Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Izt2fIDPUZCFOGyZkNa9-7Z9fTs.roa
File: Izt2fIDPUZCFOGyZkNa9-7Z9fTs.roa (raw, json)
Hash identifier: Ua+Px7VLYssCoqZTGk5V9oQiuaYJ8+8CFsjHOv5ak1o=
Subject key identifier: 23:3B:76:7C:80:CF:51:90:85:38:6C:99:90:D6:BD:FB:B6:7D:7D:3B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01850B026792408E6FE0F2DAE124A299791D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Izt2fIDPUZCFOGyZkNa9-7Z9fTs.roa
Signing time: Tue 13 Dec 2022 10:23:05 +0000
ROA not before: Tue 13 Dec 2022 10:23:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:02:67:92:40:8e:6f:e0:f2:da:e1:24:a2:99:79:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 13 10:23:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=233b767c80cf519085386c9990d6bdfbb67d7d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:61:91:ef:fa:90:91:f5:74:99:35:f7:4a:
a1:da:77:55:fb:21:5d:58:6b:9c:58:ce:30:68:04:
ca:53:7a:4b:ef:69:8a:db:87:e4:63:86:46:c2:36:
a8:f0:7d:52:f4:13:8c:75:e4:7a:51:e1:6b:26:57:
fa:45:f9:87:27:a6:e5:f8:2c:d5:70:fc:8f:ba:07:
1e:7b:f3:83:10:d8:47:aa:05:88:ef:3d:c1:a1:8a:
2a:38:ca:db:ac:75:0e:4a:b9:1e:85:eb:68:b2:bf:
b0:6d:04:64:16:50:da:29:74:72:bf:a0:4e:3a:b3:
34:d3:c1:43:e6:3e:77:2c:fd:94:a6:ea:96:ff:92:
b6:7d:f4:a2:c0:67:bd:dc:49:aa:e4:ff:64:48:fa:
1f:24:04:c8:fb:b6:67:f2:23:f2:e3:78:ca:e3:14:
a1:03:d0:97:5d:fb:ac:43:3e:c9:bb:d5:e5:d4:33:
a4:ac:e4:b9:cb:6a:46:2a:aa:f9:9d:de:8f:05:3e:
fa:9b:05:5e:6d:18:69:9a:eb:c3:a8:49:be:05:66:
85:6d:9a:b4:ee:8e:fe:e1:4f:c5:1f:03:be:ac:15:
70:5d:86:a1:5d:18:c6:63:09:f5:fd:e1:cf:ae:48:
50:d2:d7:e6:ea:d4:ef:e4:d1:29:a3:a3:eb:f9:2d:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3B:76:7C:80:CF:51:90:85:38:6C:99:90:D6:BD:FB:B6:7D:7D:3B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Izt2fIDPUZCFOGyZkNa9-7Z9fTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/22
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/24
178.210.234.0/23
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:12:43:bc:1d:5a:0d:f4:95:17:f5:e5:a5:02:c3:d9:1c:dd:
4f:43:02:ab:1b:ab:2e:27:58:28:4d:5e:f2:d6:e9:c5:19:7e:
8c:9e:5f:47:5b:a5:0a:35:0e:39:32:5b:f3:5c:8a:aa:98:bc:
d4:3b:10:e4:4e:78:2e:f0:96:b1:86:ae:5d:3b:e3:5b:80:af:
0e:5c:53:58:cd:54:23:7f:78:f0:15:49:fa:c6:74:a7:56:55:
69:8c:3c:a0:14:10:c6:f0:98:5a:8f:e6:a2:9c:f0:16:fb:fe:
68:bd:98:19:68:11:82:d9:da:81:d6:55:23:d8:73:94:7c:a9:
54:f3:52:cd:c0:b9:a5:30:94:fc:1c:f9:22:b6:d3:b2:09:fc:
4f:ac:1d:e7:0a:3b:25:b4:25:cd:99:7f:68:5f:68:cf:ee:cb:
46:b5:6b:f5:0a:a9:e3:e2:77:46:c2:7d:f2:30:8e:9a:49:e6:
e2:05:04:12:00:ff:e4:cb:c1:f0:2e:79:11:ef:e0:d4:55:5a:
36:ec:4f:a7:3e:38:de:e8:50:d7:da:f0:63:aa:21:dd:11:a1:
98:1d:18:f9:a4:38:9c:4e:e0:94:8b:19:dc:8b:e3:4c:1a:e8:
fe:a0:4d:80:66:e7:93:c7:5d:f3:7b:e1:01:5a:3b:21:1c:4e:
fa:34:71:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYULAmeSQI5v4PLa4SSimXkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjEzMTAyMzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNiNzY3YzgwY2Y1MTkwODUzODZjOTk5MGQ2YmRmYmI2N2Q3ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1Vhke/6kJH1dJk190qh2ndV+yFd
WGucWM4waATKU3pL72mK24fkY4ZGwjao8H1S9BOMdeR6UeFrJlf6RfmHJ6bl+CzV
cPyPugcee/ODENhHqgWI7z3BoYoqOMrbrHUOSrkehetosr+wbQRkFlDaKXRyv6BO
OrM008FD5j53LP2UpuqW/5K2ffSiwGe93Emq5P9kSPofJATI+7Zn8iPy43jK4xSh
A9CXXfusQz7Ju9Xl1DOkrOS5y2pGKqr5nd6PBT76mwVebRhpmuvDqEm+BWaFbZq0
7o7+4U/FHwO+rBVwXYahXRjGYwn1/eHPrkhQ0tfm6tTv5NEpo6Pr+S06/QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCM7dnyAz1GQhThsmZDWvfu2fX07MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSXp0MmZJRFBVWkNGT0d5WmtOYTktN1o5ZlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQCU4mcAwQAWJc+AwQAWNHkAwQC
WNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQAstLoAwQBstLqAwQAstLtAwQAwikvMA0G
CSqGSIb3DQEBCwUAA4IBAQCqEkO8HVoN9JUX9eWlAsPZHN1PQwKrG6suJ1goTV7y
1unFGX6Mnl9HW6UKNQ45MlvzXIqqmLzUOxDkTngu8Jaxhq5dO+NbgK8OXFNYzVQj
f3jwFUn6xnSnVlVpjDygFBDG8Jhaj+ainPAW+/5ovZgZaBGC2dqB1lUj2HOUfKlU
81LNwLmlMJT8HPkittOyCfxPrB3nCjsltCXNmX9oX2jP7stGtWv1Cqnj4ndGwn3y
MI6aSebiBQQSAP/ky8HwLnkR7+DUVVo27E+nPjje6FDX2vBjqiHdEaGYHRj5pDic
TuCUixnci+NMGuj+oE2AZueTx13ze+EBWjshHE76NHER
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org