Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CcCYpzoMpwj_rAmSnprgarpj_gs.roa
File: CcCYpzoMpwj_rAmSnprgarpj_gs.roa (raw, json)
Hash identifier: 3/v4Em74j2e27/mv9yrefL6e5xctYh3jBOLENkL5LDU=
Subject key identifier: 09:C0:98:A7:3A:0C:A7:08:FF:AC:09:92:9E:9A:E0:6A:BA:63:FE:0B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186A28F60BE6B4384F8FE9176A547BB8C68
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CcCYpzoMpwj_rAmSnprgarpj_gs.roa
Signing time: Thu 02 Mar 2023 13:42:30 +0000
ROA not before: Thu 02 Mar 2023 13:42:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:8f:60:be:6b:43:84:f8:fe:91:76:a5:47:bb:8c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 2 13:42:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09c098a73a0ca708ffac09929e9ae06aba63fe0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6e:1c:c8:35:57:13:33:9e:be:ef:c2:3b:76:
93:b9:f7:d4:e6:d0:e6:9a:fa:e1:5d:9b:c5:d3:b9:
11:a4:59:d9:60:00:31:36:68:0c:e0:60:cd:ff:5c:
60:d6:d1:1f:ad:84:da:13:a4:08:08:e1:1e:9e:49:
6e:4d:ba:17:97:39:89:18:20:5e:6b:a6:27:1d:e1:
a4:51:72:c0:d4:fc:5a:ae:50:e5:b7:b8:fb:5c:4a:
12:7c:f6:a0:3a:ed:2c:96:d2:ad:8f:08:7b:8a:af:
83:54:ac:52:36:a2:12:d8:7d:a9:28:4f:e6:ef:4a:
72:a0:7e:3e:e7:65:4d:55:ac:12:fa:50:fb:c1:89:
fa:63:cc:48:f2:bf:0c:b7:e5:97:81:a9:ea:cb:6f:
ba:d6:05:9f:af:c8:9b:c1:96:73:f2:d3:44:9f:e8:
02:12:89:23:ec:e0:af:0c:4c:f5:71:b6:6f:f7:17:
7e:de:db:be:85:3c:06:84:56:70:45:f6:4b:30:26:
3b:fd:38:f8:57:11:5c:95:0a:80:40:41:f9:1c:86:
ad:84:cf:99:94:80:b9:de:fd:3f:d4:43:88:a3:f1:
5d:87:1b:b0:8a:c7:85:46:59:02:f5:20:4e:dd:fb:
e1:2f:a9:ca:e4:53:ed:23:1b:23:c7:64:86:6a:0b:
e5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C0:98:A7:3A:0C:A7:08:FF:AC:09:92:9E:9A:E0:6A:BA:63:FE:0B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CcCYpzoMpwj_rAmSnprgarpj_gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0-77.242.158.255
88.209.196.0/24
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b4:65:50:4a:ad:ff:0e:8c:ea:62:66:fb:a8:ae:bf:19:16:
8f:aa:bd:3e:41:08:7a:eb:b5:67:a0:b2:57:11:aa:10:ce:62:
13:54:41:fe:39:b0:28:8f:5c:6b:e4:52:05:d0:02:1a:e0:6d:
c7:af:3e:93:96:56:37:8d:8c:38:57:b4:22:f0:4f:a9:6b:1d:
f7:55:eb:de:53:49:5c:e8:a8:17:b8:74:5c:e4:5a:2b:d2:96:
a4:fb:c8:db:c6:bd:12:07:12:5c:65:86:48:c7:0a:1a:0e:b7:
88:e0:98:76:b7:28:e1:a3:6a:e1:56:76:99:ae:6a:1a:cb:2f:
2e:e7:95:c4:2b:10:47:b5:a4:9e:3f:4b:fb:76:d1:d3:8c:36:
e3:80:90:67:84:30:25:bc:ab:88:80:8d:e0:e9:1b:9d:59:00:
a0:5b:c6:10:92:50:69:b4:80:3b:4c:6a:df:10:59:89:90:55:
13:39:46:01:a4:1a:82:7e:65:ca:66:d4:d7:ea:32:26:90:ea:
7c:0f:1b:48:d5:3b:81:71:b6:8b:65:98:b1:9b:6b:22:10:44:
98:a7:25:e6:61:c7:b4:06:20:2e:8c:ea:76:f1:ae:58:f4:c2:
34:2c:e0:ee:7b:b1:96:f5:a9:95:ab:3a:a6:34:82:36:06:19:
f3:fd:9b:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYaij2C+a0OE+P6RdqVHu4xoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzAyMTM0MjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMwOThhNzNhMGNhNzA4ZmZhYzA5OTI5ZTlhZTA2YWJhNjNmZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG4cyDVXEzOevu/CO3aTuffU5tDm
mvrhXZvF07kRpFnZYAAxNmgM4GDN/1xg1tEfrYTaE6QICOEenkluTboXlzmJGCBe
a6YnHeGkUXLA1PxarlDlt7j7XEoSfPagOu0sltKtjwh7iq+DVKxSNqIS2H2pKE/m
70pyoH4+52VNVawS+lD7wYn6Y8xI8r8Mt+WXganqy2+61gWfr8ibwZZz8tNEn+gC
Eokj7OCvDEz1cbZv9xd+3tu+hTwGhFZwRfZLMCY7/Tj4VxFclQqAQEH5HIathM+Z
lIC53v0/1EOIo/FdhxuwiseFRlkC9SBO3fvhL6nK5FPtIxsjx2SGagvlwwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFAnAmKc6DKcI/6wJkp6a4Gq6Y/4LMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQ2NDWXB6b01wd2pfckFtU25wcmdhcnBqX2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylzAMAwQC
TfKcAwQATfKeAwQAWNHEAwQDXDTQAwQAXDTbAwQCstLgAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQBttGVQSq3/DozqYmb7qK6/GRaPqr0+QQh667VnoLJX
EaoQzmITVEH+ObAoj1xr5FIF0AIa4G3Hrz6TllY3jYw4V7Qi8E+pax33VeveU0lc
6KgXuHRc5For0pak+8jbxr0SBxJcZYZIxwoaDreI4Jh2tyjho2rhVnaZrmoayy8u
55XEKxBHtaSeP0v7dtHTjDbjgJBnhDAlvKuIgI3g6RudWQCgW8YQklBptIA7TGrf
EFmJkFUTOUYBpBqCfmXKZtTX6jImkOp8DxtI1TuBcbaLZZixm2siEESYpyXmYce0
BiAujOp28a5Y9MI0LODue7GW9amVqzqmNII2Bhnz/Ztw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org