Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2LKkaSLtgDfKmHIeMhMATE_zUyg.roa
File: 2LKkaSLtgDfKmHIeMhMATE_zUyg.roa (raw, json)
Hash identifier: u7bcKyEVwZSv/X6ydx50b/7iKjizc7MPdtolRM32Acs=
Subject key identifier: D8:B2:A4:69:22:ED:80:37:CA:98:72:1E:32:13:00:4C:4F:F3:53:28
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189586AA7F282F7EA2C79F5E4D42028D25E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2LKkaSLtgDfKmHIeMhMATE_zUyg.roa
Signing time: Sat 15 Jul 2023 07:18:52 +0000
ROA not before: Sat 15 Jul 2023 07:18:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:58:6a:a7:f2:82:f7:ea:2c:79:f5:e4:d4:20:28:d2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 15 07:18:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b2a46922ed8037ca98721e3213004c4ff35328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:2e:78:27:4a:eb:5d:43:25:9b:1d:a0:c3:
12:63:d3:50:36:dc:6d:3e:5c:48:af:5e:28:79:45:
73:bf:49:a6:6c:25:cd:22:1a:f0:3f:82:fa:f8:30:
aa:a6:b0:7e:99:66:ea:0c:f8:58:61:23:1d:b1:77:
31:2b:16:bf:a0:93:61:be:a8:c1:40:d4:cd:5d:bd:
05:f6:8a:c6:8d:16:7b:35:5b:6a:fe:72:c5:fd:a4:
3f:fd:84:e1:26:39:9c:7a:fb:9f:5d:d3:b1:30:a1:
3d:4f:74:ed:3b:77:77:29:f1:fe:f6:f9:9a:8a:9b:
5d:70:73:32:ab:01:30:1f:8a:f5:b3:29:5b:61:05:
6a:4a:84:75:85:0c:72:52:33:34:fe:da:ad:c4:75:
23:be:4c:63:e1:a7:4b:67:f1:af:73:af:00:9b:7d:
d5:e0:bc:83:ea:60:20:b9:95:a8:1d:26:36:a8:ff:
bb:31:fd:c1:b2:ae:68:02:30:8e:82:ad:41:51:9c:
b6:28:fd:29:b5:50:b6:df:4b:de:e1:0f:48:b3:3e:
aa:ec:74:22:c9:44:55:99:76:8d:23:f9:47:38:e3:
50:05:b2:80:75:17:09:63:b8:14:ae:dc:df:0a:c1:
ff:c6:75:51:05:ac:64:66:20:49:05:32:62:53:6f:
6d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B2:A4:69:22:ED:80:37:CA:98:72:1E:32:13:00:4C:4F:F3:53:28
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/2LKkaSLtgDfKmHIeMhMATE_zUyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:11:f4:13:d5:a0:63:2a:92:70:1d:eb:10:19:62:73:05:8f:
75:65:c4:52:4c:85:9b:df:18:04:06:7b:d0:51:97:03:14:ce:
18:59:a4:1e:1a:ef:7f:2f:38:4c:a6:5c:96:79:57:e5:6b:59:
df:51:16:12:dc:e7:1c:e8:5e:15:04:9d:e5:2d:3f:41:61:30:
cd:74:9f:4a:bc:68:dc:2c:8d:21:fa:9c:c7:dc:f5:5d:0a:f6:
a4:ab:f6:1d:13:d5:71:68:58:64:90:64:fb:33:59:09:ef:6a:
90:79:d3:44:ea:bf:cc:12:df:5d:b9:e5:2f:7f:db:e5:43:08:
56:d6:9b:81:6e:dd:1a:5e:ab:64:fe:82:81:96:ae:33:d7:89:
a4:da:8d:f9:2e:0e:74:d1:6b:9f:a9:02:63:d5:23:df:cb:5f:
cc:91:aa:47:cd:3f:36:09:00:6e:ed:6c:60:8d:ec:a5:1c:ac:
ad:da:39:23:45:8b:37:1e:44:f8:41:94:33:9f:a3:a5:38:50:
16:da:cb:af:2d:09:8c:d6:47:ea:3e:ce:56:0e:e8:51:dd:89:
38:6d:93:0a:5b:88:81:10:7a:37:12:7b:f9:d0:03:60:f0:01:
6e:9d:8c:40:78:db:98:4f:78:a5:ca:e1:4d:86:5a:05:c8:c2:
7f:6d:2d:8f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYlYaqfygvfqLHn15NQgKNJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzE1MDcxODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIyYTQ2OTIyZWQ4MDM3Y2E5ODcyMWUzMjEzMDA0YzRmZjM1MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PEueCdK611DJZsdoMMSY9NQNtxt
PlxIr14oeUVzv0mmbCXNIhrwP4L6+DCqprB+mWbqDPhYYSMdsXcxKxa/oJNhvqjB
QNTNXb0F9orGjRZ7NVtq/nLF/aQ//YThJjmcevufXdOxMKE9T3TtO3d3KfH+9vma
iptdcHMyqwEwH4r1sylbYQVqSoR1hQxyUjM0/tqtxHUjvkxj4adLZ/Gvc68Am33V
4LyD6mAguZWoHSY2qP+7Mf3Bsq5oAjCOgq1BUZy2KP0ptVC230ve4Q9Isz6q7HQi
yURVmXaNI/lHOONQBbKAdRcJY7gUrtzfCsH/xnVRBaxkZiBJBTJiU29tgQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNiypGki7YA3yphyHjITAExP81MoMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMkxLa2FTTHRnRGZLbUhJZU1oTUFURV96VXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwMAwDBAAt
CakDBAItCagDBAAtDggDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEAbLS4AME
A7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEALhH0
E9WgYyqScB3rEBlicwWPdWXEUkyFm98YBAZ70FGXAxTOGFmkHhrvfy84TKZclnlX
5WtZ31EWEtznHOheFQSd5S0/QWEwzXSfSrxo3CyNIfqcx9z1XQr2pKv2HRPVcWhY
ZJBk+zNZCe9qkHnTROq/zBLfXbnlL3/b5UMIVtabgW7dGl6rZP6CgZauM9eJpNqN
+S4OdNFrn6kCY9Uj38tfzJGqR80/NgkAbu1sYI3spRysrdo5I0WLNx5E+EGUM5+j
pThQFtrLry0JjNZH6j7OVg7oUd2JOG2TCluIgRB6NxJ7+dADYPABbp2MQHjbmE94
pcrhTYZaBcjCf20tjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org