Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EnHJRRyMICfLjVkdRG49wmDyH2s.roa
File: EnHJRRyMICfLjVkdRG49wmDyH2s.roa (raw, json)
Hash identifier: xnvY1xsm5XIdVHQRZhQ3TrBiw/7j2mZdstCwNH5wloA=
Subject key identifier: 12:71:C9:45:1C:8C:20:27:CB:8D:59:1D:44:6E:3D:C2:60:F2:1F:6B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189543A901784362D94F1F82BE82A33B0C3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EnHJRRyMICfLjVkdRG49wmDyH2s.roa
Signing time: Fri 14 Jul 2023 11:47:51 +0000
ROA not before: Fri 14 Jul 2023 11:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:3a:90:17:84:36:2d:94:f1:f8:2b:e8:2a:33:b0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 14 11:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1271c9451c8c2027cb8d591d446e3dc260f21f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cf:25:86:bf:ed:28:64:4c:dd:10:53:77:60:
71:c6:d3:98:b7:09:1f:2e:44:b8:1a:38:a2:eb:9f:
a9:a2:78:80:ab:37:dd:20:fc:d8:d1:96:4f:37:84:
e8:8f:21:3a:17:df:a9:33:77:3b:29:7d:a4:e7:ed:
b2:77:ca:15:62:6a:c9:30:3b:9e:8f:5d:0e:4a:50:
fb:69:a3:03:2c:23:9d:d8:4a:5e:d7:cb:29:36:f8:
1b:28:aa:58:8d:08:cc:4e:12:fa:42:49:90:62:8b:
bd:8c:76:fe:79:f6:2a:7b:2a:23:b4:7b:6b:9a:9a:
5a:0a:f8:a6:a2:81:8d:65:e2:79:cf:fe:c2:58:7f:
ee:d3:1e:21:63:f0:67:52:56:b0:b9:b3:aa:e9:4b:
bd:78:cd:56:b7:12:52:7c:ae:2e:2a:62:05:48:81:
5e:d3:bb:40:80:c2:53:5b:40:1f:39:c8:6b:a7:e9:
3e:19:a4:72:ca:6b:5a:2e:c5:ed:50:a0:3f:7d:df:
06:ce:ae:39:2c:13:64:f8:91:a0:5e:d4:fd:79:96:
7b:1d:52:4c:46:49:9a:c1:54:d7:c0:ee:f2:9f:d6:
64:01:ce:e5:59:ca:00:35:3d:d6:2b:c4:f4:7c:a1:
bc:bb:80:bc:e1:a4:99:4e:1d:17:8b:60:8d:93:cc:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:71:C9:45:1C:8C:20:27:CB:8D:59:1D:44:6E:3D:C2:60:F2:1F:6B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EnHJRRyMICfLjVkdRG49wmDyH2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.56.0-88.151.58.255
88.209.195.0/24
88.209.211.0/24
88.209.221.0/24
88.209.230.0/24
88.209.255.0/24
178.210.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:56:ba:9d:4d:7e:55:92:ce:dc:10:6a:73:61:06:2c:46:bc:
79:4e:a5:2e:b8:11:30:01:3a:15:27:ad:f6:b0:0d:b2:fc:70:
80:c3:8d:77:8d:7b:f4:ba:69:5b:d0:25:aa:c0:59:ea:6d:09:
54:4e:72:0c:10:2a:04:c2:4b:b6:4e:7e:70:95:b2:43:2d:93:
1e:7c:a7:5d:51:ce:b4:1e:2c:0a:2b:b9:e7:35:3a:1b:83:d4:
fc:25:50:9f:80:88:21:88:1b:78:dc:e5:f1:24:2e:92:7e:c1:
1d:bf:2f:22:8b:db:f8:dc:72:da:44:b1:f7:0c:92:6f:ef:5f:
33:ef:99:ba:bb:c8:e4:72:26:42:28:f0:e0:7b:ba:12:c2:59:
30:12:d1:32:e1:d7:19:d2:00:0e:44:25:98:b4:28:66:55:1b:
c7:99:81:62:c5:41:5b:d9:e3:35:2a:04:6a:a8:67:37:ee:5d:
4c:cb:1c:8b:d3:ab:19:e3:b5:39:60:c8:2c:55:e9:cf:b9:ac:
7e:6c:73:a2:22:73:15:99:b2:3d:07:51:1d:7e:6e:35:bf:e1:
f6:59:92:ba:e5:21:57:5f:27:16:07:9d:9b:63:eb:ed:a3:5c:
b6:ba:dc:c1:22:eb:b1:8c:84:c3:d0:00:b7:f4:36:a2:92:db:
60:55:86:28
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYlUOpAXhDYtlPH4K+gqM7DDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzE0MTE0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjcxYzk0NTFjOGMyMDI3Y2I4ZDU5MWQ0NDZlM2RjMjYwZjIxZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh88lhr/tKGRM3RBTd2BxxtOYtwkf
LkS4Gjii65+poniAqzfdIPzY0ZZPN4TojyE6F9+pM3c7KX2k5+2yd8oVYmrJMDue
j10OSlD7aaMDLCOd2Epe18spNvgbKKpYjQjMThL6QkmQYou9jHb+efYqeyojtHtr
mppaCvimooGNZeJ5z/7CWH/u0x4hY/BnUlawubOq6Uu9eM1WtxJSfK4uKmIFSIFe
07tAgMJTW0AfOchrp+k+GaRyymtaLsXtUKA/fd8Gzq45LBNk+JGgXtT9eZZ7HVJM
RkmawVTXwO7yn9ZkAc7lWcoANT3WK8T0fKG8u4C84aSZTh0Xi2CNk8xPIwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBJxyUUcjCAny41ZHURuPcJg8h9rMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRW5ISlJSeU1JQ2ZMalZrZFJHNDl3bUR5SDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABbZxMAwD
BANYlzgDBABYlzoDBABY0cMDBABY0dMDBABY0d0DBABY0eYDBABY0f8DBACy0uYw
DQYJKoZIhvcNAQELBQADggEBALJWup1NflWSztwQanNhBixGvHlOpS64ETABOhUn
rfawDbL8cIDDjXeNe/S6aVvQJarAWeptCVROcgwQKgTCS7ZOfnCVskMtkx58p11R
zrQeLAoruec1OhuD1PwlUJ+AiCGIG3jc5fEkLpJ+wR2/LyKL2/jcctpEsfcMkm/v
XzPvmbq7yORyJkIo8OB7uhLCWTAS0TLh1xnSAA5EJZi0KGZVG8eZgWLFQVvZ4zUq
BGqoZzfuXUzLHIvTqxnjtTlgyCxV6c+5rH5sc6IicxWZsj0HUR1+bjW/4fZZkrrl
IVdfJxYHnZtj6+2jXLa63MEi67GMhMPQALf0NqKS22BVhig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org