Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6W9acDJKGKEzM17cWlJz5EdXmpI.roa
File: 6W9acDJKGKEzM17cWlJz5EdXmpI.roa (raw, json)
Hash identifier: 3waKzRBcUszT0ZKIFmRyxJ3eMVgapvtc7zcihyinK5I=
Subject key identifier: E9:6F:5A:70:32:4A:18:A1:33:33:5E:DC:5A:52:73:E4:47:57:9A:92
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DB2C21B379710C1A0E146BA5672BF77D4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6W9acDJKGKEzM17cWlJz5EdXmpI.roa
Signing time: Fri 16 Feb 2024 16:31:21 +0000
ROA not before: Fri 16 Feb 2024 16:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.254.0/23 maxlen: 23
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:c2:1b:37:97:10:c1:a0:e1:46:ba:56:72:bf:77:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 16 16:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e96f5a70324a18a133335edc5a5273e447579a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:9c:e2:69:fd:47:cb:09:87:a7:07:56:e3:
ef:60:d8:fb:5f:b4:42:49:2f:f5:15:1a:6b:5e:05:
72:b3:2e:d9:b0:31:22:26:37:4c:10:e4:26:97:4d:
64:86:79:b3:9b:f8:53:6b:50:d7:b7:08:3d:ae:de:
56:07:6e:69:a4:d7:61:77:9d:83:62:6b:74:75:5b:
d9:af:c1:2a:98:be:e5:eb:76:96:6a:c6:c3:94:ad:
1a:39:a4:be:b9:9c:ab:0a:7d:29:42:3e:96:77:12:
71:7c:f7:ed:16:f3:7e:00:c3:1d:7e:ec:9f:52:63:
24:0e:f0:08:8b:07:0f:87:57:58:ee:ed:c6:39:5d:
61:34:41:be:e1:18:5b:a6:22:6f:7d:f7:f0:75:19:
68:b1:2b:ad:23:05:85:81:a5:9e:d3:ba:5e:10:3a:
b3:80:00:f8:0d:ab:a7:10:71:30:ba:26:69:64:72:
1b:e9:f5:00:7a:3f:04:ec:92:ba:a7:dd:b0:c7:1a:
7b:93:de:c7:e5:28:a6:53:1e:22:84:7b:63:39:4c:
3f:73:fd:ce:34:37:9f:0f:33:1b:83:8a:d1:ee:1e:
f3:46:02:bd:f9:ae:47:34:4e:37:95:73:c1:a2:a7:
d4:35:5e:e0:33:6d:03:42:1e:79:c0:9b:78:b5:4d:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6F:5A:70:32:4A:18:A1:33:33:5E:DC:5A:52:73:E4:47:57:9A:92
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/6W9acDJKGKEzM17cWlJz5EdXmpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0-77.242.155.255
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.219.0/24
92.52.208.0/21
178.210.224.0/23
178.210.237.0-178.210.251.255
178.210.254.0/23
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
34:ff:84:aa:01:af:6e:95:b3:a7:8f:f5:f8:85:70:1f:92:69:
8d:46:7c:34:c1:b2:cc:6a:4b:5a:53:bd:fc:20:0f:a1:04:fe:
63:c7:b3:bf:f0:00:9c:b3:22:1c:f7:bb:d2:6d:4f:1b:1c:aa:
5c:b9:ed:8e:2a:fd:35:fa:b5:47:ad:dc:fb:63:a5:aa:3d:6f:
bb:a4:47:a5:bc:c0:7e:08:6e:40:a1:59:5e:fe:a6:98:5d:3e:
e9:51:44:6f:ee:24:6f:c3:ea:93:e3:56:c1:92:55:a9:74:7f:
e0:06:8d:d0:b3:89:4e:96:7e:75:d3:93:85:2b:b3:91:ec:0a:
16:64:98:b8:6c:c4:54:f8:f3:4d:19:9f:cd:4e:51:fd:3f:1f:
34:89:47:68:c8:2f:9a:21:7e:68:50:96:d7:9c:14:2a:05:90:
51:38:32:fa:fb:b4:14:27:46:5c:76:ce:ff:cb:e6:81:d8:40:
21:b4:d5:e4:70:15:5d:0d:6f:61:ee:97:af:ab:23:c1:ac:3b:
e6:d0:7f:2b:42:6f:ef:36:28:f7:a9:3a:7f:d0:55:f6:9f:24:
42:32:0f:a3:d6:22:36:f2:53:30:26:ab:1d:e5:d3:70:ea:5f:
d0:b9:8d:bd:a5:95:af:1c:ce:bb:68:94:3c:5e:72:9d:6c:20:
7c:95:74:37
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAY2ywhs3lxDBoOFGulZyv3fUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjE2MTYzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZmNWE3MDMyNGExOGExMzMzMzVlZGM1YTUyNzNlNDQ3NTc5YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2Wc4mn9R8sJh6cHVuPvYNj7X7RC
SS/1FRprXgVysy7ZsDEiJjdMEOQml01khnmzm/hTa1DXtwg9rt5WB25ppNdhd52D
Ymt0dVvZr8EqmL7l63aWasbDlK0aOaS+uZyrCn0pQj6WdxJxfPftFvN+AMMdfuyf
UmMkDvAIiwcPh1dY7u3GOV1hNEG+4RhbpiJvfffwdRlosSutIwWFgaWe07peEDqz
gAD4DaunEHEwuiZpZHIb6fUAej8E7JK6p92wxxp7k97H5SimUx4ihHtjOUw/c/3O
NDefDzMbg4rR7h7zRgK9+a5HNE43lXPBoqfUNV7gM20DQh55wJt4tU0+WwIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFOlvWnAyShihMzNe3FpSc+RHV5qSMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNlc5YWNESktHS0V6TTE3Y1dsSno1RWRYbXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBjQQCAAEwgYYwDAME
AC0JqQMEAi0JqAMEAS0OCgMEAC1YXTAMAwQETfKQAwQATfKUMAwDBABN8pcDBAJN
8pgDBABY0cEDBABY0cQDBABY0dADBABY0dIDBAJY0dQDBABY0dsDBANcNNADBAGy
0uAwDAMEALLS7QMEArLS+AMEAbLS/gMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAf
QDANBgkqhkiG9w0BAQsFAAOCAQEANP+EqgGvbpWzp4/1+IVwH5JpjUZ8NMGyzGpL
WlO9/CAPoQT+Y8ezv/AAnLMiHPe70m1PGxyqXLntjir9Nfq1R63c+2Olqj1vu6RH
pbzAfghuQKFZXv6mmF0+6VFEb+4kb8Pqk+NWwZJVqXR/4AaN0LOJTpZ+ddOThSuz
kewKFmSYuGzEVPjzTRmfzU5R/T8fNIlHaMgvmiF+aFCW15wUKgWQUTgy+vu0FCdG
XHbO/8vmgdhAIbTV5HAVXQ1vYe6Xr6sjwaw75tB/K0Jv7zYo96k6f9BV9p8kQjIP
o9YiNvJTMCarHeXTcOpf0LmNvaWVrxzOu2iUPF5ynWwgfJV0Nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org