Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/SWP6oP-oc-8YhtgeIJi-tGS3QAU.roa
File: SWP6oP-oc-8YhtgeIJi-tGS3QAU.roa (raw, json)
Hash identifier: ITBGdZHWXUkIhPK4dHJESFWcrycAQ9ePTSQojiFg14E=
Subject key identifier: 49:63:FA:A0:FF:A8:73:EF:18:86:D8:1E:20:98:BE:B4:64:B7:40:05
Certificate issuer: /CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Certificate serial: 019146293AB63202030BDE8D580EE019983B
Authority key identifier: 08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/SWP6oP-oc-8YhtgeIJi-tGS3QAU.roa
Signing time: Mon 12 Aug 2024 10:36:32 +0000
ROA not before: Mon 12 Aug 2024 10:36:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51693
IP address blocks: 178.213.128.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:29:3a:b6:32:02:03:0b:de:8d:58:0e:e0:19:98:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Validity
Not Before: Aug 12 10:36:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4963faa0ffa873ef1886d81e2098beb464b74005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:23:0c:f2:d6:0b:f5:67:d6:22:74:56:ec:f3:
24:48:3e:27:df:ac:c9:09:20:15:ea:f8:95:d8:15:
25:ad:80:67:ad:82:7f:62:1b:65:ab:ad:24:0c:15:
aa:7c:ba:87:d8:76:d2:60:c2:6a:1f:87:b4:bf:31:
2b:75:ec:e1:1a:90:26:b0:38:d9:ce:cc:2b:93:7a:
46:38:f2:4e:e6:b4:3b:c2:9d:48:08:ec:ee:ad:03:
5b:19:6b:79:e8:63:06:a7:98:ab:a7:b0:85:3c:4d:
f7:ad:d8:8e:8a:24:6c:50:4a:10:b1:6f:4b:6d:fc:
91:dc:57:8b:dc:5a:9b:3d:b1:39:e8:99:e4:a1:fa:
77:1e:41:bd:83:33:0c:5a:f4:20:f5:aa:fa:80:7c:
f4:08:0f:d9:1c:01:03:b5:db:ec:ce:50:80:89:c6:
36:03:94:00:2d:a8:56:94:4f:f7:13:87:29:bd:08:
dc:f2:8b:0c:48:bb:73:3f:6a:c1:e3:1f:9d:78:63:
c1:c5:73:c7:cb:ba:86:e7:01:9c:66:50:6c:85:3e:
fe:e2:7f:4f:c5:14:38:a3:9d:dc:43:c2:25:23:6b:
fc:4b:d4:60:42:4b:3c:0e:e9:6f:94:f9:86:da:23:
c0:26:a8:5f:e6:f2:1b:9a:22:22:73:55:7a:a6:20:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:63:FA:A0:FF:A8:73:EF:18:86:D8:1E:20:98:BE:B4:64:B7:40:05
X509v3 Authority Key Identifier:
keyid:08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/SWP6oP-oc-8YhtgeIJi-tGS3QAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.128.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:a8:93:bc:07:15:c9:4d:ac:2a:3c:ca:e1:4c:06:cc:b9:1e:
46:48:08:80:e5:2a:b8:33:f5:05:f4:f3:71:a7:12:8a:2c:c7:
7c:8d:bf:e5:79:0d:e3:5e:c9:49:60:e3:0d:70:71:4c:9c:c6:
16:86:b2:38:ed:a4:2a:56:ae:c8:04:82:36:41:ad:f2:de:cd:
9d:27:80:62:d8:f8:d8:dd:1e:83:43:84:73:b9:31:4e:f4:03:
6c:29:67:c1:88:60:89:77:d1:b9:c8:ad:d4:b3:d1:34:bc:bd:
9d:38:0f:95:f1:81:a9:83:70:3f:c6:d5:cf:fe:e4:0f:66:23:
cf:10:ee:e9:8e:54:70:c6:6f:b9:24:2b:ab:94:89:9e:9c:f2:
d1:4b:e1:e6:37:20:a4:9b:c7:ac:ea:91:06:7f:e2:e5:6b:46:
a7:3a:00:a8:12:a3:c8:c6:13:34:6f:87:ac:f3:c8:b6:36:ea:
45:5c:c7:78:66:ea:7f:81:7c:f6:46:2e:d0:9f:f1:ce:16:af:
39:e7:fa:9c:22:9f:73:49:14:82:94:4c:5e:a6:be:a4:bb:21:
67:9a:00:bf:8f:fb:51:6c:0f:96:ec:2f:9e:f1:a2:02:b9:77:
01:82:42:e1:a2:73:6c:3b:f2:f5:7a:cf:d4:0e:2e:c1:82:25:
4c:7b:a6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFGKTq2MgIDC96NWA7gGZg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NTk3ODZmMjI2Y2I2ZDQ5MGJmYjU0Mjk0ZTYxMWE3ZDUx
YThmMWUwHhcNMjQwODEyMTAzNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTYzZmFhMGZmYTg3M2VmMTg4NmQ4MWUyMDk4YmViNDY0Yjc0MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSMM8tYL9WfWInRW7PMkSD4n36zJ
CSAV6viV2BUlrYBnrYJ/Yhtlq60kDBWqfLqH2HbSYMJqH4e0vzErdezhGpAmsDjZ
zswrk3pGOPJO5rQ7wp1ICOzurQNbGWt56GMGp5irp7CFPE33rdiOiiRsUEoQsW9L
bfyR3FeL3FqbPbE56Jnkofp3HkG9gzMMWvQg9ar6gHz0CA/ZHAEDtdvszlCAicY2
A5QALahWlE/3E4cpvQjc8osMSLtzP2rB4x+deGPBxXPHy7qG5wGcZlBshT7+4n9P
xRQ4o53cQ8IlI2v8S9RgQks8DulvlPmG2iPAJqhf5vIbmiIic1V6piD/RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElj+qD/qHPvGIbYHiCYvrRkt0AFMB8GA1UdIwQY
MBaAFAhZeG8ibLbUkL+1QpTmEafVGo8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQt
NTJmZTQ0MzQzNTBlLzEvU1dQNm9QLW9jLThZaHRnZUlKaS10R1MzUUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC82ODRlZTMtZmJlZC00MjI2LTkxYWQtNTJmZTQ0MzQzNTBl
LzEvQ0ZsNGJ5SnN0dFNRdjdWQ2xPWVJwOVVhang0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstWAMA0G
CSqGSIb3DQEBCwUAA4IBAQBdqJO8BxXJTawqPMrhTAbMuR5GSAiA5Sq4M/UF9PNx
pxKKLMd8jb/leQ3jXslJYOMNcHFMnMYWhrI47aQqVq7IBII2Qa3y3s2dJ4Bi2PjY
3R6DQ4RzuTFO9ANsKWfBiGCJd9G5yK3Us9E0vL2dOA+V8YGpg3A/xtXP/uQPZiPP
EO7pjlRwxm+5JCurlImenPLRS+HmNyCkm8es6pEGf+Lla0anOgCoEqPIxhM0b4es
88i2NupFXMd4Zup/gXz2Ri7Qn/HOFq855/qcIp9zSRSClExepr6kuyFnmgC/j/tR
bA+W7C+e8aICuXcBgkLhonNsO/L1es/UDi7BgiVMe6Z8
-----END CERTIFICATE-----
Generated at Wed May 14 23:44:52 2025 by rpki-client