Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ag5Xi73psQGNmE4eXmcc61jLbns.roa
File: Ag5Xi73psQGNmE4eXmcc61jLbns.roa (raw, json)
Hash identifier: 5deMYR0cGHQm4qwjejXDJQl+so9aVWDMbYnYKRlGC4I=
Subject key identifier: 02:0E:57:8B:BD:E9:B1:01:8D:98:4E:1E:5E:67:1C:EB:58:CB:6E:7B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6C209472920EE8D8C1875FB0131B2
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ag5Xi73psQGNmE4eXmcc61jLbns.roa
Signing time: Mon 01 Jan 2024 06:29:43 +0000
ROA not before: Mon 01 Jan 2024 06:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c2:09:47:29:20:ee:8d:8c:18:75:fb:01:31:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=020e578bbde9b1018d984e1e5e671ceb58cb6e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:82:e4:f0:30:a9:09:e6:37:3a:cd:77:a4:
be:56:52:b0:dd:6c:7b:3b:a2:43:c7:a3:37:1a:ac:
a9:77:11:a9:1d:40:ba:d4:ae:fc:fb:75:87:2b:35:
d4:80:87:48:e9:b2:43:f8:8f:53:64:5a:3e:36:96:
4d:78:4c:52:92:53:41:05:d6:93:1a:02:52:74:f4:
22:26:9b:cd:4a:7e:d8:5a:c9:7c:06:97:7e:b9:d8:
f4:df:65:0d:51:00:50:06:4b:67:29:66:58:9e:c7:
b0:52:c6:aa:d1:fa:11:ed:38:75:86:a2:2c:85:87:
59:64:a3:b4:d5:48:c9:7a:a9:e3:99:e2:9f:60:e6:
14:11:fe:f7:76:84:65:8a:f8:e4:87:e4:88:06:0c:
dc:ae:21:a9:4e:42:3b:42:83:ae:43:40:71:0d:5f:
fd:fd:42:92:b4:a8:64:d9:36:9b:f6:0c:a3:7f:e4:
bf:62:73:ef:cf:55:99:c3:21:f0:7b:0e:4c:98:3c:
ce:75:07:76:6b:44:9e:9c:14:26:94:bb:74:1e:83:
2e:87:3d:f0:f0:d5:10:fe:14:ac:e7:9e:2a:98:ba:
33:bc:01:67:1d:c2:e2:9f:5d:b2:14:9c:66:7a:06:
d3:fc:81:21:3b:30:41:ac:a5:c4:07:db:37:ac:08:
df:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0E:57:8B:BD:E9:B1:01:8D:98:4E:1E:5E:67:1C:EB:58:CB:6E:7B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ag5Xi73psQGNmE4eXmcc61jLbns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0-83.137.158.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0/24
178.210.229.0/24
178.210.232.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:56:54:df:11:05:46:4d:68:a4:66:45:3b:d8:ca:a1:92:77:
9a:7a:b4:ce:07:42:a9:32:04:4d:03:27:ff:92:0d:7e:e9:26:
8b:3e:57:1a:fc:1a:95:19:b0:da:4e:9f:83:cb:b6:0a:f1:69:
04:4b:47:6e:b4:d3:27:c4:62:9f:fc:08:40:a7:5e:de:18:5c:
9d:79:4b:c4:b9:8f:46:cd:33:dc:03:90:a3:90:63:af:95:3a:
6d:da:c8:9c:17:a2:32:9a:8a:9c:26:c6:11:00:e8:9d:ac:66:
69:a0:60:e4:35:e2:d2:8b:29:ca:2f:46:f9:fb:95:73:fb:44:
b3:d6:9a:26:ef:1b:b4:e1:8b:80:fa:46:4b:94:71:dd:5e:cb:
9b:dc:c4:3c:91:54:bb:11:e6:48:db:3f:96:0f:c5:d6:82:90:
e8:18:97:38:01:ba:56:28:be:84:5a:d0:3f:8c:d6:27:af:c5:
b7:72:5b:4a:9a:98:aa:08:41:c0:6b:f0:4f:1a:c7:fd:9e:16:
14:82:82:56:da:76:6f:10:b5:7b:9f:99:1c:d1:34:2f:43:e2:
25:71:82:60:83:6e:91:11:48:b0:0e:5d:6d:22:5c:5c:30:a1:
d5:d7:ad:cb:08:ff:d7:96:d1:c0:78:a2:f3:d2:d1:6e:19:6c:
b5:0e:1b:fc
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzDtsIJRykg7o2MGHX7ATGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBlNTc4YmJkZTliMTAxOGQ5ODRlMWU1ZTY3MWNlYjU4Y2I2ZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVqC5PAwqQnmNzrNd6S+VlKw3Wx7
O6JDx6M3GqypdxGpHUC61K78+3WHKzXUgIdI6bJD+I9TZFo+NpZNeExSklNBBdaT
GgJSdPQiJpvNSn7YWsl8Bpd+udj032UNUQBQBktnKWZYnsewUsaq0foR7Th1hqIs
hYdZZKO01UjJeqnjmeKfYOYUEf73doRlivjkh+SIBgzcriGpTkI7QoOuQ0BxDV/9
/UKStKhk2Tab9gyjf+S/YnPvz1WZwyHwew5MmDzOdQd2a0SenBQmlLt0HoMuhz3w
8NUQ/hSs554qmLozvAFnHcLin12yFJxmegbT/IEhOzBBrKXEB9s3rAjfwQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFAIOV4u96bEBjZhOHl5nHOtYy257MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQWc1WGk3M3BzUUdObUU0ZVhtY2M2MWpMYm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABbZwAwQA
BbZzAwQALQmoAwQCTfKYAwQAU4mZMAwDBABTiZ0DBABTiZ4DBABY0dsDBABY0eQD
BAJY0ewDBAFY0fYDBABY0f4DBABcNNkDBACy0uUDBACy0ugDBADCKS8wDQYJKoZI
hvcNAQELBQADggEBAK1WVN8RBUZNaKRmRTvYyqGSd5p6tM4HQqkyBE0DJ/+SDX7p
Jos+Vxr8GpUZsNpOn4PLtgrxaQRLR2600yfEYp/8CECnXt4YXJ15S8S5j0bNM9wD
kKOQY6+VOm3ayJwXojKaipwmxhEA6J2sZmmgYOQ14tKLKcovRvn7lXP7RLPWmibv
G7Thi4D6RkuUcd1ey5vcxDyRVLsR5kjbP5YPxdaCkOgYlzgBulYovoRa0D+M1iev
xbdyW0qamKoIQcBr8E8ax/2eFhSCglbadm8QtXufmRzRNC9D4iVxgmCDbpERSLAO
XW0iXFwwodXXrcsI/9eW0cB4ovPS0W4ZbLUOG/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org