Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7Qj9EbZkU2itX8MTm_9XXAlvD0c.roa
File: 7Qj9EbZkU2itX8MTm_9XXAlvD0c.roa (raw, json)
Hash identifier: x8urfx0Kp2iSkrv/9WJlZCbj7BGS7bRCyDGVy9skFGQ=
Subject key identifier: ED:08:FD:11:B6:64:53:68:AD:5F:C3:13:9B:FF:57:5C:09:6F:0F:47
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E654210002EA2112292EF7EAB634A6CE7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7Qj9EbZkU2itX8MTm_9XXAlvD0c.roa
Signing time: Fri 22 Mar 2024 08:23:32 +0000
ROA not before: Fri 22 Mar 2024 08:23:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:42:10:00:2e:a2:11:22:92:ef:7e:ab:63:4a:6c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 22 08:23:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed08fd11b6645368ad5fc3139bff575c096f0f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:73:59:55:90:a0:ca:23:f1:47:f2:ae:b4:25:
06:d6:57:c6:0b:25:81:9f:b8:68:5a:8f:e5:b4:8e:
84:c2:01:f8:20:02:fe:68:fb:a5:c0:a3:32:24:de:
7c:be:71:cb:1f:47:a9:92:87:c0:68:1e:f6:ee:8e:
cb:3a:8f:c1:d9:b0:c0:b0:ce:3c:cd:e6:fe:b6:43:
71:65:cb:b4:e4:81:10:f0:46:e9:b0:c9:25:e4:c3:
49:83:f3:1c:b6:cd:3f:05:3f:8e:d5:04:b1:9f:d3:
55:af:27:53:57:07:fc:29:e3:30:90:92:de:f6:8f:
e9:28:15:ce:18:68:fc:bb:eb:35:93:43:ba:69:d1:
14:b7:e9:88:26:0b:24:26:94:dd:78:8b:65:94:12:
b5:ca:00:8b:e7:fb:9a:6b:93:56:48:a7:b6:8c:7d:
e5:08:94:61:5e:32:d9:29:dd:de:c6:91:03:ff:04:
db:e4:5c:06:6f:3a:32:7a:56:4c:49:b0:1a:d6:54:
02:ff:e6:05:dc:83:fa:b8:84:f6:39:70:38:bb:f8:
cb:35:54:66:1d:23:dc:ee:30:a9:ce:e5:64:be:52:
d7:1f:fd:e0:bd:e7:c5:60:29:f7:51:e3:92:97:c9:
47:d6:ad:f8:05:21:25:b9:b4:a7:8a:b7:25:cb:b2:
7c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:08:FD:11:B6:64:53:68:AD:5F:C3:13:9B:FF:57:5C:09:6F:0F:47
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/7Qj9EbZkU2itX8MTm_9XXAlvD0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
178.210.224.0/19
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:5d:a8:63:cd:7d:61:e0:c5:c8:53:ef:f2:7a:02:85:6c:7a:
e8:63:a5:37:fb:b7:60:6a:8d:1c:5d:d2:c5:b2:a5:8f:c1:c5:
16:6c:9a:62:63:5d:87:ed:97:e9:10:38:16:39:72:83:fb:66:
58:cf:1a:f7:ab:a6:24:7f:8b:50:02:68:0e:58:af:00:8f:8f:
1e:68:5c:60:60:2e:c0:c5:a5:c1:56:3f:7a:4f:5d:93:2b:0c:
66:0e:08:50:f5:11:76:35:64:38:fd:6f:3a:0f:52:21:43:b5:
df:e5:f8:e3:e0:ad:94:6e:0a:44:9f:f9:a1:62:cb:59:62:27:
07:0f:bd:47:76:13:b7:6d:63:19:84:a0:e9:e4:9e:40:cf:d3:
b6:37:31:63:94:fa:7f:f7:dd:e5:01:e0:07:68:0e:86:c6:f4:
56:a8:76:81:36:36:64:bc:5a:bb:ae:f6:6e:bc:57:71:49:7c:
3b:d8:eb:8d:92:2b:59:53:8b:26:2b:2a:f4:af:cd:3e:3e:ca:
b2:49:71:7d:41:a2:bc:ec:73:7c:fc:7e:66:0f:be:82:54:0e:
bc:15:03:49:db:ac:86:2d:81:ee:6c:bb:ec:77:60:7d:98:34:
b7:1b:56:47:d0:f0:c6:c9:7f:cc:1a:26:cb:3f:72:6f:9f:24:
18:ac:dd:c8
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAY5lQhAALqIRIpLvfqtjSmznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzIyMDgyMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA4ZmQxMWI2NjQ1MzY4YWQ1ZmMzMTM5YmZmNTc1YzA5NmYwZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnNZVZCgyiPxR/KutCUG1lfGCyWB
n7hoWo/ltI6EwgH4IAL+aPulwKMyJN58vnHLH0epkofAaB727o7LOo/B2bDAsM48
zeb+tkNxZcu05IEQ8EbpsMkl5MNJg/Mcts0/BT+O1QSxn9NVrydTVwf8KeMwkJLe
9o/pKBXOGGj8u+s1k0O6adEUt+mIJgskJpTdeItllBK1ygCL5/uaa5NWSKe2jH3l
CJRhXjLZKd3expED/wTb5FwGbzoyelZMSbAa1lQC/+YF3IP6uIT2OXA4u/jLNVRm
HSPc7jCpzuVkvlLXH/3gvefFYCn3UeOSl8lH1q34BSElubSnircly7J8qwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFO0I/RG2ZFNorV/DE5v/V1wJbw9HMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvN1FqOUViWmtVMml0WDhNVG1fOVhYQWx2RDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZDAMAwQALQmp
AwQCLQmoAwQBLQ4KAwQALVhdMAwDBARN8pADBABN8pQDBABN8pcDBABY0cEDBABY
0cQDBABY0dADBABY0dIDBAJY0dQDBANcNNADBAWy0uADBAOy+MgDBADBin0wDQQC
AAIwBwMFAyoAH0AwDQYJKoZIhvcNAQELBQADggEBALZdqGPNfWHgxchT7/J6AoVs
euhjpTf7t2BqjRxd0sWypY/BxRZsmmJjXYftl+kQOBY5coP7ZljPGverpiR/i1AC
aA5YrwCPjx5oXGBgLsDFpcFWP3pPXZMrDGYOCFD1EXY1ZDj9bzoPUiFDtd/l+OPg
rZRuCkSf+aFiy1liJwcPvUd2E7dtYxmEoOnknkDP07Y3MWOU+n/33eUB4AdoDobG
9FaodoE2NmS8Wruu9m68V3FJfDvY642SK1lTiyYrKvSvzT4+yrJJcX1Borzsc3z8
fmYPvoJUDrwVA0nbrIYtge5su+x3YH2YNLcbVkfQ8MbJf8waJss/cm+fJBis3cg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org