Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DnVNOV3ycitPSmW9Z1mtkHGt3Rc.roa
File: DnVNOV3ycitPSmW9Z1mtkHGt3Rc.roa (raw, json)
Hash identifier: adqENYnN3zqqQcUoSGUkxCjO5csq/T3CQAALKOZsiow=
Subject key identifier: 0E:75:4D:39:5D:F2:72:2B:4F:4A:65:BD:67:59:AD:90:71:AD:DD:17
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018C69389A0CBB926436DFFDB2427BF13B9F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DnVNOV3ycitPSmW9Z1mtkHGt3Rc.roa
Signing time: Thu 14 Dec 2023 16:46:06 +0000
ROA not before: Thu 14 Dec 2023 16:46:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:38:9a:0c:bb:92:64:36:df:fd:b2:42:7b:f1:3b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 14 16:46:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e754d395df2722b4f4a65bd6759ad9071addd17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0a:9b:de:b5:00:a1:be:b8:86:8f:c5:91:ef:
ea:30:a9:2b:0d:71:78:2d:d6:95:12:ba:f5:9e:1d:
f4:68:f6:91:21:5e:c5:37:b7:eb:65:ab:f0:ae:1f:
4c:99:42:ca:1c:d6:5d:91:46:6c:f1:62:ae:22:7f:
96:a3:6c:d8:03:ba:47:e6:13:57:17:48:f7:d4:12:
de:33:5e:07:88:b7:1d:55:99:66:04:31:4d:98:dc:
dc:1f:87:5d:36:75:e7:ed:cb:5b:b7:2b:af:fb:03:
2f:9d:ca:d1:98:49:c5:aa:f2:bb:b7:23:ed:dc:69:
a3:22:fd:8a:ed:6f:db:1c:73:1c:dd:35:74:ef:e1:
94:3f:bb:be:2d:9e:f4:d4:c7:b1:af:d8:ca:16:02:
79:32:d1:5e:16:dc:d8:d2:6f:cb:fe:3e:3f:b0:02:
0b:6c:57:0f:bf:b9:65:47:ed:4e:2c:e8:a7:73:0b:
2e:d3:c0:72:b3:6b:0d:a2:d0:28:57:72:a8:da:40:
23:77:ee:7a:bc:f7:ff:3f:b6:f3:61:52:f7:8c:79:
b9:a7:56:71:7b:a9:d6:a1:0c:bb:cd:a2:27:66:a4:
5c:8a:68:64:56:61:cc:40:d4:bd:0a:64:6d:41:e6:
0f:4d:25:3d:98:d2:d4:ba:42:d5:ac:bb:58:42:d8:
fd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:75:4D:39:5D:F2:72:2B:4F:4A:65:BD:67:59:AD:90:71:AD:DD:17
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DnVNOV3ycitPSmW9Z1mtkHGt3Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0-83.137.158.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0/24
178.210.229.0/24
178.210.232.0/24
178.210.235.0/24
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:a1:f3:51:09:85:79:e0:9b:55:81:07:bf:d1:41:92:ff:6a:
9c:45:eb:48:85:40:6c:80:28:72:d9:3a:b2:c9:f5:d1:9a:47:
60:20:70:0d:6c:86:03:ff:9e:6a:51:c5:de:61:68:90:5e:32:
37:4c:e5:94:f3:31:3e:75:f5:e5:ad:e6:c4:50:9e:81:90:3d:
60:1c:57:d0:25:ee:e6:8a:b4:02:80:62:a7:35:d9:a7:c2:d8:
46:84:87:b7:65:54:fc:70:dd:f3:08:a5:46:d5:b7:84:fe:d5:
74:c9:20:e1:4b:ad:c0:e3:7f:bd:21:7a:a3:f9:43:fb:2a:e7:
d7:63:6c:fc:92:4a:73:ab:c8:a4:79:45:81:7a:1b:38:22:e8:
6f:f3:57:81:23:23:90:07:b2:8a:08:7a:a2:52:3b:ca:c0:df:
6f:b2:97:4e:a1:e5:9a:68:b1:66:d5:10:a3:91:97:a9:dc:29:
70:00:b6:26:48:0a:c8:1e:4a:cb:b0:b3:ab:2b:04:2f:93:6c:
52:c4:c6:86:03:9a:a2:26:a2:27:4f:54:d4:d7:ef:a2:da:bc:
df:39:f8:35:6c:3f:ce:7d:b6:e0:47:75:b6:66:8b:17:0b:70:
90:4f:63:b8:0c:1a:b0:ed:a7:0e:2d:e5:11:4d:d1:be:47:f9:
ed:20:90:f4
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYxpOJoMu5JkNt/9skJ78TufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMjE0MTY0NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc1NGQzOTVkZjI3MjJiNGY0YTY1YmQ2NzU5YWQ5MDcxYWRkZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugqb3rUAob64ho/Fke/qMKkrDXF4
LdaVErr1nh30aPaRIV7FN7frZavwrh9MmULKHNZdkUZs8WKuIn+Wo2zYA7pH5hNX
F0j31BLeM14HiLcdVZlmBDFNmNzcH4ddNnXn7ctbtyuv+wMvncrRmEnFqvK7tyPt
3GmjIv2K7W/bHHMc3TV07+GUP7u+LZ701Mexr9jKFgJ5MtFeFtzY0m/L/j4/sAIL
bFcPv7llR+1OLOincwsu08Bys2sNotAoV3Ko2kAjd+56vPf/P7bzYVL3jHm5p1Zx
e6nWoQy7zaInZqRcimhkVmHMQNS9CmRtQeYPTSU9mNLUukLVrLtYQtj9tQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFA51TTld8nIrT0plvWdZrZBxrd0XMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRG5WTk9WM3ljaXRQU21XOVoxbXRrSEd0M1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmTAMAwQAU4mdAwQAU4meAwQAWNHbAwQAWNHk
AwQCWNHsAwQBWNH2AwQAWNH+AwQAXDTZAwQAstLlAwQAstLoAwQAstLrAwQAstLt
AwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQAuofNRCYV54JtVgQe/0UGS/2qcRetI
hUBsgChy2TqyyfXRmkdgIHANbIYD/55qUcXeYWiQXjI3TOWU8zE+dfXlrebEUJ6B
kD1gHFfQJe7mirQCgGKnNdmnwthGhIe3ZVT8cN3zCKVG1beE/tV0ySDhS63A43+9
IXqj+UP7KufXY2z8kkpzq8ikeUWBehs4Iuhv81eBIyOQB7KKCHqiUjvKwN9vspdO
oeWaaLFm1RCjkZep3ClwALYmSArIHkrLsLOrKwQvk2xSxMaGA5qiJqInT1TU1++i
2rzfOfg1bD/OfbbgR3W2ZosXC3CQT2O4DBqw7acOLeURTdG+R/ntIJD0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org