Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8rMyPi3wrEU_IW4c4l-Fl25e1wk.roa
File: 8rMyPi3wrEU_IW4c4l-Fl25e1wk.roa (raw, json)
Hash identifier: zmT1r9cWzc2EFkCybWqKqDLei2rROG3S9/YMxdVykNU=
Subject key identifier: F2:B3:32:3E:2D:F0:AC:45:3F:21:6E:1C:E2:5F:85:97:6E:5E:D7:09
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824DCFB40FBDE1FD877E29C7163AE83E10
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8rMyPi3wrEU_IW4c4l-Fl25e1wk.roa
Signing time: Sat 30 Jul 2022 06:33:53 +0000
ROA not before: Sat 30 Jul 2022 06:33:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.231.0/24 maxlen: 24
88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
83.137.159.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.151.60.0/22 maxlen: 22
178.210.224.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4d:cf:b4:0f:bd:e1:fd:87:7e:29:c7:16:3a:e8:3e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 30 06:33:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2b3323e2df0ac453f216e1ce25f85976e5ed709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3d:d5:1b:09:55:37:e8:36:7d:4b:63:73:25:
9c:03:3c:3e:46:69:42:a7:1c:fb:b9:6c:44:1f:2e:
84:11:c8:f5:2d:5f:48:52:1c:2b:68:5d:e5:e7:94:
a0:8a:85:f6:be:f5:5a:28:01:09:ec:b5:88:e3:8c:
6c:ba:55:4e:c1:56:f4:a5:cf:2b:f8:4e:0a:88:eb:
29:c7:87:a3:97:fb:e6:c7:f9:9b:68:ef:27:62:3e:
01:7a:3f:ec:37:47:6e:fa:52:e9:b7:41:78:92:46:
88:09:00:34:58:74:3c:ed:e9:18:7e:33:1f:e9:c2:
52:6f:85:de:12:b6:a6:3d:ee:2d:71:ae:7b:de:df:
7a:36:22:b4:15:89:47:fe:6a:96:7b:a1:51:41:02:
0a:56:db:b0:b5:9b:1d:7f:7d:0c:85:3d:06:5e:f1:
6a:bb:3d:a3:7c:b2:46:a9:99:9a:b0:72:32:bf:89:
fb:37:b6:ca:5c:4c:1e:d5:79:87:69:4d:c3:c8:b7:
82:de:27:e1:82:90:8c:64:e0:a0:0b:f2:ac:20:37:
d6:fc:92:bc:88:8c:3d:8d:18:5a:15:9f:7b:f3:cb:
20:2d:31:d2:b3:f9:14:ae:7c:bf:b9:c5:9e:31:e1:
e4:a5:7b:66:07:22:1b:fa:3b:8e:20:e6:5f:d0:8c:
7e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B3:32:3E:2D:F0:AC:45:3F:21:6E:1C:E2:5F:85:97:6E:5E:D7:09
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/8rMyPi3wrEU_IW4c4l-Fl25e1wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0-45.14.10.255
77.242.144.0/20
83.137.159.0/24
88.151.60.0/22
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.231.0/24
88.209.240.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
47:db:4f:72:a2:cd:1c:d6:db:23:8d:63:de:78:95:38:9d:8a:
f9:f6:f8:0b:05:a3:94:49:a8:d1:50:13:b5:0e:80:42:8f:10:
91:d1:c4:0d:07:67:db:c5:70:c0:62:44:f6:b7:4d:61:13:9a:
7d:79:d5:99:fd:08:8a:37:38:91:68:0d:e0:10:65:6e:94:6f:
37:01:16:81:f1:a7:6b:75:a3:9f:c4:79:a0:1b:95:57:3e:e7:
b3:b8:db:4d:82:22:b7:b1:9e:d7:b1:cf:05:07:b0:b2:64:06:
9b:31:10:df:83:52:ec:03:78:3d:ad:3e:53:7e:7f:55:21:fc:
2e:19:77:4a:b6:3a:ec:9d:42:46:33:80:34:52:12:72:84:b5:
ac:4b:67:3b:7e:2d:5d:ad:92:bc:95:a0:94:97:9f:be:68:b0:
d0:18:bd:15:20:4e:a8:1e:33:59:95:4b:31:0f:c7:54:a4:22:
72:e7:ec:83:a1:50:6d:18:0c:74:2b:dd:67:41:e7:b2:02:1e:
7a:c3:17:71:1c:54:2c:41:5e:c8:8f:3d:9b:4f:bc:23:95:15:
0c:01:6c:ce:0b:e9:e1:36:8d:68:fc:43:35:9d:51:9c:f1:e1:
81:29:ce:eb:fe:04:76:d7:fe:ce:f8:ea:b2:cb:1a:0f:ca:42:
89:70:b4:6f
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYJNz7QPveH9h34pxxY66D4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzMwMDYzMzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIzMzIzZTJkZjBhYzQ1M2YyMTZlMWNlMjVmODU5NzZlNWVkNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9z3VGwlVN+g2fUtjcyWcAzw+RmlC
pxz7uWxEHy6EEcj1LV9IUhwraF3l55SgioX2vvVaKAEJ7LWI44xsulVOwVb0pc8r
+E4KiOspx4ejl/vmx/mbaO8nYj4Bej/sN0du+lLpt0F4kkaICQA0WHQ87ekYfjMf
6cJSb4XeEramPe4tca573t96NiK0FYlH/mqWe6FRQQIKVtuwtZsdf30MhT0GXvFq
uz2jfLJGqZmasHIyv4n7N7bKXEwe1XmHaU3DyLeC3ifhgpCMZOCgC/KsIDfW/JK8
iIw9jRhaFZ9788sgLTHSs/kUrny/ucWeMeHkpXtmByIb+juOIOZf0Ix+MwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFPKzMj4t8KxFPyFuHOJfhZduXtcJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOHJNeVBpM3dyRVVfSVc0YzRsLUZsMjVlMXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcjAMAwQALQmp
AwQCLQmoMAwDBAMtDggDBAAtDgoDBARN8pADBABTiZ8DBAJYlzwDBANY0cAwDAME
BFjR0AMEAljR4AMEAFjR5wMEAljR8AMEA1w00AMEAFw02wMEA7LS4AMEALLS7AME
A7L4yAMEAMGKfTANBgkqhkiG9w0BAQsFAAOCAQEAR9tPcqLNHNbbI41j3niVOJ2K
+fb4CwWjlEmo0VATtQ6AQo8QkdHEDQdn28VwwGJE9rdNYROafXnVmf0Iijc4kWgN
4BBlbpRvNwEWgfGna3Wjn8R5oBuVVz7ns7jbTYIit7Ge17HPBQewsmQGmzEQ34NS
7AN4Pa0+U35/VSH8Lhl3SrY67J1CRjOANFIScoS1rEtnO34tXa2SvJWglJefvmiw
0Bi9FSBOqB4zWZVLMQ/HVKQicufsg6FQbRgMdCvdZ0HnsgIeesMXcRxULEFeyI89
m0+8I5UVDAFszgvp4TaNaPxDNZ1RnPHhgSnO6/4Edtf+zvjqsssaD8pCiXC0bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org