Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9uTqqLMbrFGqzKcxR5mnA5a73Rg.roa
File: 9uTqqLMbrFGqzKcxR5mnA5a73Rg.roa (raw, json)
Hash identifier: stli7MfFg+F0/cGn56XYLoS7VTBMi1TIbywXc6fZEnA=
Subject key identifier: F6:E4:EA:A8:B3:1B:AC:51:AA:CC:A7:31:47:99:A7:03:96:BB:DD:18
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DCBC18C11B950826CFE7D289A0335F39E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9uTqqLMbrFGqzKcxR5mnA5a73Rg.roa
Signing time: Wed 21 Feb 2024 13:01:15 +0000
ROA not before: Wed 21 Feb 2024 13:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 5.182.112.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.236.0/24 maxlen: 24
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.246.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:c1:8c:11:b9:50:82:6c:fe:7d:28:9a:03:35:f3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 21 13:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6e4eaa8b31bac51aacca7314799a70396bbdd18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5f:01:6d:a0:9a:5b:1f:78:5f:d2:90:ca:a3:
aa:ac:fc:7b:fa:54:df:33:03:ad:9d:b8:fb:7b:8e:
59:59:19:cd:a8:c6:1e:17:4e:d9:95:3f:9d:51:19:
08:91:c1:11:08:69:28:b8:53:08:43:6d:7f:83:0e:
41:ab:2c:7e:ef:64:82:81:d3:b3:74:fe:13:7c:b7:
58:b2:14:94:bd:14:7e:e3:c9:83:28:0f:6d:68:4d:
f8:bd:be:29:03:22:19:a5:ba:96:3b:05:b5:bd:13:
a9:8a:c7:52:0c:8f:97:ad:1f:a4:8e:cb:28:1a:4a:
19:c6:66:a2:d1:78:38:ac:28:a0:fc:e2:5e:3f:8f:
51:9b:ae:91:6a:e2:21:a4:e3:de:d4:b7:ce:94:8c:
b2:80:5f:ba:f6:2a:02:35:89:9b:bb:97:6d:84:14:
df:95:34:1a:46:5d:b5:d0:32:1b:79:10:4c:79:eb:
c0:58:50:3b:21:db:4e:83:d6:ec:62:b5:c6:52:07:
3b:fa:d2:3e:43:e5:8e:b1:7e:b9:70:db:ec:4e:56:
82:d0:23:f3:66:55:ab:b2:df:eb:5f:96:c1:3b:09:
d2:c8:50:c4:04:a4:1a:71:61:f9:9c:44:d4:cd:ad:
c6:b4:33:48:94:b9:4e:11:52:ba:12:75:cb:ff:93:
b9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E4:EA:A8:B3:1B:AC:51:AA:CC:A7:31:47:99:A7:03:96:BB:DD:18
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9uTqqLMbrFGqzKcxR5mnA5a73Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
45.9.168.0/24
83.137.153.0/24
83.137.156.0/23
88.209.206.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0/24
178.210.229.0/24
178.210.232.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ba:ad:5f:21:b0:e2:55:68:59:37:59:62:b0:f4:f5:07:96:
57:40:e0:dc:c9:5f:54:4e:e9:14:67:0c:e9:7f:71:3a:28:ba:
92:11:2d:9d:d5:2a:2b:f8:c0:2c:ba:d7:32:bc:e8:e5:b4:56:
58:c3:ee:2b:b4:12:aa:3b:04:7b:6c:5f:13:6d:97:33:eb:4b:
c8:d6:5b:d6:84:bd:47:0e:a0:3a:57:33:4a:54:43:7b:f4:59:
fd:16:3d:60:3c:d7:25:4d:18:e1:78:9c:e4:3d:da:0b:fa:ec:
0c:01:e5:28:e7:16:a1:d9:e2:03:c0:9d:78:22:48:53:42:9a:
69:67:df:b6:58:f1:55:39:30:f6:60:a5:e2:33:3d:e8:91:c0:
52:15:db:34:5f:99:d7:d3:ce:33:86:8d:71:92:10:51:f1:51:
ae:9f:b0:be:b2:48:f5:aa:b5:fc:f8:ea:b6:61:84:b8:66:4a:
d5:25:9f:8e:59:66:87:00:68:95:39:05:bd:7c:d4:a6:97:a4:
3e:f8:33:cc:0d:da:68:c7:4c:6b:ff:94:f0:bc:f2:9b:de:f4:
32:e3:0f:82:0f:da:41:40:49:09:5d:58:da:bb:bd:ee:37:56:
30:41:fd:4d:26:5b:8b:4c:8a:77:16:2a:7e:3d:b0:02:c0:29:
39:b3:b0:da
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY3LwYwRuVCCbP59KJoDNfOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjIxMTMwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU0ZWFhOGIzMWJhYzUxYWFjY2E3MzE0Nzk5YTcwMzk2YmJkZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV8BbaCaWx94X9KQyqOqrPx7+lTf
MwOtnbj7e45ZWRnNqMYeF07ZlT+dURkIkcERCGkouFMIQ21/gw5Bqyx+72SCgdOz
dP4TfLdYshSUvRR+48mDKA9taE34vb4pAyIZpbqWOwW1vROpisdSDI+XrR+kjsso
GkoZxmai0Xg4rCig/OJeP49Rm66RauIhpOPe1LfOlIyygF+69ioCNYmbu5dthBTf
lTQaRl210DIbeRBMeevAWFA7IdtOg9bsYrXGUgc7+tI+Q+WOsX65cNvsTlaC0CPz
ZlWrst/rX5bBOwnSyFDEBKQacWH5nETUza3GtDNIlLlOEVK6EnXL/5O5owIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPbk6qizG6xRqsynMUeZpwOWu90YMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOXVUcXFMTWJyRkdxektjeFI1bW5BNWE3M1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABbZwAwQA
LQmoAwQAU4mZAwQBU4mcAwQAWNHOAwQAWNHkAwQCWNHsAwQBWNH2AwQAWNH+AwQA
XDTZAwQAstLlAwQAstLoAwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQBQuq1fIbDi
VWhZN1lisPT1B5ZXQODcyV9UTukUZwzpf3E6KLqSES2d1Sor+MAsutcyvOjltFZY
w+4rtBKqOwR7bF8TbZcz60vI1lvWhL1HDqA6VzNKVEN79Fn9Fj1gPNclTRjheJzk
PdoL+uwMAeUo5xah2eIDwJ14IkhTQpppZ9+2WPFVOTD2YKXiMz3okcBSFds0X5nX
084zho1xkhBR8VGun7C+skj1qrX8+Oq2YYS4ZkrVJZ+OWWaHAGiVOQW9fNSml6Q+
+DPMDdpox0xr/5TwvPKb3vQy4w+CD9pBQEkJXVjau73uN1YwQf1NJluLTIp3Fip+
PbACwCk5s7Da
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org