Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DBHSVEBWr-Xjh7F5JFZqQAxDkjQ.roa
File: DBHSVEBWr-Xjh7F5JFZqQAxDkjQ.roa (raw, json)
Hash identifier: 5GWVsmkEYPfCyAYLme0VawKzhegcaGDsRX2IknZPDpU=
Subject key identifier: 0C:11:D2:54:40:56:AF:E5:E3:87:B1:79:24:56:6A:40:0C:43:92:34
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DCA848AB0A959FCC3698054FD652A34A0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DBHSVEBWr-Xjh7F5JFZqQAxDkjQ.roa
Signing time: Wed 21 Feb 2024 07:15:00 +0000
ROA not before: Wed 21 Feb 2024 07:15:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.137.152.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
178.210.226.0/24 maxlen: 24
178.210.227.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
178.210.231.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
178.210.252.0/24 maxlen: 24
178.210.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:84:8a:b0:a9:59:fc:c3:69:80:54:fd:65:2a:34:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 21 07:15:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c11d2544056afe5e387b17924566a400c439234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:6a:c2:d4:82:b0:e2:c7:7c:94:7c:ed:00:
d5:68:a5:0d:fd:f0:54:b6:e9:66:85:cc:33:af:56:
14:7f:ab:d6:38:47:21:5e:a3:41:bc:fb:12:b4:08:
27:53:a7:e6:dc:c5:63:f5:26:4a:99:f6:3c:5a:d2:
a9:c2:81:da:71:8c:d6:cf:9d:0f:f3:54:7d:07:e1:
e8:38:36:86:8c:1e:97:fb:b9:b1:4f:e6:36:c8:23:
fc:34:ca:c6:f2:1e:84:3c:9b:ec:33:d6:6a:03:12:
74:82:56:d8:d9:30:76:84:29:4b:40:db:07:1e:b4:
e7:48:69:c8:39:7a:ad:30:ed:2e:41:30:8e:b5:c8:
0b:d0:7b:e3:0a:43:c9:36:94:0d:b6:65:0a:72:69:
8e:cf:3b:7d:88:90:a1:75:2c:0c:0f:65:0b:90:95:
79:de:64:a9:1e:78:07:7c:e4:a7:5e:77:0d:ca:c3:
07:8a:2a:0a:1d:13:ef:7e:0c:ad:a9:cb:86:58:a9:
c7:d4:43:41:46:86:a1:37:46:4b:60:cf:1a:84:a8:
f4:5d:20:0b:15:6a:c8:16:9d:07:3a:81:9e:7f:d1:
d0:ce:2c:f7:3f:a3:ff:5f:72:48:32:f3:c7:8e:10:
7b:11:f3:80:d6:9b:e4:56:79:d2:e9:c1:8a:b7:17:
21:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:11:D2:54:40:56:AF:E5:E3:87:B1:79:24:56:6A:40:0C:43:92:34
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DBHSVEBWr-Xjh7F5JFZqQAxDkjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
178.210.226.0-178.210.228.255
178.210.230.0/23
178.210.236.0/24
178.210.252.0/23
Signature Algorithm: sha256WithRSAEncryption
75:d8:c3:a0:c3:e9:94:6a:fb:74:8e:99:dd:46:3a:33:a8:1a:
c1:a4:22:9a:2c:e3:28:aa:45:aa:0e:38:a5:d7:55:4b:6f:81:
70:5e:a8:2f:a8:71:a4:ba:2a:df:d6:f8:07:c7:2c:05:5d:11:
2d:a5:ee:8e:ad:31:7c:c2:11:61:8c:af:21:61:65:71:ce:82:
53:dd:6e:65:50:60:40:5d:ce:0c:8e:21:8e:98:c9:39:48:f4:
f5:22:2e:c3:ab:27:42:cb:0e:ed:cc:50:4a:12:52:e3:1f:84:
e9:54:90:7e:2b:da:0d:3b:e6:fe:dd:22:b4:03:a0:36:04:97:
73:bd:de:7f:83:ca:fc:0b:a2:29:23:a3:ce:56:00:b0:a4:a7:
a0:7c:5b:c9:84:cc:d4:5b:ab:2a:40:6f:81:0f:f7:20:b6:72:
52:d9:81:01:4c:3d:e6:da:e1:d6:9a:50:f8:a0:22:34:58:20:
eb:4f:d0:aa:95:36:a3:f3:1f:36:b6:07:5c:69:43:ed:b5:50:
f0:7a:de:cf:65:7e:4d:71:25:1d:27:3f:d5:12:e8:2a:86:44:
79:9a:62:bc:26:23:51:12:9c:9e:84:7a:0b:b2:10:6c:2a:5f:
4a:49:b9:08:fc:ac:b6:fd:32:1b:72:76:d4:c1:4f:9b:de:83:
66:e1:64:6d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY3KhIqwqVn8w2mAVP1lKjSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjIxMDcxNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzExZDI1NDQwNTZhZmU1ZTM4N2IxNzkyNDU2NmE0MDBjNDM5MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm9qwtSCsOLHfJR87QDVaKUN/fBU
tulmhcwzr1YUf6vWOEchXqNBvPsStAgnU6fm3MVj9SZKmfY8WtKpwoHacYzWz50P
81R9B+HoODaGjB6X+7mxT+Y2yCP8NMrG8h6EPJvsM9ZqAxJ0glbY2TB2hClLQNsH
HrTnSGnIOXqtMO0uQTCOtcgL0HvjCkPJNpQNtmUKcmmOzzt9iJChdSwMD2ULkJV5
3mSpHngHfOSnXncNysMHiioKHRPvfgytqcuGWKnH1ENBRoahN0ZLYM8ahKj0XSAL
FWrIFp0HOoGef9HQziz3P6P/X3JIMvPHjhB7EfOA1pvkVnnS6cGKtxchBQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAwR0lRAVq/l44exeSRWakAMQ5I0MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvREJIU1ZFQldyLVhqaDdGNUpGWnFRQXhEa2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAU4mYAwQB
WJc4AwQAWNHTAwQCWNHoMAwDBAGy0uIDBACy0uQDBAGy0uYDBACy0uwDBAGy0vww
DQYJKoZIhvcNAQELBQADggEBAHXYw6DD6ZRq+3SOmd1GOjOoGsGkIpos4yiqRaoO
OKXXVUtvgXBeqC+ocaS6Kt/W+AfHLAVdES2l7o6tMXzCEWGMryFhZXHOglPdbmVQ
YEBdzgyOIY6YyTlI9PUiLsOrJ0LLDu3MUEoSUuMfhOlUkH4r2g075v7dIrQDoDYE
l3O93n+DyvwLoikjo85WALCkp6B8W8mEzNRbqypAb4EP9yC2clLZgQFMPeba4daa
UPigIjRYIOtP0KqVNqPzHza2B1xpQ+21UPB63s9lfk1xJR0nP9US6CqGRHmaYrwm
I1ESnJ6EeguyEGwqX0pJuQj8rLb9MhtydtTBT5veg2bhZG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org