Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2Eg1JnJOUnjAY14L9o44uO0oUN4.roa
File: 2Eg1JnJOUnjAY14L9o44uO0oUN4.roa (raw, json)
Hash identifier: 8RmoD6ECFqFuQ+TL1pO2FeIijHH7/aoLREswHkzO8cg=
Subject key identifier: D8:48:35:26:72:4E:52:78:C0:63:5E:0B:F6:8E:38:B8:ED:28:50:DE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01868B1A311FF4395116EB92487973BCDF0A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2Eg1JnJOUnjAY14L9o44uO0oUN4.roa
Signing time: Sun 26 Feb 2023 00:23:14 +0000
ROA not before: Sun 26 Feb 2023 00:23:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8b:1a:31:1f:f4:39:51:16:eb:92:48:79:73:bc:df:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 26 00:23:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8483526724e5278c0635e0bf68e38b8ed2850de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:37:1c:4a:de:f8:09:31:7c:90:5b:46:81:8d:
40:f6:07:e5:78:bd:0e:a9:4b:0e:8d:90:16:9b:da:
79:66:55:13:b1:87:69:ae:c9:60:49:43:7c:4f:a2:
8a:26:3d:de:7e:4f:2f:23:38:b7:10:9a:69:e0:b9:
b4:c0:e5:e8:70:22:9d:73:ae:b4:3f:59:2b:b6:c0:
f8:31:fa:86:da:9f:26:80:51:5d:8d:93:c0:4d:4d:
47:54:35:38:25:14:ab:d5:04:0d:cf:be:e6:d9:1b:
52:4f:97:91:a3:21:b9:b6:81:77:23:c1:e4:7f:d8:
99:21:57:0f:7c:3a:47:73:f4:c2:9a:5c:52:c1:c1:
a1:c4:da:74:64:6f:6c:db:0f:f7:7a:7e:2c:30:36:
a8:a8:04:6f:e7:7a:44:79:f2:a4:db:00:de:f4:85:
1e:e7:d1:e9:37:a9:2d:5c:de:75:a8:4c:0e:35:ee:
af:0a:d0:9f:c6:7a:01:b5:60:75:aa:ae:59:7a:82:
ff:e3:51:e2:f4:d0:67:7a:7f:3b:d2:89:35:f1:ac:
6f:0f:c2:b0:b6:de:97:f0:8d:07:95:65:85:06:7e:
29:51:c4:3b:b6:81:66:d0:48:c2:ec:6a:7a:7b:2a:
57:85:5a:23:0f:de:24:74:d7:bd:d4:a1:59:76:f5:
ee:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:48:35:26:72:4E:52:78:C0:63:5E:0B:F6:8E:38:B8:ED:28:50:DE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2Eg1JnJOUnjAY14L9o44uO0oUN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0-77.242.158.255
88.209.192.0/21
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:44:c1:8f:13:3b:bb:3a:d1:24:d6:b0:84:78:d2:db:11:b9:
6c:6b:bf:5f:8e:ac:7d:31:54:e1:ae:73:f9:ea:24:da:8c:5d:
e0:f6:3b:5a:18:69:69:ec:6a:ea:e3:5f:43:de:20:a8:c7:42:
46:68:26:4f:72:c8:5e:cb:b8:3f:90:68:ee:a7:d7:dc:8c:58:
73:2e:d4:ca:38:56:8f:67:56:28:56:c7:d8:63:09:f2:fc:5f:
2e:8f:fa:93:9c:76:57:ed:4f:30:d9:c3:17:a9:fc:5f:17:b8:
ac:fe:0a:91:af:fd:5b:53:0e:59:01:11:10:ae:90:7b:02:bb:
8a:bd:05:56:08:dd:23:18:1f:0c:b1:d6:f1:93:3e:30:e4:05:
83:ac:15:fe:b5:0f:72:19:a5:56:4e:03:53:80:9a:d5:de:83:
6f:73:e8:23:68:d2:82:b7:85:91:e2:e2:ee:b0:3e:d6:c0:95:
52:4c:c4:7d:b1:fd:ea:d7:01:25:3c:ae:3a:f1:38:25:a0:d1:
cc:63:49:f4:85:b1:6a:98:9c:a1:57:aa:d6:17:5c:99:48:c9:
0a:d1:0e:e8:71:c5:fd:b6:4c:2f:fc:1f:b2:5c:7e:e1:37:15:
ee:1f:b7:e2:99:9c:fe:5f:ba:7a:05:01:54:a9:1f:a3:0f:22:
d7:1a:52:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYaLGjEf9DlRFuuSSHlzvN8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjI2MDAyMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ4MzUyNjcyNGU1Mjc4YzA2MzVlMGJmNjhlMzhiOGVkMjg1MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTccSt74CTF8kFtGgY1A9gfleL0O
qUsOjZAWm9p5ZlUTsYdprslgSUN8T6KKJj3efk8vIzi3EJpp4Lm0wOXocCKdc660
P1krtsD4MfqG2p8mgFFdjZPATU1HVDU4JRSr1QQNz77m2RtST5eRoyG5toF3I8Hk
f9iZIVcPfDpHc/TCmlxSwcGhxNp0ZG9s2w/3en4sMDaoqARv53pEefKk2wDe9IUe
59HpN6ktXN51qEwONe6vCtCfxnoBtWB1qq5ZeoL/41Hi9NBnen870ok18axvD8Kw
tt6X8I0HlWWFBn4pUcQ7toFm0EjC7Gp6eypXhVojD94kdNe91KFZdvXuoQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFNhINSZyTlJ4wGNeC/aOOLjtKFDeMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMkVnMUpuSk9VbmpBWTE0TDlvNDR1TzBvVU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylzAMAwQC
TfKcAwQATfKeAwQDWNHAAwQDXDTQAwQAXDTbAwQCstLgAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQC6RMGPEzu7OtEk1rCEeNLbEblsa79fjqx9MVThrnP5
6iTajF3g9jtaGGlp7Grq419D3iCox0JGaCZPcshey7g/kGjup9fcjFhzLtTKOFaP
Z1YoVsfYYwny/F8uj/qTnHZX7U8w2cMXqfxfF7is/gqRr/1bUw5ZAREQrpB7AruK
vQVWCN0jGB8Msdbxkz4w5AWDrBX+tQ9yGaVWTgNTgJrV3oNvc+gjaNKCt4WR4uLu
sD7WwJVSTMR9sf3q1wElPK468TgloNHMY0n0hbFqmJyhV6rWF1yZSMkK0Q7occX9
tkwv/B+yXH7hNxXuH7fimZz+X7p6BQFUqR+jDyLXGlIU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org