Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zrAyoBP7gBUkbPRohn76kdDzaoY.roa
File: zrAyoBP7gBUkbPRohn76kdDzaoY.roa (raw, json)
Hash identifier: IeJoVJNnFeC9ybv/lCtLaQf/bsv8UgXvw+VjPE9dPBM=
Subject key identifier: CE:B0:32:A0:13:FB:80:15:24:6C:F4:68:86:7E:FA:91:D0:F3:6A:86
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0184F1A4808F222E3B37267EBD0CE476A8F4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zrAyoBP7gBUkbPRohn76kdDzaoY.roa
Signing time: Thu 08 Dec 2022 12:10:00 +0000
ROA not before: Thu 08 Dec 2022 12:10:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206873
IP address blocks: 178.210.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:a4:80:8f:22:2e:3b:37:26:7e:bd:0c:e4:76:a8:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 8 12:10:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ceb032a013fb8015246cf468867efa91d0f36a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:10:43:69:ff:51:a6:e3:2f:3e:24:92:1a:15:
cf:34:f5:e8:a6:9b:30:d2:e7:f9:28:a0:97:0d:f9:
9b:e9:87:5b:4f:d5:a5:91:7b:a8:40:4b:26:82:b2:
1f:eb:81:fa:b5:d7:28:c1:43:17:6b:1a:a7:3b:39:
0a:25:73:59:ea:51:bc:67:c5:48:a5:d5:2b:00:5d:
0c:fe:cb:7c:ac:cd:0d:df:7b:98:23:ac:23:dd:bf:
b9:e0:8b:24:4f:3c:d5:09:55:f9:e0:fa:8a:0a:57:
6f:7a:6b:c9:bf:7b:16:2c:20:37:b0:91:ad:3a:c7:
12:3e:96:c7:ab:c4:4d:0b:a4:10:5d:a9:c6:7f:ce:
62:8b:ab:54:60:86:46:66:89:45:53:75:9d:3e:ad:
f3:cb:3b:ab:57:39:92:f7:66:06:a6:38:f6:70:a7:
98:17:bf:32:15:b1:58:27:32:c5:1e:52:06:fc:03:
1a:87:d6:6c:7b:bb:7c:1c:74:07:2b:a6:15:84:29:
9d:c0:dd:c8:5e:71:dc:ba:5b:5e:84:cb:eb:96:75:
a3:f1:6c:00:f4:b6:f7:33:e1:b8:ac:57:65:87:18:
46:86:46:86:c8:df:20:b5:0e:17:06:19:4f:37:51:
38:57:12:96:c9:19:cc:f6:66:17:42:0f:d4:68:33:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B0:32:A0:13:FB:80:15:24:6C:F4:68:86:7E:FA:91:D0:F3:6A:86
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zrAyoBP7gBUkbPRohn76kdDzaoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.233.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f9:a4:1c:17:12:39:90:5f:2e:3f:3f:dd:06:2c:ec:77:dc:
ba:21:c9:32:6e:f3:e7:9f:62:7e:a4:d1:5f:53:ad:ee:3d:61:
19:19:f5:10:d4:a9:40:b4:da:58:19:99:1c:a2:2b:7e:67:ff:
80:5b:51:0b:bf:bd:88:e5:db:2c:d8:61:b6:99:09:73:91:29:
00:ab:88:66:f6:fc:6e:cc:f4:48:1f:c4:3d:d5:f6:1d:20:8d:
87:3b:4d:eb:28:99:49:85:73:f9:45:0d:84:c6:bd:bf:d2:9d:
ca:0f:69:42:45:90:96:3b:46:88:5d:d7:f5:97:be:7d:0b:1f:
08:07:dd:58:31:0b:aa:b9:0a:2d:26:ac:4f:38:70:8d:20:3a:
03:d1:6b:fe:bd:dd:28:96:8f:fe:ce:6e:bc:6f:60:84:57:40:
b1:a5:32:d0:56:5d:50:42:3e:6e:cb:af:a8:77:41:d6:5f:9d:
4c:d3:fb:51:b4:2a:21:12:a4:52:ed:63:55:88:61:ea:4a:06:
79:7d:bf:6d:40:0b:c1:43:60:97:fd:3c:50:b5:7c:e1:68:14:
67:b8:22:d6:32:10:27:bd:15:ea:96:ec:15:4d:eb:2c:d7:92:
13:42:f1:cd:51:31:26:a0:94:67:ce:e7:12:b1:6b:49:a6:a3:
7d:8e:4d:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTxpICPIi47NyZ+vQzkdqj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjA4MTIxMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWIwMzJhMDEzZmI4MDE1MjQ2Y2Y0Njg4NjdlZmE5MWQwZjM2YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhBDaf9RpuMvPiSSGhXPNPXoppsw
0uf5KKCXDfmb6YdbT9WlkXuoQEsmgrIf64H6tdcowUMXaxqnOzkKJXNZ6lG8Z8VI
pdUrAF0M/st8rM0N33uYI6wj3b+54IskTzzVCVX54PqKCldvemvJv3sWLCA3sJGt
OscSPpbHq8RNC6QQXanGf85ii6tUYIZGZolFU3WdPq3zyzurVzmS92YGpjj2cKeY
F78yFbFYJzLFHlIG/AMah9Zse7t8HHQHK6YVhCmdwN3IXnHcultehMvrlnWj8WwA
9Lb3M+G4rFdlhxhGhkaGyN8gtQ4XBhlPN1E4VxKWyRnM9mYXQg/UaDPNOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6wMqAT+4AVJGz0aIZ++pHQ82qGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvenJBeW9CUDdnQlVrYlBSb2huNzZrZER6YW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstLpMA0G
CSqGSIb3DQEBCwUAA4IBAQAS+aQcFxI5kF8uPz/dBizsd9y6IckybvPnn2J+pNFf
U63uPWEZGfUQ1KlAtNpYGZkcoit+Z/+AW1ELv72I5dss2GG2mQlzkSkAq4hm9vxu
zPRIH8Q91fYdII2HO03rKJlJhXP5RQ2Exr2/0p3KD2lCRZCWO0aIXdf1l759Cx8I
B91YMQuquQotJqxPOHCNIDoD0Wv+vd0olo/+zm68b2CEV0CxpTLQVl1QQj5uy6+o
d0HWX51M0/tRtCohEqRS7WNViGHqSgZ5fb9tQAvBQ2CX/TxQtXzhaBRnuCLWMhAn
vRXqluwVTess15ITQvHNUTEmoJRnzucSsWtJpqN9jk1U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org