Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0noiujxZ1iXZMOAiclQ4WlFkWgc.roa
File: 0noiujxZ1iXZMOAiclQ4WlFkWgc.roa (raw, json)
Hash identifier: 3AcvMptHcgcdo8q99W7dG7F+OOcLqGFB9nZhBhIBn04=
Subject key identifier: D2:7A:22:BA:3C:59:D6:25:D9:30:E0:22:72:54:38:5A:51:64:5A:07
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188AE3ADA9952B78F4DAC6CB81026744E0C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0noiujxZ1iXZMOAiclQ4WlFkWgc.roa
Signing time: Mon 12 Jun 2023 06:11:12 +0000
ROA not before: Mon 12 Jun 2023 06:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.59.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
2.58.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:3a:da:99:52:b7:8f:4d:ac:6c:b8:10:26:74:4e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 12 06:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d27a22ba3c59d625d930e0227254385a51645a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4a:43:8f:39:cb:ea:4f:1d:89:9a:74:91:fd:
f3:55:d0:d0:a9:9e:56:50:9d:b9:7f:eb:73:fa:6c:
ea:e3:44:e2:da:50:33:4a:4f:ab:87:ca:8e:7f:f4:
3e:0d:ed:c0:17:1e:35:ca:f4:c4:33:e1:2b:99:cd:
eb:f2:de:ad:42:55:57:df:01:48:35:19:5b:d3:9a:
12:32:dc:fa:4d:be:16:e7:77:6d:51:5d:28:e5:34:
66:2e:95:e4:27:dc:e7:80:20:98:52:02:17:93:a6:
b5:43:cb:e5:d2:19:f6:57:3f:ae:7f:c7:17:bd:90:
9a:f2:1a:91:e3:ca:70:67:cc:32:9e:9f:9d:8b:17:
68:ad:b0:4f:a3:bf:e7:45:a2:50:33:e8:be:22:6d:
50:7a:3a:a0:0a:3a:ea:cf:4c:2a:7d:39:11:c0:84:
08:d0:cb:fb:ae:3b:0b:7a:f6:2d:9c:b1:d4:9b:75:
58:96:90:c8:f1:ba:5e:a1:06:f6:e8:95:73:ef:59:
7a:70:43:2a:eb:62:af:a0:f2:9a:70:54:33:77:01:
66:99:7c:fd:aa:ba:07:fd:84:49:5c:ee:16:7f:8e:
32:88:1c:d2:09:d2:33:96:8e:e0:59:e5:80:fe:76:
f7:2f:80:0a:3f:f2:37:0f:84:26:a0:05:d2:e4:fb:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7A:22:BA:3C:59:D6:25:D9:30:E0:22:72:54:38:5A:51:64:5A:07
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0noiujxZ1iXZMOAiclQ4WlFkWgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.58.0/23
88.151.61.0/24
88.209.192.0/24
88.209.194.0/24
88.209.207.0/24
88.209.209.0/24
88.209.211.0/24
88.209.221.0-88.209.222.255
88.209.224.0/23
88.209.244.0/24
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
86:08:5b:1d:c6:e6:8b:e6:7c:b8:bf:5d:3e:d1:a4:73:3d:da:
7a:c5:12:20:f9:35:67:35:95:e8:47:e2:53:c1:80:ac:24:f8:
75:bc:7f:56:ee:ee:4f:c3:81:ea:96:e6:54:74:c7:be:93:92:
45:35:27:79:9e:af:18:20:f2:4f:34:cc:ea:8b:e8:b8:d8:81:
9e:15:d9:05:61:b9:04:be:79:81:d4:27:75:6b:0f:a7:13:b6:
74:1e:9e:65:db:62:aa:a5:42:bc:1d:3a:ba:b6:a3:0f:53:c8:
bd:47:22:80:6d:4a:01:29:35:80:05:a5:5f:83:08:21:59:a9:
d6:97:fb:20:84:4e:a3:b4:e7:14:9d:3b:96:49:e5:69:cc:7e:
d2:10:2a:e5:b9:a8:a9:c3:75:c9:83:98:04:da:c2:c9:e3:d8:
f6:f3:41:5a:ca:cd:cf:e1:44:0f:29:a7:49:75:16:1b:ac:dc:
8c:d3:e2:e3:52:88:f4:60:ad:e4:21:6a:0e:ae:51:56:c6:52:
1f:35:00:0a:99:43:b4:b2:53:65:6b:78:43:04:fe:e2:94:8c:
c4:26:26:d9:b6:bb:e0:8d:c1:66:35:8a:fe:45:8d:a8:cc:bc:
f5:de:26:89:61:61:e0:d3:28:79:e8:62:66:dc:0e:e6:aa:e4:
8b:30:f6:f5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYiuOtqZUrePTaxsuBAmdE4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjEyMDYxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdhMjJiYTNjNTlkNjI1ZDkzMGUwMjI3MjU0Mzg1YTUxNjQ1YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEpDjznL6k8diZp0kf3zVdDQqZ5W
UJ25f+tz+mzq40Ti2lAzSk+rh8qOf/Q+De3AFx41yvTEM+Ermc3r8t6tQlVX3wFI
NRlb05oSMtz6Tb4W53dtUV0o5TRmLpXkJ9zngCCYUgIXk6a1Q8vl0hn2Vz+uf8cX
vZCa8hqR48pwZ8wynp+dixdorbBPo7/nRaJQM+i+Im1QejqgCjrqz0wqfTkRwIQI
0Mv7rjsLevYtnLHUm3VYlpDI8bpeoQb26JVz71l6cEMq62KvoPKacFQzdwFmmXz9
qroH/YRJXO4Wf44yiBzSCdIzlo7gWeWA/nb3L4AKP/I3D4QmoAXS5PtXkwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNJ6Iro8WdYl2TDgInJUOFpRZFoHMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMG5vaXVqeFoxaVhaTU9BaWNsUTRXbEZrV2djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAAjqrAwQB
WJc6AwQAWJc9AwQAWNHAAwQAWNHCAwQAWNHPAwQAWNHRAwQAWNHTMAwDBABY0d0D
BABY0d4DBAFY0eADBABY0fQDBACy0uwwDQYJKoZIhvcNAQELBQADggEBAIYIWx3G
5ovmfLi/XT7RpHM92nrFEiD5NWc1lehH4lPBgKwk+HW8f1bu7k/DgeqW5lR0x76T
kkU1J3merxgg8k80zOqL6LjYgZ4V2QVhuQS+eYHUJ3VrD6cTtnQenmXbYqqlQrwd
Orq2ow9TyL1HIoBtSgEpNYAFpV+DCCFZqdaX+yCETqO05xSdO5ZJ5WnMftIQKuW5
qKnDdcmDmATawsnj2PbzQVrKzc/hRA8pp0l1Fhus3IzT4uNSiPRgreQhag6uUVbG
Uh81AAqZQ7SyU2VreEME/uKUjMQmJtm2u+CNwWY1iv5FjajMvPXeJolhYeDTKHno
YmbcDuaq5Isw9vU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org