Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CO_E6K_nOyuVnVXAaRZXdvzY1xE.roa
File: CO_E6K_nOyuVnVXAaRZXdvzY1xE.roa (raw, json)
Hash identifier: tX4BQirHbUqMKJVhKuQ0cORFGBrQTx2/ed+0fBx6H5A=
Subject key identifier: 08:EF:C4:E8:AF:E7:3B:2B:95:9D:55:C0:69:16:57:76:FC:D8:D7:11
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A277BD2630DD5C8CF0E92668007D41694
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CO_E6K_nOyuVnVXAaRZXdvzY1xE.roa
Signing time: Thu 24 Aug 2023 12:19:00 +0000
ROA not before: Thu 24 Aug 2023 12:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 83.137.158.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:7b:d2:63:0d:d5:c8:cf:0e:92:66:80:07:d4:16:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 24 12:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08efc4e8afe73b2b959d55c069165776fcd8d711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3e:ec:8a:45:8d:3c:72:98:07:79:e2:91:b1:
6d:d0:e8:8a:57:b1:f4:ad:71:6a:9b:3a:0c:27:52:
a1:b8:fa:5d:6e:cd:46:a2:9b:aa:d2:77:81:d5:0d:
71:90:4d:3c:88:d4:46:e1:77:f6:b5:ac:e2:2c:ee:
75:ac:0b:82:23:20:c8:18:da:d2:f9:2e:a7:ee:26:
24:6f:78:42:e8:aa:75:a1:45:e7:e6:82:7a:cb:9d:
af:90:7c:0c:96:ed:bb:52:eb:1d:fc:6c:93:5e:f9:
ca:01:d0:58:00:b6:7e:e9:d6:d8:ea:89:0f:2d:62:
de:5d:ca:be:54:81:32:2f:0a:46:8e:a9:db:b0:47:
02:0d:2b:fa:89:6e:89:cb:b5:7d:e3:d3:69:66:29:
f1:56:8e:33:4c:7b:59:e9:be:87:fe:19:05:42:d1:
d6:90:11:8d:30:2e:29:94:67:26:99:28:71:7a:3b:
0c:63:a7:c2:ab:db:37:90:f6:4a:c0:14:79:07:25:
b0:3e:dd:82:2b:0d:d4:78:8f:ad:3e:42:cb:cc:56:
a7:4f:a2:52:1a:6a:c1:f2:3c:11:e5:55:b6:f3:97:
ef:c2:bd:8b:03:ef:af:bd:fb:3e:09:06:4c:85:c4:
a5:cd:fe:fd:fe:5d:36:32:d3:c7:65:48:71:d1:49:
08:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:C4:E8:AF:E7:3B:2B:95:9D:55:C0:69:16:57:76:FC:D8:D7:11
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CO_E6K_nOyuVnVXAaRZXdvzY1xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
40:1f:fc:bf:79:e8:74:97:d1:89:fb:ca:0e:13:1f:04:19:62:
b5:6c:12:1a:c8:a3:24:c4:f8:17:6d:63:08:c8:51:6c:3e:03:
41:e1:3b:70:30:74:3b:21:76:91:e5:1e:fc:68:df:7e:b8:10:
e8:e0:85:31:0f:b7:d5:a2:c0:e2:85:2a:d2:56:ea:82:4a:b0:
b0:d0:86:7b:e1:f2:3c:3e:e8:b8:5b:03:d3:bd:23:aa:b9:7e:
b0:ea:d9:78:e7:fd:9d:d5:ce:fb:c6:e1:fd:1f:2e:12:ac:d7:
bf:32:5f:3a:c9:56:3b:0f:1c:2b:17:c3:d2:24:72:36:24:40:
18:a7:d8:9d:ee:7a:34:c2:cd:7f:ff:9a:b5:93:2e:e1:4b:3e:
53:d4:f7:0b:20:11:5e:98:48:75:69:45:fc:0f:12:f6:20:6b:
dc:e7:13:b8:22:36:3e:56:44:09:f7:0a:03:68:1e:4d:b9:07:
54:4c:56:64:ac:0f:af:4d:e7:c7:a3:39:1a:4b:1b:39:f4:c7:
2a:c3:e4:64:6d:60:6d:9c:a3:5f:b0:19:e5:2c:f3:42:c2:16:
d1:f5:a7:99:37:b7:d5:a4:7b:b4:2f:9d:01:77:49:23:f9:de:
d8:87:5e:b3:77:55:03:63:e2:22:98:42:10:fd:e2:e4:04:fe:
ba:f7:42:05
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYone9JjDdXIzw6SZoAH1BaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODI0MTIxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmYzRlOGFmZTczYjJiOTU5ZDU1YzA2OTE2NTc3NmZjZDhkNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT7sikWNPHKYB3nikbFt0OiKV7H0
rXFqmzoMJ1KhuPpdbs1Gopuq0neB1Q1xkE08iNRG4Xf2taziLO51rAuCIyDIGNrS
+S6n7iYkb3hC6Kp1oUXn5oJ6y52vkHwMlu27Uusd/GyTXvnKAdBYALZ+6dbY6okP
LWLeXcq+VIEyLwpGjqnbsEcCDSv6iW6Jy7V949NpZinxVo4zTHtZ6b6H/hkFQtHW
kBGNMC4plGcmmShxejsMY6fCq9s3kPZKwBR5ByWwPt2CKw3UeI+tPkLLzFanT6JS
GmrB8jwR5VW285fvwr2LA++vvfs+CQZMhcSlzf79/l02MtPHZUhx0UkIsQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFAjvxOiv5zsrlZ1VwGkWV3b82NcRMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQ09fRTZLX25PeXVWblZYQWFSWlhkdnpZMXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAAt
CakDBAItCagDBAAtDggDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwME
AFOJngMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wME
AbLS4AMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOC
AQEAQB/8v3nodJfRifvKDhMfBBlitWwSGsijJMT4F21jCMhRbD4DQeE7cDB0OyF2
keUe/GjffrgQ6OCFMQ+31aLA4oUq0lbqgkqwsNCGe+HyPD7ouFsD070jqrl+sOrZ
eOf9ndXO+8bh/R8uEqzXvzJfOslWOw8cKxfD0iRyNiRAGKfYne56NMLNf/+atZMu
4Us+U9T3CyARXphIdWlF/A8S9iBr3OcTuCI2PlZECfcKA2geTbkHVExWZKwPr03n
x6M5GksbOfTHKsPkZG1gbZyjX7AZ5SzzQsIW0fWnmTe31aR7tC+dAXdJI/ne2Ide
s3dVA2PiIphCEP3i5AT+uvdCBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org