Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HGwaHxRoInjN9Yl6tLKOhLBDwOs.roa
File: HGwaHxRoInjN9Yl6tLKOhLBDwOs.roa (raw, json)
Hash identifier: de1Xxr4O1jS8zMFHxnwTfdH/WMBbs0Lycobf81EQhuY=
Subject key identifier: 1C:6C:1A:1F:14:68:22:78:CD:F5:89:7A:B4:B2:8E:84:B0:43:C0:EB
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189D5603053666D63E94F20450250FFB82D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HGwaHxRoInjN9Yl6tLKOhLBDwOs.roa
Signing time: Tue 08 Aug 2023 13:39:58 +0000
ROA not before: Tue 08 Aug 2023 13:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d5:60:30:53:66:6d:63:e9:4f:20:45:02:50:ff:b8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 8 13:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c6c1a1f14682278cdf5897ab4b28e84b043c0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f4:66:d7:d2:26:2b:bf:3f:15:c4:de:f4:e3:
ee:e5:39:eb:ad:23:6c:e3:40:02:b7:f5:57:77:15:
a9:ed:df:38:1d:40:b9:bb:26:15:18:7b:b6:92:7b:
ad:14:af:d3:e9:50:1a:03:7d:e6:b2:8d:69:ff:e2:
a8:1d:f5:65:11:f4:d0:97:3e:ea:44:09:9c:0b:bb:
e4:a6:b2:9a:ec:c8:3b:93:20:f6:73:82:20:cd:a2:
e4:6b:de:e3:6e:e2:ba:75:46:49:ee:3e:47:d2:e2:
1e:4b:f5:7d:57:47:15:62:e2:2c:c1:e4:be:cc:82:
ef:62:bf:47:63:5f:a0:68:3a:af:04:2a:4f:7e:91:
85:1a:ee:7c:31:7a:71:24:cb:99:a3:87:d7:4a:0f:
15:15:1a:1e:95:7e:2d:5b:a0:de:fa:bf:d6:d2:c2:
8a:dc:e5:d5:a4:6a:05:0d:b1:da:d8:84:42:4c:b2:
20:31:05:ab:e8:bf:18:ac:38:3b:bb:e4:b9:7b:27:
43:1d:73:b1:90:de:24:07:f0:05:8b:de:f7:6e:42:
15:e0:91:28:6d:33:3b:22:a2:b1:f1:a4:5e:4d:53:
36:13:43:eb:ef:34:d3:e6:89:09:91:6d:13:f5:71:
08:ff:ba:76:dd:98:6f:33:a5:0f:ed:a8:52:63:5c:
b1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6C:1A:1F:14:68:22:78:CD:F5:89:7A:B4:B2:8E:84:B0:43:C0:EB
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/HGwaHxRoInjN9Yl6tLKOhLBDwOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
16:fb:b0:95:2a:28:69:af:ea:eb:78:05:e5:e3:61:99:78:f7:
ae:e5:76:24:f9:56:4f:8f:8e:59:0c:8c:e1:cc:a3:7c:d3:a0:
ee:a5:5a:6c:09:74:92:1d:f7:1e:99:59:a5:44:7d:85:8c:42:
59:e9:0a:96:7e:57:d1:b5:ce:4b:0f:34:c3:ba:18:52:28:96:
48:80:bf:10:84:c3:d4:fd:c2:dd:86:3f:45:0d:30:4b:9d:c1:
e9:66:93:53:46:03:4c:6c:99:81:f0:13:86:3a:cd:31:64:25:
0f:a3:ff:b1:c1:ca:cc:a1:79:1a:9b:fc:35:9b:1d:63:73:cf:
e0:4d:08:78:27:0a:32:2b:47:0a:8a:46:64:8d:a5:cf:2b:dc:
0a:29:b9:22:a1:4b:b8:5e:bf:a4:18:d3:57:b8:9d:b7:8f:7a:
3b:cf:84:6d:95:a3:8f:e7:ee:8b:4a:bd:8e:d2:32:a4:c8:b9:
d6:80:ca:9f:bd:6e:0b:51:5d:69:09:10:76:9e:2a:5c:f7:29:
a2:b5:98:9e:59:b3:bd:fb:a9:a1:65:bb:02:c3:70:60:e4:a7:
09:79:fd:a7:4a:e1:f2:29:b6:f2:29:b9:d0:ff:f9:c7:57:7b:
69:68:53:d9:54:f5:97:aa:1f:23:78:5d:29:8d:47:ed:0e:e3:
f0:d5:38:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYnVYDBTZm1j6U8gRQJQ/7gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODA4MTMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZjMWExZjE0NjgyMjc4Y2RmNTg5N2FiNGIyOGU4NGIwNDNjMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPRm19ImK78/FcTe9OPu5TnrrSNs
40ACt/VXdxWp7d84HUC5uyYVGHu2knutFK/T6VAaA33mso1p/+KoHfVlEfTQlz7q
RAmcC7vkprKa7Mg7kyD2c4IgzaLka97jbuK6dUZJ7j5H0uIeS/V9V0cVYuIsweS+
zILvYr9HY1+gaDqvBCpPfpGFGu58MXpxJMuZo4fXSg8VFRoelX4tW6De+r/W0sKK
3OXVpGoFDbHa2IRCTLIgMQWr6L8YrDg7u+S5eydDHXOxkN4kB/AFi973bkIV4JEo
bTM7IqKx8aReTVM2E0Pr7zTT5okJkW0T9XEI/7p23ZhvM6UP7ahSY1yx8wIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFBxsGh8UaCJ4zfWJerSyjoSwQ8DrMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSEd3YUh4Um9JbmpOOVlsNnRMS09oTEJEd09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmQMEAFOJnQMEAFjR2wMEAFjR5AMEAljR7AME
AVjR9gMEAFjR/jAMAwQAXDTZAwQAXDTaAwQAstLlAwQCstLoAwQAstLtAwQAwikv
MA0GCSqGSIb3DQEBCwUAA4IBAQAW+7CVKihpr+rreAXl42GZePeu5XYk+VZPj45Z
DIzhzKN806DupVpsCXSSHfcemVmlRH2FjEJZ6QqWflfRtc5LDzTDuhhSKJZIgL8Q
hMPU/cLdhj9FDTBLncHpZpNTRgNMbJmB8BOGOs0xZCUPo/+xwcrMoXkam/w1mx1j
c8/gTQh4JwoyK0cKikZkjaXPK9wKKbkioUu4Xr+kGNNXuJ23j3o7z4RtlaOP5+6L
Sr2O0jKkyLnWgMqfvW4LUV1pCRB2nipc9ymitZieWbO9+6mhZbsCw3Bg5KcJef2n
SuHyKbbyKbnQ//nHV3tpaFPZVPWXqh8jeF0pjUftDuPw1TgR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org