Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3603iUeNTFuMuLf86cMKJBT8vqg.roa
File: 3603iUeNTFuMuLf86cMKJBT8vqg.roa (raw, json)
Hash identifier: ZPdY3ufJYsMy7mm6Obrt1wCHA4ME67k++lsqYAonCO0=
Subject key identifier: DF:AD:37:89:47:8D:4C:5B:8C:B8:B7:FC:E9:C3:0A:24:14:FC:BE:A8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018577AE301F8ABE19B72381955C10EE415D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3603iUeNTFuMuLf86cMKJBT8vqg.roa
Signing time: Tue 03 Jan 2023 12:49:42 +0000
ROA not before: Tue 03 Jan 2023 12:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:ae:30:1f:8a:be:19:b7:23:81:95:5c:10:ee:41:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 3 12:49:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfad3789478d4c5b8cb8b7fce9c30a2414fcbea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8b:23:3a:d2:dc:d0:4c:e9:0f:b6:94:1e:17:
7b:c9:3a:ad:e8:9d:f6:16:82:89:c1:0a:f7:cd:89:
e2:c9:0c:a9:a2:c2:db:62:be:f1:73:ef:03:1a:e7:
2a:31:b4:7d:10:6e:8e:c0:91:35:9e:43:56:0c:f1:
c0:d4:dc:07:b0:38:3a:0f:fe:5b:b8:91:31:28:dc:
dd:9a:8b:dc:b0:93:d8:12:fd:f5:29:06:14:ac:25:
fe:05:d7:be:5a:04:f4:2b:26:03:e5:90:bc:0e:d9:
12:a7:b5:bd:6b:07:02:49:d4:cd:13:35:ad:12:5a:
19:03:35:a2:8b:95:19:30:60:e1:9e:89:b2:d0:9d:
ac:f9:29:7d:27:5d:6b:29:cd:f1:53:ad:a1:38:61:
dd:fb:f9:b9:1b:fc:7f:a8:37:6b:23:08:96:4c:28:
f5:5a:e3:04:5d:a8:30:9f:2e:b1:d9:f6:b9:fe:59:
22:85:84:92:0e:14:e3:a9:09:14:3a:67:68:0d:21:
a5:e6:b5:1b:3a:93:db:8d:40:af:84:f4:e8:71:e2:
da:6b:81:8e:d7:8e:8c:08:f5:aa:53:e0:90:dc:e1:
16:52:6f:8c:a6:18:d5:36:66:0d:fc:93:85:18:11:
fc:6e:45:e1:be:0a:94:90:25:f9:8b:39:c4:a7:a8:
9e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AD:37:89:47:8D:4C:5B:8C:B8:B7:FC:E9:C3:0A:24:14:FC:BE:A8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3603iUeNTFuMuLf86cMKJBT8vqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
af:1e:30:ee:7e:96:20:2a:18:e6:d0:08:8e:a0:0d:8a:ef:96:
66:a2:46:9b:87:df:35:40:30:ac:88:65:56:8e:49:a2:1a:db:
50:91:f8:a0:c8:25:b6:63:a3:6e:46:74:9a:0b:36:08:f9:06:
69:d2:6e:02:1a:8f:52:aa:88:af:09:68:bc:fe:d0:b1:f8:36:
e5:14:da:93:b7:e9:02:6e:3e:73:62:1c:8f:64:93:f6:9b:18:
b3:6c:0e:69:76:fa:ac:e9:8f:37:34:f8:db:41:f2:12:d9:88:
36:98:26:95:e6:e0:3a:4c:9e:db:ec:4d:2a:06:71:c9:4a:bc:
14:f8:ab:89:86:54:2e:6d:a1:ca:36:ac:d6:0c:11:0d:2c:36:
91:fd:18:16:f6:db:3e:7a:a1:63:e1:19:0c:b2:48:42:c6:a3:
7e:0c:e8:b6:3d:49:22:37:bc:0b:f0:11:5e:66:a8:eb:b6:5d:
29:9d:af:f1:be:b5:83:a1:9f:90:ff:46:0c:22:2d:60:0d:e9:
ab:53:30:91:fc:6c:0c:98:42:12:5a:9e:c7:18:41:da:d0:71:
00:24:8d:5f:27:29:68:d1:2a:59:44:c0:b9:a7:fb:84:0a:66:
a0:68:01:73:63:24:f4:d3:0c:92:e9:40:5d:27:86:ef:d6:7d:
f9:e9:98:fa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYV3rjAfir4ZtyOBlVwQ7kFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAzMTI0OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmFkMzc4OTQ3OGQ0YzViOGNiOGI3ZmNlOWMzMGEyNDE0ZmNiZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYsjOtLc0EzpD7aUHhd7yTqt6J32
FoKJwQr3zYniyQyposLbYr7xc+8DGucqMbR9EG6OwJE1nkNWDPHA1NwHsDg6D/5b
uJExKNzdmovcsJPYEv31KQYUrCX+Bde+WgT0KyYD5ZC8DtkSp7W9awcCSdTNEzWt
EloZAzWii5UZMGDhnomy0J2s+Sl9J11rKc3xU62hOGHd+/m5G/x/qDdrIwiWTCj1
WuMEXagwny6x2fa5/lkihYSSDhTjqQkUOmdoDSGl5rUbOpPbjUCvhPToceLaa4GO
146MCPWqU+CQ3OEWUm+MphjVNmYN/JOFGBH8bkXhvgqUkCX5iznEp6iezQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFN+tN4lHjUxbjLi3/OnDCiQU/L6oMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMzYwM2lVZU5URnVNdUxmODZjTUtKQlQ4dnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAU4mfAwQAWJc+AwQA
WNHkAwQCWNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQCstLoAwQAstLtAwQAwikvMA0G
CSqGSIb3DQEBCwUAA4IBAQCvHjDufpYgKhjm0AiOoA2K75Zmokabh981QDCsiGVW
jkmiGttQkfigyCW2Y6NuRnSaCzYI+QZp0m4CGo9SqoivCWi8/tCx+DblFNqTt+kC
bj5zYhyPZJP2mxizbA5pdvqs6Y83NPjbQfIS2Yg2mCaV5uA6TJ7b7E0qBnHJSrwU
+KuJhlQubaHKNqzWDBENLDaR/RgW9ts+eqFj4RkMskhCxqN+DOi2PUkiN7wL8BFe
Zqjrtl0pna/xvrWDoZ+Q/0YMIi1gDemrUzCR/GwMmEISWp7HGEHa0HEAJI1fJylo
0SpZRMC5p/uECmagaAFzYyT00wyS6UBdJ4bv1n356Zj6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org