Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7GpS7R6XRkyMqPsbIohgmpNlUpg.roa
File: 7GpS7R6XRkyMqPsbIohgmpNlUpg.roa (raw, json)
Hash identifier: qx+vh/zSeC7BbvASvLdqaQBBB43gzXmw7C3gm+om2fs=
Subject key identifier: EC:6A:52:ED:1E:97:46:4C:8C:A8:FB:1B:22:88:60:9A:93:65:52:98
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018655D38CF75DC8165EA3AFE6BCA53B2B25
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7GpS7R6XRkyMqPsbIohgmpNlUpg.roa
Signing time: Wed 15 Feb 2023 16:06:12 +0000
ROA not before: Wed 15 Feb 2023 16:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:d3:8c:f7:5d:c8:16:5e:a3:af:e6:bc:a5:3b:2b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 15 16:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec6a52ed1e97464c8ca8fb1b2288609a93655298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ef:47:80:62:ed:7d:12:6b:73:27:aa:96:69:
5d:7f:c9:29:8c:96:01:a3:f8:4d:27:a5:4a:ba:14:
b6:45:e1:eb:ce:84:24:32:36:31:63:34:0a:8d:5e:
74:52:c1:69:50:c4:10:e3:34:f1:da:b2:85:af:f9:
91:ad:21:56:8b:a4:f2:28:73:30:8d:27:95:2c:cc:
18:9b:59:34:be:8b:3e:1a:51:f3:54:71:52:e7:32:
99:90:cb:08:f8:14:f0:a8:cd:ad:47:d8:b9:f4:58:
cb:b3:5e:47:36:6a:b2:37:a4:c1:69:66:de:fe:a9:
d5:ec:fb:ab:c8:ae:23:a2:ee:3e:5a:2b:52:01:ce:
de:9e:5b:18:5b:36:3b:b3:04:be:77:2b:b2:a5:11:
e2:17:84:12:70:97:7b:b4:5a:7d:36:d7:95:34:16:
77:cc:be:74:3a:e0:46:21:12:36:cb:3b:f6:5d:bc:
4c:a9:31:02:cc:42:de:5f:9a:5a:65:e1:b2:08:1b:
69:63:e7:f1:4a:34:5c:f8:02:38:d2:d5:0c:87:f9:
63:41:28:e4:27:a4:f3:ec:b5:1d:09:ed:5d:73:79:
1e:18:f2:db:2c:1a:b9:01:64:cf:d1:78:f1:76:22:
37:20:9c:53:c6:69:36:dd:36:66:da:17:2f:00:3f:
d4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6A:52:ED:1E:97:46:4C:8C:A8:FB:1B:22:88:60:9A:93:65:52:98
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7GpS7R6XRkyMqPsbIohgmpNlUpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/22
88.209.192.0/21
88.209.224.0/23
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
69:cf:cd:89:58:1c:53:3b:64:bb:03:f1:c5:2c:24:ef:3f:9a:
ad:77:4b:bf:7c:c4:cf:cc:3e:a4:17:af:b1:81:42:c4:5c:b0:
15:fa:9d:08:98:3b:7e:81:8f:eb:44:57:e4:3a:8d:7e:2e:f2:
39:c6:f2:02:f0:c4:da:b6:40:4d:2d:5b:5a:d2:90:5a:ca:6e:
f1:dd:60:fe:a4:40:32:c1:97:59:04:de:9a:be:e8:05:4c:9c:
b3:82:e0:46:92:b5:bf:2f:14:5b:98:1d:95:f6:f2:57:4d:ca:
97:c8:1d:1b:73:90:b4:61:2d:18:16:45:d3:51:b5:44:c3:85:
69:03:fd:7c:54:0b:70:bc:ce:04:b4:79:af:90:da:86:f2:21:
54:d2:66:70:f1:25:95:7c:11:55:ca:cc:27:d6:a3:84:b6:18:
ff:ef:86:30:7f:28:ab:53:ad:8c:fa:d9:53:7d:09:0f:4c:61:
14:94:e1:41:71:ea:ca:78:93:e8:06:65:22:2b:aa:96:97:00:
31:ac:32:d1:5d:4c:2e:0a:cb:1e:30:27:f5:31:4b:51:b3:e6:
c2:dd:28:79:33:18:6a:39:ea:fc:88:cd:5d:66:6f:40:9c:dc:
14:6b:56:29:4a:cc:83:b9:37:46:34:f1:c1:3c:0a:18:d2:d8:
c5:18:0c:22
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYZV04z3XcgWXqOv5rylOyslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjE1MTYwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzZhNTJlZDFlOTc0NjRjOGNhOGZiMWIyMjg4NjA5YTkzNjU1Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+9HgGLtfRJrcyeqlmldf8kpjJYB
o/hNJ6VKuhS2ReHrzoQkMjYxYzQKjV50UsFpUMQQ4zTx2rKFr/mRrSFWi6TyKHMw
jSeVLMwYm1k0vos+GlHzVHFS5zKZkMsI+BTwqM2tR9i59FjLs15HNmqyN6TBaWbe
/qnV7PuryK4jou4+WitSAc7enlsYWzY7swS+dyuypRHiF4QScJd7tFp9NteVNBZ3
zL50OuBGIRI2yzv2XbxMqTECzELeX5paZeGyCBtpY+fxSjRc+AI40tUMh/ljQSjk
J6Tz7LUdCe1dc3keGPLbLBq5AWTP0XjxdiI3IJxTxmk23TZm2hcvAD/UiwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFOxqUu0el0ZMjKj7GyKIYJqTZVKYMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvN0dwUzdSNlhSa3lNcVBzYklvaGdtcE5sVXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQALQmp
AwQCLQmoAwQALQ4IAwQALQ4KAwQALVhdMAwDBARN8pADBABN8pQDBABN8pcDBAJN
8pwDBANY0cADBAFY0eADBANcNNADBABcNNsDBAKy0uADBACy0uwDBAOy+MgDBADB
in0wDQYJKoZIhvcNAQELBQADggEBAGnPzYlYHFM7ZLsD8cUsJO8/mq13S798xM/M
PqQXr7GBQsRcsBX6nQiYO36Bj+tEV+Q6jX4u8jnG8gLwxNq2QE0tW1rSkFrKbvHd
YP6kQDLBl1kE3pq+6AVMnLOC4EaStb8vFFuYHZX28ldNypfIHRtzkLRhLRgWRdNR
tUTDhWkD/XxUC3C8zgS0ea+Q2obyIVTSZnDxJZV8EVXKzCfWo4S2GP/vhjB/KKtT
rYz62VN9CQ9MYRSU4UFx6sp4k+gGZSIrqpaXADGsMtFdTC4Kyx4wJ/UxS1Gz5sLd
KHkzGGo56vyIzV1mb0Cc3BRrVilKzIO5N0Y08cE8ChjS2MUYDCI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org