Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9rm07HxXZV6On-jFIPgdZqP459c.roa
File: 9rm07HxXZV6On-jFIPgdZqP459c.roa (raw, json)
Hash identifier: TXHKj3IA9wDidekOfe+H2F6k692fa5dMlLHJLQIG3vA=
Subject key identifier: F6:B9:B4:EC:7C:57:65:5E:8E:9F:E8:C5:20:F8:1D:66:A3:F8:E7:D7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186EF8837F1A2D02A3A30573AC66354C150
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9rm07HxXZV6On-jFIPgdZqP459c.roa
Signing time: Fri 17 Mar 2023 12:25:27 +0000
ROA not before: Fri 17 Mar 2023 12:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:88:37:f1:a2:d0:2a:3a:30:57:3a:c6:63:54:c1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 17 12:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6b9b4ec7c57655e8e9fe8c520f81d66a3f8e7d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b6:17:e8:5d:9a:4b:ba:9a:46:22:d0:30:6c:
cb:e2:1f:f5:bb:ae:50:a1:9e:c5:14:f3:fb:ce:8d:
26:84:89:a5:ac:74:0b:5e:32:63:d4:50:14:1b:1e:
1e:bd:b7:2f:d1:39:03:7d:46:7d:87:e9:03:78:22:
1b:81:2c:e4:e7:75:46:f9:33:ab:e3:c7:c4:37:f6:
9a:d0:8b:37:08:81:90:5c:8f:5d:0c:ee:44:d0:88:
b4:26:9c:12:d6:0c:07:08:0a:16:8d:2e:0e:1d:17:
4c:21:40:84:61:12:ab:d2:5c:8e:a1:82:94:7f:a3:
a9:24:38:02:fa:1c:a5:f1:6b:90:bc:74:0a:10:b1:
09:6a:7b:60:c2:29:dc:74:87:14:fd:07:19:f9:94:
39:fb:55:6c:f4:25:5c:70:52:8a:70:03:4a:2e:5b:
82:3b:93:f8:a3:d9:55:b9:17:4d:05:95:3c:af:17:
2b:44:3c:5b:83:26:e7:f2:03:28:fc:b3:d3:57:0e:
b3:41:f4:1b:6f:ff:e1:f7:65:08:d2:1d:51:43:95:
59:24:0d:aa:21:6c:43:df:99:86:6a:e9:7c:e5:04:
f1:12:84:bd:a7:57:02:ac:f9:0a:57:c5:80:58:bc:
9e:b9:f2:f5:7b:b9:35:c3:4c:fa:f4:c0:b1:46:99:
f7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B9:B4:EC:7C:57:65:5E:8E:9F:E8:C5:20:F8:1D:66:A3:F8:E7:D7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9rm07HxXZV6On-jFIPgdZqP459c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0/24
83.137.159.0/24
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:2a:31:4a:05:22:95:9e:45:8a:8d:49:87:f6:f6:a4:de:60:
c8:d9:05:cd:f4:68:3d:c6:6c:15:a2:00:54:5f:7a:4b:be:68:
18:9a:c7:57:6d:19:db:4a:32:c9:a7:e3:5c:61:e9:84:29:e5:
60:e0:df:38:6c:c9:02:32:c5:55:28:9f:c1:fb:a4:25:13:c3:
58:91:cb:e5:a2:4b:92:96:a4:ec:7f:c9:cf:05:99:ab:0f:ce:
81:ff:a1:5a:a9:d4:37:c2:4f:08:4f:7d:c9:1b:60:4d:ce:86:
fa:c9:ec:72:12:dc:d0:3e:77:a0:a0:0a:08:4a:f0:a8:df:c2:
fc:11:8c:81:ab:5b:84:98:53:5b:08:21:b4:84:f3:d1:34:d8:
59:0f:da:4c:0c:7d:f8:04:09:66:74:88:9e:2f:ab:bd:1d:a4:
ab:5d:aa:36:1f:d1:b6:fd:9e:e7:24:e5:0e:91:b4:5f:c6:ab:
b2:f0:78:64:c1:99:5a:14:18:bb:df:13:6a:09:9f:95:3d:8d:
a4:65:ba:06:60:c3:1b:b7:ee:18:ab:f0:d0:f6:6e:af:dd:78:
19:4b:35:aa:4d:ee:48:32:3f:da:10:3b:ea:6d:0d:ed:54:72:
0c:9c:6f:1b:1e:5f:93:39:86:da:74:ef:c3:4f:52:a2:00:ca:
80:d0:e4:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYbviDfxotAqOjBXOsZjVMFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzE3MTIyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmI5YjRlYzdjNTc2NTVlOGU5ZmU4YzUyMGY4MWQ2NmEzZjhlN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibYX6F2aS7qaRiLQMGzL4h/1u65Q
oZ7FFPP7zo0mhImlrHQLXjJj1FAUGx4evbcv0TkDfUZ9h+kDeCIbgSzk53VG+TOr
48fEN/aa0Is3CIGQXI9dDO5E0Ii0JpwS1gwHCAoWjS4OHRdMIUCEYRKr0lyOoYKU
f6OpJDgC+hyl8WuQvHQKELEJantgwincdIcU/QcZ+ZQ5+1Vs9CVccFKKcANKLluC
O5P4o9lVuRdNBZU8rxcrRDxbgybn8gMo/LPTVw6zQfQbb//h92UI0h1RQ5VZJA2q
IWxD35mGaul85QTxEoS9p1cCrPkKV8WAWLyeufL1e7k1w0z69MCxRpn3CwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFPa5tOx8V2Vejp/oxSD4HWaj+OfXMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOXJtMDdIeFhaVjZPbi1qRklQZ2RacVA0NTljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQAU4mdAwQAU4mfAwQAWJc+AwQA
WNHkAwQCWNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQCstLoAwQAstLtAwQAwikvMA0G
CSqGSIb3DQEBCwUAA4IBAQB+KjFKBSKVnkWKjUmH9vak3mDI2QXN9Gg9xmwVogBU
X3pLvmgYmsdXbRnbSjLJp+NcYemEKeVg4N84bMkCMsVVKJ/B+6QlE8NYkcvlokuS
lqTsf8nPBZmrD86B/6FaqdQ3wk8IT33JG2BNzob6yexyEtzQPnegoAoISvCo38L8
EYyBq1uEmFNbCCG0hPPRNNhZD9pMDH34BAlmdIieL6u9HaSrXao2H9G2/Z7nJOUO
kbRfxquy8HhkwZlaFBi73xNqCZ+VPY2kZboGYMMbt+4Yq/DQ9m6v3XgZSzWqTe5I
Mj/aEDvqbQ3tVHIMnG8bHl+TOYbadO/DT1KiAMqA0OQN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org