Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GZfT0oMd29bOHydDzptGyFqVrdY.roa
File: GZfT0oMd29bOHydDzptGyFqVrdY.roa (raw, json)
Hash identifier: GmnfnYhTiwI0Vfa8BA2IGCJhf6ygoPvxlJ5v8cYFe8U=
Subject key identifier: 19:97:D3:D2:83:1D:DB:D6:CE:1F:27:43:CE:9B:46:C8:5A:95:AD:D6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188B9A517B3AEBBA108538E531850CA2EDF
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GZfT0oMd29bOHydDzptGyFqVrdY.roa
Signing time: Wed 14 Jun 2023 11:23:04 +0000
ROA not before: Wed 14 Jun 2023 11:23:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:a5:17:b3:ae:bb:a1:08:53:8e:53:18:50:ca:2e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 14 11:23:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1997d3d2831ddbd6ce1f2743ce9b46c85a95add6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cd:45:12:c9:88:ba:48:d6:12:fa:16:1b:e2:
89:38:76:25:71:9f:43:fd:5c:a2:48:f0:58:6e:ab:
23:59:74:60:16:c3:af:66:e0:aa:b2:b5:27:aa:6f:
15:51:18:b9:f0:d3:06:3a:00:c5:5e:d6:27:33:b4:
a9:33:a6:1b:6e:ea:35:ed:45:37:5a:33:a5:75:75:
84:c4:c5:88:5f:eb:0a:43:fa:af:a4:d8:56:bf:e0:
54:00:6d:cd:58:64:9f:29:d7:de:97:42:fb:74:dc:
0e:37:fc:d2:01:ea:df:56:9f:98:05:d9:62:db:df:
4f:9e:86:a2:02:d8:f1:78:d6:28:8c:5b:ac:dd:40:
9a:20:f3:28:47:99:90:d5:57:c8:4f:f1:32:89:10:
df:37:16:82:81:8e:19:38:80:37:c9:b2:33:93:b6:
8a:45:e9:b5:13:77:6f:ee:17:5c:72:1b:74:66:75:
68:79:97:f8:c8:85:b6:d2:99:7c:dd:7a:77:d8:22:
66:61:48:e9:ef:ad:0b:0d:88:15:3c:63:86:5c:c7:
a6:34:b8:b7:d4:a3:96:96:98:53:c0:8b:7a:92:8f:
90:b2:a3:3d:4a:14:27:40:8a:32:4a:18:20:6c:6c:
2a:af:4f:f0:e0:27:87:4b:35:a6:47:c0:46:ee:dc:
63:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:97:D3:D2:83:1D:DB:D6:CE:1F:27:43:CE:9B:46:C8:5A:95:AD:D6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/GZfT0oMd29bOHydDzptGyFqVrdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/22
88.151.62.0/24
88.209.206.0/24
88.209.217.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:92:98:19:8a:be:dc:10:c7:4e:eb:2c:51:f9:f8:29:31:a6:
ec:85:9c:98:d2:3e:82:12:e4:b3:97:6b:58:84:40:9f:93:9d:
7a:a8:be:ea:a4:95:e5:89:6c:8e:2b:84:8e:31:1e:03:30:ba:
5f:f9:67:c0:50:e5:16:65:62:c1:d9:f0:20:c9:6d:0c:3b:48:
8f:26:51:ff:f9:4b:78:16:cb:22:6b:b0:19:9a:3f:e7:5a:2a:
ff:bf:e3:41:0c:c6:23:68:40:cb:fd:ec:09:08:a6:ed:b9:56:
65:a8:53:51:a5:ad:b2:1f:0d:17:98:d1:de:e3:78:4c:49:cd:
4b:f0:c0:84:23:ba:51:fb:4f:95:f7:57:13:d7:9f:5e:a7:36:
12:b5:ca:5c:1e:a3:e8:de:58:40:d6:d8:39:18:4a:e2:5f:a4:
c4:c2:bf:c0:9c:7e:99:d9:eb:ed:8c:b1:b9:7d:d2:4f:91:07:
d3:d4:0b:68:34:b8:c7:63:81:19:ea:2e:c9:c1:71:94:91:5f:
f7:71:1e:f6:91:d2:3f:4e:f7:47:50:dd:d6:d5:b1:36:51:31:
0a:3e:34:e5:37:3e:f2:13:f5:e1:fe:4a:9b:ec:35:f6:f0:c3:
f2:b1:96:94:44:1b:88:31:52:e1:a5:88:a0:57:4c:71:82:de:
72:0c:17:6b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYi5pRezrruhCFOOUxhQyi7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE0MTEyMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk3ZDNkMjgzMWRkYmQ2Y2UxZjI3NDNjZTliNDZjODVhOTVhZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys1FEsmIukjWEvoWG+KJOHYlcZ9D
/VyiSPBYbqsjWXRgFsOvZuCqsrUnqm8VURi58NMGOgDFXtYnM7SpM6Ybbuo17UU3
WjOldXWExMWIX+sKQ/qvpNhWv+BUAG3NWGSfKdfel0L7dNwON/zSAerfVp+YBdli
299PnoaiAtjxeNYojFus3UCaIPMoR5mQ1VfIT/EyiRDfNxaCgY4ZOIA3ybIzk7aK
Rem1E3dv7hdccht0ZnVoeZf4yIW20pl83Xp32CJmYUjp760LDYgVPGOGXMemNLi3
1KOWlphTwIt6ko+QsqM9ShQnQIoyShggbGwqr0/w4CeHSzWmR8BG7txjpQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBmX09KDHdvWzh8nQ86bRshala3WMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvR1pmVDBvTWQyOWJPSHlkRHpwdEd5RnFWcmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAlOJnAME
AFiXPgMEAFjRzgMEAFjR2QMEAFjR2wMEAFjR5AMEAljR7AMEAVjR9jAMAwQAWNH9
AwQAWNH+MAwDBABcNNkDBABcNNoDBAKy0ugDBACy0u0DBADCKS8wDQYJKoZIhvcN
AQELBQADggEBAF6SmBmKvtwQx07rLFH5+CkxpuyFnJjSPoIS5LOXa1iEQJ+TnXqo
vuqkleWJbI4rhI4xHgMwul/5Z8BQ5RZlYsHZ8CDJbQw7SI8mUf/5S3gWyyJrsBma
P+daKv+/40EMxiNoQMv97AkIpu25VmWoU1GlrbIfDReY0d7jeExJzUvwwIQjulH7
T5X3VxPXn16nNhK1ylweo+jeWEDW2DkYSuJfpMTCv8CcfpnZ6+2Msbl90k+RB9PU
C2g0uMdjgRnqLsnBcZSRX/dxHvaR0j9O90dQ3dbVsTZRMQo+NOU3PvIT9eH+Spvs
Nfbww/KxlpREG4gxUuGliKBXTHGC3nIMF2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org