Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3_ruUGbMgnSIZh4_WNB3MyKrdhM.roa
File: 3_ruUGbMgnSIZh4_WNB3MyKrdhM.roa (raw, json)
Hash identifier: eb8vaRoyUeXk6TPD4uAQlhIr9o+oSHlDe46FM8eORQU=
Subject key identifier: DF:FA:EE:50:66:CC:82:74:88:66:1E:3F:58:D0:77:33:22:AB:76:13
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01865478913920C00E72EBDD56012A723395
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3_ruUGbMgnSIZh4_WNB3MyKrdhM.roa
Signing time: Wed 15 Feb 2023 09:47:13 +0000
ROA not before: Wed 15 Feb 2023 09:47:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:78:91:39:20:c0:0e:72:eb:dd:56:01:2a:72:33:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 15 09:47:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dffaee5066cc827488661e3f58d0773322ab7613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:76:c0:00:62:ca:8f:e3:69:60:c0:e5:d2:
6e:26:93:9a:56:5b:a9:89:52:23:65:06:20:c2:2c:
5e:47:25:20:a9:53:3a:4a:19:20:13:ec:13:f4:99:
58:a5:f5:8e:86:9a:19:fa:af:9b:eb:5e:c9:a1:42:
57:c5:07:c1:69:f8:a6:a1:0f:bb:05:bd:6e:d0:bb:
fc:0a:89:22:87:23:0b:d1:b2:26:0f:58:06:0e:6d:
6f:87:5e:79:0b:81:44:be:9c:53:ab:6f:97:28:c8:
ca:d6:9b:c4:cf:ce:cf:b9:4e:f6:ac:e5:d3:5e:90:
4e:d0:f3:4f:87:83:fc:2d:81:06:d1:9f:db:da:55:
9d:53:44:e3:83:fe:3b:a3:41:47:a3:cb:0d:9b:fb:
52:7d:fd:4a:78:47:7f:8b:af:0a:80:7b:04:b0:04:
15:4a:10:87:43:bd:10:43:1f:ca:05:33:65:a8:f9:
16:9a:56:d0:0f:e3:b4:60:05:e9:23:fc:e9:59:b1:
9c:8d:90:d0:e4:33:81:1c:ea:8d:c5:4c:87:66:e6:
7f:f1:b7:18:ce:85:54:8e:ee:f4:8a:4c:dc:56:7f:
1d:31:72:81:f0:2a:7e:65:c1:39:5d:a4:f7:34:ca:
7f:78:1a:b2:29:5c:6b:76:5b:41:3f:8f:e2:de:f3:
0e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FA:EE:50:66:CC:82:74:88:66:1E:3F:58:D0:77:33:22:AB:76:13
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3_ruUGbMgnSIZh4_WNB3MyKrdhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/22
88.209.192.0/21
88.209.224.0/23
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:07:f3:44:42:ad:c5:9e:e1:ab:06:d7:e8:d8:9b:52:60:5c:
f0:a9:46:c4:ec:4f:e4:96:c8:46:b8:50:5c:6f:f7:da:4e:a9:
41:63:b6:be:78:01:7e:96:64:ac:76:a3:2b:cf:23:8c:83:ee:
01:c6:eb:0e:23:93:e4:53:a9:b6:1e:27:bf:ed:e4:e7:38:77:
bb:12:ec:3c:8d:6f:1d:b3:19:8a:35:b2:e0:a6:ed:fd:df:0d:
e0:aa:a6:35:33:e9:86:4b:40:88:db:61:9c:2a:d4:e2:de:08:
21:2b:f4:73:2f:3f:86:e2:21:c2:c2:24:bd:e0:4b:f6:95:ca:
38:04:e6:d5:7d:41:be:6d:51:33:87:d9:bf:67:83:ed:b5:11:
f9:e1:57:21:fb:d5:2b:0c:82:c2:8c:e8:29:40:4a:3b:ba:d7:
e9:5d:78:9d:d3:ca:c4:7d:8b:8f:cd:61:f0:06:b9:dd:52:e7:
d9:cf:4d:dc:58:33:0e:e3:6e:3c:2d:6c:c8:8b:13:8d:a5:37:
a4:88:00:42:c2:33:51:98:82:09:8b:00:4a:97:5b:11:75:ee:
aa:3c:98:0f:02:97:56:96:8e:b8:40:b6:ed:f0:a4:d8:05:f6:
27:b5:bc:27:bb:b1:33:f0:23:32:17:e0:82:fc:2f:1f:2c:a5:
30:34:07:46
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYZUeJE5IMAOcuvdVgEqcjOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjE1MDk0NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmZhZWU1MDY2Y2M4Mjc0ODg2NjFlM2Y1OGQwNzczMzIyYWI3NjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnox2wABiyo/jaWDA5dJuJpOaVlup
iVIjZQYgwixeRyUgqVM6ShkgE+wT9JlYpfWOhpoZ+q+b617JoUJXxQfBafimoQ+7
Bb1u0Lv8CokihyML0bImD1gGDm1vh155C4FEvpxTq2+XKMjK1pvEz87PuU72rOXT
XpBO0PNPh4P8LYEG0Z/b2lWdU0Tjg/47o0FHo8sNm/tSff1KeEd/i68KgHsEsAQV
ShCHQ70QQx/KBTNlqPkWmlbQD+O0YAXpI/zpWbGcjZDQ5DOBHOqNxUyHZuZ/8bcY
zoVUju70ikzcVn8dMXKB8Cp+ZcE5XaT3NMp/eBqyKVxrdltBP4/i3vMOGQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFN/67lBmzIJ0iGYeP1jQdzMiq3YTMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvM19ydVVHYk1nblNJWmg0X1dOQjNNeUtyZGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgowDAMEBE3ykAMEAE3ylAMEAE3ylwMEAk3ynAMEA1jR
wAMEAVjR4AMEA1w00AMEAFw02wMEArLS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkq
hkiG9w0BAQsFAAOCAQEAsQfzREKtxZ7hqwbX6NibUmBc8KlGxOxP5JbIRrhQXG/3
2k6pQWO2vngBfpZkrHajK88jjIPuAcbrDiOT5FOpth4nv+3k5zh3uxLsPI1vHbMZ
ijWy4Kbt/d8N4KqmNTPphktAiNthnCrU4t4IISv0cy8/huIhwsIkveBL9pXKOATm
1X1Bvm1RM4fZv2eD7bUR+eFXIfvVKwyCwozoKUBKO7rX6V14ndPKxH2Lj81h8Aa5
3VLn2c9N3FgzDuNuPC1syIsTjaU3pIgAQsIzUZiCCYsASpdbEXXuqjyYDwKXVpaO
uEC27fCk2AX2J7W8J7uxM/AjMhfggvwvHyylMDQHRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org