Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Jq24JXH6maYKY0lZCMhPkuS94hM.roa
File: Jq24JXH6maYKY0lZCMhPkuS94hM.roa (raw, json)
Hash identifier: aJ204bxQWosjHdYDmiHXnHNFUhYJRnLDh6HYbAce7Gc=
Subject key identifier: 26:AD:B8:25:71:FA:99:A6:0A:63:49:59:08:C8:4F:92:E4:BD:E2:13
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0185BFE6E9C251EB36B345505E26F9CF862A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Jq24JXH6maYKY0lZCMhPkuS94hM.roa
Signing time: Tue 17 Jan 2023 13:24:19 +0000
ROA not before: Tue 17 Jan 2023 13:24:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:e6:e9:c2:51:eb:36:b3:45:50:5e:26:f9:cf:86:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 17 13:24:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26adb82571fa99a60a63495908c84f92e4bde213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3f:13:7a:5d:20:db:1c:ac:f5:55:58:56:7e:
c4:f9:2b:5e:84:bf:d8:cc:2f:46:e9:57:8e:77:ad:
bc:fb:a7:7f:dd:70:2c:86:08:f2:92:d1:c7:51:97:
46:eb:c1:99:7e:ef:64:77:35:2d:2a:4b:e3:11:f7:
7c:79:b4:b1:a7:cf:00:7a:8d:4d:66:aa:bf:30:27:
32:4c:5d:98:fc:cf:32:22:6e:6c:f9:f9:8e:3b:90:
45:96:07:a5:e7:b2:af:96:2b:dd:6e:bb:6a:8d:79:
41:c2:44:1e:76:c0:46:a2:25:64:28:a6:df:ed:3e:
ba:b7:71:68:69:68:50:e8:b3:7a:ef:c1:6c:08:7a:
11:50:39:52:8a:17:87:d2:cb:e4:f5:4a:ca:6e:50:
27:57:eb:40:48:3c:fd:a2:ca:bc:af:81:1c:51:b5:
9f:02:d7:ed:e9:55:f5:43:fb:c8:24:d5:5b:02:3a:
02:e2:d0:93:45:1d:1d:76:ba:bc:4e:14:75:cc:44:
b0:dc:88:0d:a4:14:85:9e:97:bc:a1:7a:af:19:2e:
8e:a7:9d:ff:6a:1b:9c:a9:cd:de:bb:3d:32:71:c7:
7c:e5:15:4b:cd:76:82:eb:0e:96:b7:f2:d9:18:e9:
78:97:81:5e:cb:6a:b9:a5:43:38:c6:65:37:86:e5:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AD:B8:25:71:FA:99:A6:0A:63:49:59:08:C8:4F:92:E4:BD:E2:13
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Jq24JXH6maYKY0lZCMhPkuS94hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/22
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
83:f4:fb:5b:7a:42:f8:d9:0a:7d:a2:a0:d4:9e:ed:5b:6a:c5:
65:07:3f:a4:99:26:16:2e:63:47:63:d6:60:b5:f2:9a:ef:46:
0a:5f:58:14:d9:78:72:36:7b:32:a7:49:17:f2:9e:fe:e2:3e:
1a:90:45:21:35:6f:ab:7e:b2:23:4e:be:93:b6:9c:da:72:c8:
4b:96:85:e8:d4:74:b5:2c:a7:7f:0b:0e:52:52:94:df:cf:ea:
13:79:1c:92:c8:ea:d0:9d:9c:f0:e9:b8:05:9d:13:48:0c:78:
58:22:67:19:a2:5a:20:f3:a2:1d:0b:96:ca:4e:7f:9f:b8:b1:
72:37:e2:2d:0d:f7:c9:50:35:8f:62:bf:82:c8:50:66:97:89:
06:1f:b1:a5:51:ce:98:41:fb:61:3e:8f:25:51:ea:34:c7:df:
9c:4c:df:12:0e:b5:6c:1a:9a:11:64:e9:17:ec:96:59:82:1d:
41:43:e8:28:ea:ef:99:04:d7:d7:53:49:1d:23:76:3e:2b:6a:
cc:a2:39:83:24:40:27:0c:90:47:b4:a5:9c:38:4f:52:ac:ac:
6b:72:8f:a4:f7:fa:d5:f3:98:04:0c:55:a8:df:00:19:56:9f:
94:7c:2d:38:4d:23:c3:67:6f:43:ed:06:a1:c7:79:c6:98:a2:
30:39:1e:47
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYW/5unCUes2s0VQXib5z4YqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTE3MTMyNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFkYjgyNTcxZmE5OWE2MGE2MzQ5NTkwOGM4NGY5MmU0YmRlMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT8Tel0g2xys9VVYVn7E+StehL/Y
zC9G6VeOd628+6d/3XAshgjyktHHUZdG68GZfu9kdzUtKkvjEfd8ebSxp88Aeo1N
Zqq/MCcyTF2Y/M8yIm5s+fmOO5BFlgel57KvlivdbrtqjXlBwkQedsBGoiVkKKbf
7T66t3FoaWhQ6LN678FsCHoRUDlSiheH0svk9UrKblAnV+tASDz9osq8r4EcUbWf
Atft6VX1Q/vIJNVbAjoC4tCTRR0ddrq8ThR1zESw3IgNpBSFnpe8oXqvGS6Op53/
ahucqc3euz0yccd85RVLzXaC6w6Wt/LZGOl4l4Fey2q5pUM4xmU3huUnKwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCatuCVx+pmmCmNJWQjIT5LkveITMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSnEyNEpYSDZtYVlLWTBsWkNNaFBrdVM5NGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAWJc+AwQAWNHkAwQC
WNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQCstLoAwQAwikvMA0GCSqGSIb3DQEBCwUA
A4IBAQCD9PtbekL42Qp9oqDUnu1basVlBz+kmSYWLmNHY9ZgtfKa70YKX1gU2Xhy
Nnsyp0kX8p7+4j4akEUhNW+rfrIjTr6TtpzacshLloXo1HS1LKd/Cw5SUpTfz+oT
eRySyOrQnZzw6bgFnRNIDHhYImcZolog86IdC5bKTn+fuLFyN+ItDffJUDWPYr+C
yFBml4kGH7GlUc6YQfthPo8lUeo0x9+cTN8SDrVsGpoRZOkX7JZZgh1BQ+go6u+Z
BNfXU0kdI3Y+K2rMojmDJEAnDJBHtKWcOE9SrKxrco+k9/rV85gEDFWo3wAZVp+U
fC04TSPDZ29D7Qahx3nGmKIwOR5H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org