Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-r_C6AoYs1-WrjqqCuf0WJcCwQs.roa
File: 1-r_C6AoYs1-WrjqqCuf0WJcCwQs.roa (raw, json)
Hash identifier: LZwkAWfeNC8wRrDgJs1cK7gl3mxOkMFM5rT+ngBbOEc=
Subject key identifier: FA:BF:C2:E8:0A:18:B3:5F:96:AE:3A:AA:0A:E7:F4:58:97:02:C1:0B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018BA3A6156AA2A261B71CD97F1E19C89F36
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-r_C6AoYs1-WrjqqCuf0WJcCwQs.roa
Signing time: Mon 06 Nov 2023 08:00:52 +0000
ROA not before: Mon 06 Nov 2023 08:00:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.232.0/22 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:a6:15:6a:a2:a2:61:b7:1c:d9:7f:1e:19:c8:9f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 6 08:00:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fabfc2e80a18b35f96ae3aaa0ae7f4589702c10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:21:54:4e:88:8d:a6:87:2a:e7:99:14:ef:b4:
05:f9:bb:80:de:fd:e9:5b:f5:d8:dd:ed:de:07:18:
ac:c3:33:41:4b:5e:bc:03:15:5e:ba:4e:93:88:cf:
ae:f8:79:54:45:a9:44:6a:fb:a9:e9:55:26:b4:5e:
1a:0f:98:82:df:88:9a:18:f5:9c:0e:cd:a2:bd:45:
4e:c3:74:28:60:48:7e:b5:bf:86:d6:ca:7c:c5:57:
1e:58:6b:d6:7e:f5:22:97:66:2d:39:50:12:e2:2f:
2c:34:14:43:b3:06:1f:58:46:5b:52:96:34:0e:3f:
c0:8a:1c:96:b7:f2:dd:92:86:1d:9e:14:8f:e5:18:
3b:a6:88:56:d8:9e:05:ef:d3:b5:d2:16:b2:ec:76:
a8:02:e3:fe:d0:62:8d:3f:c4:c7:17:54:4f:d7:ae:
72:57:5e:ae:09:0d:3e:89:29:81:64:b7:68:49:de:
47:12:34:f0:ce:fe:03:79:75:ff:6c:78:de:93:37:
2b:e1:3d:d8:ed:eb:43:35:44:e4:cb:dd:36:25:07:
fe:d0:3b:7c:b1:72:f7:a6:73:be:f1:06:61:89:0a:
a9:df:4a:d7:5e:85:49:ee:54:00:21:a4:3c:8e:d0:
cd:14:86:5d:87:c7:49:20:b0:a9:44:a5:cb:b0:0d:
26:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BF:C2:E8:0A:18:B3:5F:96:AE:3A:AA:0A:E7:F4:58:97:02:C1:0B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1-r_C6AoYs1-WrjqqCuf0WJcCwQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.209.200.0/24
88.209.211.0/24
88.209.217.0/24
88.209.226.0/24
88.209.232.0/22
178.210.228.0/24
178.210.248.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f1:21:25:8e:25:2b:24:06:3e:33:2e:f7:d5:e8:a9:8e:48:
28:03:71:d7:76:5e:2f:48:7f:9f:26:6c:80:63:ee:69:e7:8e:
f9:19:95:42:63:b8:e5:2d:24:7e:a5:09:ee:fb:af:9a:56:bd:
55:74:06:b0:7c:2e:12:d3:81:0a:dc:73:4d:d9:ae:40:12:e8:
cf:52:19:0b:3f:94:fc:7d:17:4f:23:a7:45:05:e2:38:c6:f3:
73:93:e8:03:5f:6f:61:c7:46:1e:0b:da:c3:a1:47:ce:b1:f3:
e3:2b:94:26:1e:ae:1c:00:98:7f:88:cd:17:2f:43:45:81:77:
32:0b:e4:e1:43:27:55:b8:28:bf:16:41:dc:b2:eb:76:75:8c:
9b:f9:df:29:a4:b9:75:1d:39:e5:e3:44:d6:c7:8d:5c:10:73:
2d:6b:42:7a:42:29:c6:e8:a9:fc:93:e2:db:69:cb:dd:bd:ee:
3f:94:50:0d:c2:09:68:ae:08:1a:08:4d:ef:b3:3f:f1:64:40:
d3:0c:b4:06:fb:a0:2e:9e:30:a4:93:c7:94:1c:b0:e0:cb:27:
1e:56:f9:ee:48:90:61:ec:ea:b8:5b:51:84:13:70:fc:34:72:
8d:22:59:8d:66:b8:99:fc:43:18:5e:f0:a8:2b:71:25:26:4b:
d7:83:7c:31
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYujphVqoqJhtxzZfx4ZyJ82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTA2MDgwMDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJmYzJlODBhMThiMzVmOTZhZTNhYWEwYWU3ZjQ1ODk3MDJjMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCFUToiNpocq55kU77QF+buA3v3p
W/XY3e3eBxiswzNBS168AxVeuk6TiM+u+HlURalEavup6VUmtF4aD5iC34iaGPWc
Ds2ivUVOw3QoYEh+tb+G1sp8xVceWGvWfvUil2YtOVAS4i8sNBRDswYfWEZbUpY0
Dj/AihyWt/LdkoYdnhSP5Rg7pohW2J4F79O10hay7HaoAuP+0GKNP8THF1RP165y
V16uCQ0+iSmBZLdoSd5HEjTwzv4DeXX/bHjekzcr4T3Y7etDNUTky902JQf+0Dt8
sXL3pnO+8QZhiQqp30rXXoVJ7lQAIaQ8jtDNFIZdh8dJILCpRKXLsA0m1QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPq/wugKGLNflq46qgrn9FiXAsELMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMS1yX0M2QW9ZczEtV3JqcXFDdWYwV0pjQ3dRcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGQvNTg5MTI3LTEwOTYtNGM5MS05NmNjLTdlNGQ2ZjZmNmU2
Ni8xL3phcWc0SUkyQTJDczJqUjJaT3VERk9zUjJoQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAE3ylgME
AViXOAMEAFjRyAMEAFjR0wMEAFjR2QMEAFjR4gMEAljR6AMEALLS5AMEALLS+AME
ALLS+jANBgkqhkiG9w0BAQsFAAOCAQEAAvEhJY4lKyQGPjMu99XoqY5IKANx13Ze
L0h/nyZsgGPuaeeO+RmVQmO45S0kfqUJ7vuvmla9VXQGsHwuEtOBCtxzTdmuQBLo
z1IZCz+U/H0XTyOnRQXiOMbzc5PoA19vYcdGHgvaw6FHzrHz4yuUJh6uHACYf4jN
Fy9DRYF3Mgvk4UMnVbgovxZB3LLrdnWMm/nfKaS5dR055eNE1seNXBBzLWtCekIp
xuip/JPi22nL3b3uP5RQDcIJaK4IGghN77M/8WRA0wy0BvugLp4wpJPHlByw4Msn
Hlb57kiQYezquFtRhBNw/DRyjSJZjWa4mfxDGF7wqCtxJSZL14N8MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org