Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/10jwR8SSFqZdJ_qOatEU--kVuGY.roa
File: 10jwR8SSFqZdJ_qOatEU--kVuGY.roa (raw, json)
Hash identifier: wn5bEp5j4pmx2IGGQETxeM0u70iPQcjLmAYWa/HMhfE=
Subject key identifier: D7:48:F0:47:C4:92:16:A6:5D:27:FA:8E:6A:D1:14:FB:E9:15:B8:66
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018683193EE943A4307EA436FB3C6157ECEA
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/10jwR8SSFqZdJ_qOatEU--kVuGY.roa
Signing time: Fri 24 Feb 2023 11:05:15 +0000
ROA not before: Fri 24 Feb 2023 11:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:83:19:3e:e9:43:a4:30:7e:a4:36:fb:3c:61:57:ec:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 24 11:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d748f047c49216a65d27fa8e6ad114fbe915b866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b1:d3:f9:dd:bd:41:b1:6e:51:c7:74:74:2f:
db:71:4d:09:55:75:c3:43:07:9c:11:da:67:64:30:
85:3c:fe:eb:26:a3:b5:bc:28:c1:b7:07:a1:23:e4:
d6:17:23:0e:f3:a4:3d:7c:be:de:73:c0:ba:e8:ad:
49:e4:1c:36:f2:5b:ce:b0:5a:4c:09:5b:2e:b6:a6:
ab:31:ec:ea:99:36:dd:1f:6e:50:af:cd:c2:13:44:
8a:fe:d3:21:e6:79:d2:77:55:e7:de:b2:73:d6:b2:
aa:32:24:fa:ec:59:e2:9d:d8:ed:80:b8:f8:46:5a:
09:ae:ff:09:23:16:43:19:9a:5a:ed:aa:78:75:0a:
21:91:f5:f8:c9:4f:91:cc:7a:8b:1a:cf:1d:57:28:
27:98:d9:6e:77:c8:35:1b:c2:37:a1:bc:2d:d4:45:
f2:a5:85:b8:f7:07:7a:da:1f:d2:b8:b1:89:8d:c4:
7b:80:ae:75:70:ec:47:c5:7e:87:54:e7:77:19:d1:
83:d9:88:f3:f5:60:7a:44:89:dd:9a:38:b1:91:fa:
18:91:dc:a8:f9:e3:a7:e2:57:c7:81:52:b1:fa:1c:
a2:99:e1:ba:5a:ef:c2:21:c2:50:4e:76:8c:3a:97:
03:df:02:83:de:f9:7b:2f:3a:d5:17:8f:db:1e:45:
93:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:48:F0:47:C4:92:16:A6:5D:27:FA:8E:6A:D1:14:FB:E9:15:B8:66
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/10jwR8SSFqZdJ_qOatEU--kVuGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0-77.242.158.255
88.209.192.0/21
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
49:7d:0d:ab:53:72:e6:c9:bf:20:20:66:0f:6f:0c:e4:ee:b2:
a5:40:1f:07:50:8e:c3:b0:59:c5:2f:48:46:5a:f5:b9:b7:54:
e4:1c:70:30:94:93:4b:62:47:d8:b9:b0:43:6b:cb:f0:f2:1f:
86:f7:7b:e2:7d:ef:b1:4e:8a:4d:d0:6a:06:c2:31:d5:c9:39:
21:48:b5:eb:fd:48:30:05:14:2f:1c:71:e6:ba:9b:46:1f:04:
b0:59:1a:71:fa:a3:41:a7:30:9e:21:d3:22:6d:c9:3a:41:0d:
14:e0:87:96:ec:7b:8b:d7:cc:4a:21:95:c7:ce:fd:7f:6c:b1:
70:1e:e6:44:3b:ff:f2:72:e8:da:a4:55:a3:76:a7:ce:09:a1:
88:00:28:75:b5:10:21:8f:31:e7:ea:91:3f:68:bc:99:22:80:
92:15:58:87:b3:29:09:a9:46:5c:dd:e9:95:2e:a2:43:89:d2:
13:3a:56:31:55:2d:5c:1b:37:26:7a:99:ef:97:7b:6e:cf:3d:
21:22:6c:72:27:0f:a1:3c:d8:08:73:07:16:e8:8c:59:d2:49:
4e:ef:76:74:75:a6:67:a4:51:65:e0:bf:bd:4e:38:56:59:68:
80:d9:1f:aa:fa:88:da:e7:14:95:37:44:09:b4:d4:b1:27:83:
d4:2c:29:5d
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYaDGT7pQ6QwfqQ2+zxhV+zqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjI0MTEwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ4ZjA0N2M0OTIxNmE2NWQyN2ZhOGU2YWQxMTRmYmU5MTViODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbHT+d29QbFuUcd0dC/bcU0JVXXD
QwecEdpnZDCFPP7rJqO1vCjBtwehI+TWFyMO86Q9fL7ec8C66K1J5Bw28lvOsFpM
CVsutqarMezqmTbdH25Qr83CE0SK/tMh5nnSd1Xn3rJz1rKqMiT67FnindjtgLj4
RloJrv8JIxZDGZpa7ap4dQohkfX4yU+RzHqLGs8dVygnmNlud8g1G8I3obwt1EXy
pYW49wd62h/SuLGJjcR7gK51cOxHxX6HVOd3GdGD2Yjz9WB6RIndmjixkfoYkdyo
+eOn4lfHgVKx+hyimeG6Wu/CIcJQTnaMOpcD3wKD3vl7LzrVF4/bHkWTFwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNdI8EfEkhamXSf6jmrRFPvpFbhmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMTBqd1I4U1NGcVpkSl9xT2F0RVUtLWtWdUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQALQmp
AwQCLQmoAwQALQ4IAwQALQ4KAwQALVhdMAwDBARN8pADBABN8pQDBABN8pcwDAME
Ak3ynAMEAE3yngMEA1jRwAMEA1w00AMEAFw02wMEArLS4AMEALLS7AMEA7L4yAME
AMGKfTANBgkqhkiG9w0BAQsFAAOCAQEASX0Nq1Ny5sm/ICBmD28M5O6ypUAfB1CO
w7BZxS9IRlr1ubdU5BxwMJSTS2JH2LmwQ2vL8PIfhvd74n3vsU6KTdBqBsIx1ck5
IUi16/1IMAUULxxx5rqbRh8EsFkacfqjQacwniHTIm3JOkENFOCHlux7i9fMSiGV
x879f2yxcB7mRDv/8nLo2qRVo3anzgmhiAAodbUQIY8x5+qRP2i8mSKAkhVYh7Mp
CalGXN3plS6iQ4nSEzpWMVUtXBs3JnqZ75d7bs89ISJscicPoTzYCHMHFuiMWdJJ
Tu92dHWmZ6RRZeC/vU44VllogNkfqvqI2ucUlTdECbTUsSeD1CwpXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org