Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6FXpUYZTiaDgCBm7Y_4uAgBL7Ek.roa
File: 6FXpUYZTiaDgCBm7Y_4uAgBL7Ek.roa (raw, json)
Hash identifier: YPxbnCrcXFUUBECXpSzlQQe/kFCIz2Ro+5N1ztukFSw=
Subject key identifier: E8:55:E9:51:86:53:89:A0:E0:08:19:BB:63:FE:2E:02:00:4B:EC:49
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186A182308B8530B2219ADD436B8F6556D9
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6FXpUYZTiaDgCBm7Y_4uAgBL7Ek.roa
Signing time: Thu 02 Mar 2023 08:48:29 +0000
ROA not before: Thu 02 Mar 2023 08:48:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:82:30:8b:85:30:b2:21:9a:dd:43:6b:8f:65:56:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 2 08:48:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e855e951865389a0e00819bb63fe2e02004bec49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8b:71:76:46:f3:70:24:08:e8:11:78:99:16:
e2:cd:2f:ca:86:e4:82:44:84:24:8a:42:eb:80:b2:
bf:d2:70:56:8a:d0:6c:36:16:74:93:ec:db:d7:00:
e5:52:d1:a2:e5:c7:bd:6f:d0:4e:13:d4:8c:df:a5:
64:fe:85:fb:75:20:fe:c0:1c:da:1d:af:ce:db:ff:
fd:e4:52:c3:af:75:05:a4:eb:ab:91:b7:5e:d9:95:
bd:39:44:4b:be:ce:00:ca:3a:b5:7f:af:da:8d:3d:
d5:bb:31:c3:0f:f7:39:77:b5:a7:65:83:84:f8:91:
5d:35:ae:54:31:53:0a:26:da:65:f5:fd:dc:76:52:
cc:fe:08:4c:b0:eb:c4:5d:fa:0e:9d:ff:7f:0a:9b:
d8:91:4d:3c:80:47:3e:6a:09:8e:8a:94:6b:2e:8d:
a6:39:cd:8c:e8:50:fd:ba:f8:de:27:e1:e3:e2:72:
5e:33:b5:04:1b:20:34:9f:4a:c6:22:55:50:cc:6b:
09:4b:cc:43:39:b5:2a:a7:96:37:dd:04:bd:59:f0:
50:be:e7:f6:e8:a9:03:6b:b7:da:09:b4:01:17:b8:
71:7b:60:41:41:e2:15:ac:4b:40:b7:84:67:b8:0f:
46:b6:dd:a2:9b:db:ab:55:15:5e:78:37:53:7e:b4:
05:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:55:E9:51:86:53:89:A0:E0:08:19:BB:63:FE:2E:02:00:4B:EC:49
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6FXpUYZTiaDgCBm7Y_4uAgBL7Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0-77.242.158.255
88.209.192.0/21
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:cc:3d:77:7a:35:25:1f:8f:dc:c0:a4:bd:d5:10:2f:54:fd:
47:02:f0:04:48:36:c7:25:b0:a3:cb:8c:59:04:96:7b:34:fe:
12:ae:c2:9b:7b:66:c7:63:75:fc:e2:ea:ac:e7:7b:79:d4:09:
34:0e:ae:c6:57:89:bc:4e:70:2f:f4:f2:58:c6:6c:e8:35:1e:
4d:f1:0c:2a:16:13:17:0e:50:01:eb:c7:83:a3:49:78:7a:5d:
74:68:a7:da:9d:22:3f:86:e4:ee:a8:82:03:68:89:1b:5f:58:
60:73:93:05:cf:2a:9c:55:96:02:10:02:a9:fa:d9:27:a7:69:
1d:0b:db:26:a7:83:a6:b9:8a:75:14:0c:97:cb:30:0d:b5:36:
75:82:06:f1:7e:53:b9:98:2a:33:7f:a9:02:43:3b:7a:55:aa:
88:4e:d6:78:6c:76:de:63:8d:8d:76:bd:b1:2f:6b:1f:53:44:
63:1c:76:15:4f:67:10:37:32:3e:53:4e:57:2b:bd:db:34:8b:
3f:5a:2f:9a:f1:46:8b:eb:b8:85:d3:f1:06:9e:8c:96:ac:3c:
8c:fe:fd:a5:6a:db:c6:df:6d:8a:34:9b:3e:0b:51:58:86:53:
48:f9:3f:2c:44:8b:e3:72:97:b1:03:f9:b6:36:24:9a:a2:41:
d2:36:97:34
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYahgjCLhTCyIZrdQ2uPZVbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzAyMDg0ODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODU1ZTk1MTg2NTM4OWEwZTAwODE5YmI2M2ZlMmUwMjAwNGJlYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4txdkbzcCQI6BF4mRbizS/KhuSC
RIQkikLrgLK/0nBWitBsNhZ0k+zb1wDlUtGi5ce9b9BOE9SM36Vk/oX7dSD+wBza
Ha/O2//95FLDr3UFpOurkbde2ZW9OURLvs4Ayjq1f6/ajT3VuzHDD/c5d7WnZYOE
+JFdNa5UMVMKJtpl9f3cdlLM/ghMsOvEXfoOnf9/CpvYkU08gEc+agmOipRrLo2m
Oc2M6FD9uvjeJ+Hj4nJeM7UEGyA0n0rGIlVQzGsJS8xDObUqp5Y33QS9WfBQvuf2
6KkDa7faCbQBF7hxe2BBQeIVrEtAt4RnuA9Gtt2im9urVRVeeDdTfrQFMwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOhV6VGGU4mg4AgZu2P+LgIAS+xJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNkZYcFVZWlRpYURnQ0JtN1lfNHVBZ0JMN0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylzAMAwQC
TfKcAwQATfKeAwQDWNHAAwQDXDTQAwQAXDTbAwQCstLgAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQC/zD13ejUlH4/cwKS91RAvVP1HAvAESDbHJbCjy4xZ
BJZ7NP4SrsKbe2bHY3X84uqs53t51Ak0Dq7GV4m8TnAv9PJYxmzoNR5N8QwqFhMX
DlAB68eDo0l4el10aKfanSI/huTuqIIDaIkbX1hgc5MFzyqcVZYCEAKp+tknp2kd
C9smp4OmuYp1FAyXyzANtTZ1ggbxflO5mCozf6kCQzt6VaqITtZ4bHbeY42Ndr2x
L2sfU0RjHHYVT2cQNzI+U05XK73bNIs/Wi+a8UaL67iF0/EGnoyWrDyM/v2latvG
322KNJs+C1FYhlNI+T8sRIvjcpexA/m2NiSaokHSNpc0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org