
reLRZ+69yF+Noj9EqknmFNjvZj6XVFTQvOnyCCWkfPTS1h/L89Ryuvxwu671/VLp
3okAYmabMWdxD/pdyZ0XYgVA4bo4IiqppSVw+rwAMiAsjAgXa/wuumcBNw2hAUz2
N+tFl/HQO1cRdlQ0xsrfB6PgNdzJ56E+KrIxTPmLovWfNZJfOaTcIMKk7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRJQeTIji0xAg3SXFcGXHMnlmR3MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdEVsQjVNaU9MVEVDRGRKY1Z3WmNjeWVXWkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstL6MA0G
CSqGSIb3DQEBCwUAA4IBAQA7xI+JPy+L8FtYDjt58+OShx8cH2P6wcebVjQnKcv8
C1IpJlcSOg+m2DPxKY9sXv0J6eoBMyl2zXlgMxFFeRbLmyx1W1hiqRCxtQtq+Dkh
GO4pJl39chXcM4PifzUK4MDHcpk6txEq+LAYT2ErOAxHvkqoW25GeW4Q4v4pYadx
Y2wZF8/2PlzUxJ2twqVd8Oa2zX+kJtBbZQXJjT16VS3YJDi2EdpMyBYgN9A54CTO
RHn4gwGXltvLN3a+I91bdvnUeFxZHybEzv6lpGTFfjCr/13havsD+7OIKU3mPygg
wOOYhsj4HZpzoegaqjZk3KZuY5G0UW/IB84c96iGwS1H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org