Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ALVeYtI4AJCn-amYYd2CyQAUhAw.roa
File: ALVeYtI4AJCn-amYYd2CyQAUhAw.roa (raw, json)
Hash identifier: Lssk6qtbATVsOcJi4FPXA+Duedb/2kxL4dij4y5+5lg=
Subject key identifier: 00:B5:5E:62:D2:38:00:90:A7:F9:A9:98:61:DD:82:C9:00:14:84:0C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C20A437B92B7263F0DD94551EA524E87B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ALVeYtI4AJCn-amYYd2CyQAUhAw.roa
Signing time: Thu 30 Nov 2023 14:31:22 +0000
ROA not before: Thu 30 Nov 2023 14:31:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:a4:37:b9:2b:72:63:f0:dd:94:55:1e:a5:24:e8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 30 14:31:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b55e62d2380090a7f9a99861dd82c90014840c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:84:a2:83:18:ff:86:12:0d:57:31:e6:25:b5:
72:d8:4f:98:8d:b7:67:ac:42:2c:5e:f4:b2:1b:02:
63:f5:4f:6c:50:33:08:33:86:be:32:ea:c8:06:4a:
cf:c4:a7:a3:f9:48:7e:b6:cc:0b:4c:f8:fb:49:45:
51:70:4f:14:3f:c3:d9:fd:11:27:da:7d:a6:6d:c5:
bd:3d:f4:8a:4c:b5:e5:a1:fe:7f:a9:98:a3:d2:9e:
fb:31:54:32:ef:f2:bf:f7:14:05:a4:44:da:63:ea:
de:dc:de:9e:1a:13:b9:c3:2f:bb:3f:82:15:de:72:
70:c7:9f:91:7e:e5:c2:d0:7e:5b:2c:e3:5b:45:d4:
1e:59:29:19:ef:40:b5:a4:38:6b:f7:e7:47:e8:06:
a5:df:a4:ff:7f:0d:d1:c2:80:6a:a1:30:40:ad:60:
cb:0e:3c:8e:c1:b5:3d:0b:c6:6b:5f:8a:f8:c2:fa:
81:ca:bc:1e:b3:04:53:39:cf:ac:37:bc:c2:c2:14:
d1:ef:99:ef:b7:9c:b5:41:66:41:36:87:7e:87:11:
6a:e3:4a:23:0a:a4:84:2f:bc:c5:ff:f7:37:e8:92:
73:05:ce:8d:f9:50:c6:0e:c4:22:b9:c7:7b:58:f3:
62:c8:b4:44:b3:e8:ef:4c:9c:d0:e5:19:97:8c:fb:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B5:5E:62:D2:38:00:90:A7:F9:A9:98:61:DD:82:C9:00:14:84:0C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ALVeYtI4AJCn-amYYd2CyQAUhAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0-83.137.158.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/24
178.210.235.0/24
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:55:83:be:21:f0:48:41:89:db:38:8a:ac:03:59:ec:78:44:
73:1d:b0:7d:09:a6:8a:36:4b:58:84:c2:0a:47:26:d6:38:62:
d6:e5:a3:af:16:5a:fb:cb:eb:a4:ab:5b:fc:52:fd:3c:ae:b1:
84:77:67:42:e5:00:eb:75:04:be:7c:58:a7:d6:42:71:9f:b5:
82:97:e2:c1:1d:f8:8f:8e:96:ad:ec:69:20:6b:19:2f:15:44:
84:f0:fd:93:7c:4a:36:b6:c4:5e:81:30:58:4c:ac:9c:8b:5e:
38:bf:3c:13:de:65:1e:57:c2:c1:c4:4d:0a:e7:02:25:74:8b:
8e:5b:57:b9:71:e8:eb:ee:3b:64:a6:3d:d4:5d:79:45:92:c9:
c8:3c:61:e2:b1:bd:1b:63:9c:95:c3:8e:50:c5:73:f0:44:a4:
de:dd:d8:9e:98:26:61:86:61:75:9e:cb:ae:51:10:96:77:6b:
74:b2:1e:00:99:3d:14:9b:00:ee:b2:cf:e8:cd:09:0c:48:b8:
92:cc:71:ab:c4:bc:39:c5:5c:d9:50:18:cd:e2:be:27:8c:5f:
31:f7:5e:84:6f:cb:b1:4b:8d:a6:32:81:a2:d6:f3:df:9a:26:
4c:76:80:76:a5:88:02:81:c4:fb:ca:b3:8c:bc:87:92:c3:21:
53:d3:fe:56
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYwgpDe5K3Jj8N2UVR6lJOh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTMwMTQzMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI1NWU2MmQyMzgwMDkwYTdmOWE5OTg2MWRkODJjOTAwMTQ4NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoSigxj/hhINVzHmJbVy2E+Yjbdn
rEIsXvSyGwJj9U9sUDMIM4a+MurIBkrPxKej+Uh+tswLTPj7SUVRcE8UP8PZ/REn
2n2mbcW9PfSKTLXlof5/qZij0p77MVQy7/K/9xQFpETaY+re3N6eGhO5wy+7P4IV
3nJwx5+RfuXC0H5bLONbRdQeWSkZ70C1pDhr9+dH6Aal36T/fw3RwoBqoTBArWDL
DjyOwbU9C8ZrX4r4wvqByrweswRTOc+sN7zCwhTR75nvt5y1QWZBNod+hxFq40oj
CqSEL7zF//c36JJzBc6N+VDGDsQiucd7WPNiyLREs+jvTJzQ5RmXjPt/hQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFAC1XmLSOACQp/mpmGHdgskAFIQMMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQUxWZVl0STRBSkNuLWFtWVlkMkN5UUFVaEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFtnAD
BAAFtnMDBAAtCagDBAJN8pgDBABTiZkwDAMEAFOJnQMEAFOJngMEAFjR2wMEAFjR
5AMEAljR7AMEAVjR9gMEAFjR/jAMAwQAXDTZAwQAXDTaAwQAstLlAwQAstLoAwQA
stLrAwQAstLtAwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQBKVYO+IfBIQYnbOIqs
A1nseERzHbB9CaaKNktYhMIKRybWOGLW5aOvFlr7y+ukq1v8Uv08rrGEd2dC5QDr
dQS+fFin1kJxn7WCl+LBHfiPjpat7GkgaxkvFUSE8P2TfEo2tsRegTBYTKyci144
vzwT3mUeV8LBxE0K5wIldIuOW1e5cejr7jtkpj3UXXlFksnIPGHisb0bY5yVw45Q
xXPwRKTe3diemCZhhmF1nsuuURCWd2t0sh4AmT0UmwDuss/ozQkMSLiSzHGrxLw5
xVzZUBjN4r4njF8x916Eb8uxS42mMoGi1vPfmiZMdoB2pYgCgcT7yrOMvIeSwyFT
0/5W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org