Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KydjlyJUSKIENfAd10b26bQaOps.roa
File: KydjlyJUSKIENfAd10b26bQaOps.roa (raw, json)
Hash identifier: 82Wo7BwUxmUJJlPkyzlN3oLQ8MI39eb+JcILl/cPJio=
Subject key identifier: 2B:27:63:97:22:54:48:A2:04:35:F0:1D:D7:46:F6:E9:B4:1A:3A:9B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824E9328E1B68EFCA26F08DFB81AC99D44
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KydjlyJUSKIENfAd10b26bQaOps.roa
Signing time: Sat 30 Jul 2022 10:07:23 +0000
ROA not before: Sat 30 Jul 2022 10:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.231.0/24 maxlen: 24
88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
83.137.159.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
178.210.224.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4e:93:28:e1:b6:8e:fc:a2:6f:08:df:b8:1a:c9:9d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 30 10:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b276397225448a20435f01dd746f6e9b41a3a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:c9:eb:a8:e0:66:d8:e3:59:51:d1:fe:0b:
f4:cc:e4:bb:6b:4b:12:0e:a0:a5:8a:38:fe:08:1e:
58:4f:ee:07:1f:8a:91:a8:27:b8:ab:d3:6a:97:b6:
1c:a0:44:82:8c:d6:db:bc:91:92:80:b7:80:8a:d4:
0c:8e:e1:2f:bf:fe:e4:af:7d:32:90:03:17:d2:1a:
90:1c:1a:19:61:5e:6c:39:29:a4:14:7b:bd:1c:45:
75:f3:61:66:a4:3f:db:8f:7c:e4:65:8a:20:b6:47:
02:54:f1:a0:b2:59:b0:37:d5:7c:b9:41:c1:be:dc:
39:a1:d4:cd:d5:24:b2:07:29:1d:77:06:f1:44:e8:
3b:1f:fc:74:99:5f:10:a8:c2:78:12:49:87:ad:aa:
4a:18:76:6d:d4:ec:d2:87:12:e2:85:da:d2:78:99:
be:94:72:7f:1b:bd:d9:31:0b:8c:c6:ee:db:a6:1d:
05:b2:56:28:0a:be:0a:a4:58:0f:c5:87:37:d7:85:
98:87:95:7d:ad:4f:dd:a8:b1:18:e7:c4:f6:c3:8a:
65:bd:b6:07:71:34:be:51:b2:b9:b3:9a:51:c5:98:
2c:d9:2c:1f:78:b7:a7:e5:94:3f:fb:15:f8:4a:7c:
8d:00:3d:dc:cb:ee:f3:a3:1f:cb:99:47:a4:08:06:
65:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:27:63:97:22:54:48:A2:04:35:F0:1D:D7:46:F6:E9:B4:1A:3A:9B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/KydjlyJUSKIENfAd10b26bQaOps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0-45.14.10.255
77.242.144.0/20
83.137.159.0/24
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.231.0/24
88.209.240.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
18:90:7b:1e:f8:eb:ea:12:1e:c7:18:82:a2:64:fe:5d:26:71:
b0:82:cb:4c:b5:b7:4b:e2:28:c8:b9:d2:88:ca:45:39:50:f2:
a2:62:30:a0:a6:97:a9:5b:c1:6d:24:51:71:b1:dd:29:bf:77:
16:69:29:df:c0:c0:d0:68:87:a1:8e:1c:63:cc:19:0e:c9:92:
b1:aa:81:89:7f:9a:6a:cf:36:d3:82:69:53:fb:81:77:09:9e:
ec:87:30:3b:0e:b5:52:64:7a:99:86:1e:ec:ff:ff:8d:09:28:
47:20:e8:8a:c3:11:d0:fc:cb:67:17:d5:7b:98:ee:64:6f:a7:
f4:ae:bb:43:d2:d3:4c:cb:9e:df:e8:10:7f:ff:55:16:23:88:
6d:61:f5:8b:41:2b:9b:f1:cd:e6:8f:1d:08:20:2c:b9:06:65:
46:4a:d0:4e:0a:69:80:33:48:6e:db:eb:9b:ae:43:d7:65:8c:
6c:dc:77:19:ba:9c:44:8b:c5:d3:e7:4a:07:1b:7a:2e:9f:63:
fd:c0:c9:92:78:59:ec:9d:a5:f9:05:9f:42:db:e1:a1:2e:56:
ff:c2:2d:ef:e7:fb:76:7c:0a:ac:9f:05:46:42:83:30:1f:59:
57:49:fd:da:5d:3a:06:7f:a6:5e:26:63:a0:1d:7b:f2:2d:c9:
21:d6:00:7e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYJOkyjhto78om8I37gayZ1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzMwMTAwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI3NjM5NzIyNTQ0OGEyMDQzNWYwMWRkNzQ2ZjZlOWI0MWEzYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlfJ66jgZtjjWVHR/gv0zOS7a0sS
DqClijj+CB5YT+4HH4qRqCe4q9Nql7YcoESCjNbbvJGSgLeAitQMjuEvv/7kr30y
kAMX0hqQHBoZYV5sOSmkFHu9HEV182FmpD/bj3zkZYogtkcCVPGgslmwN9V8uUHB
vtw5odTN1SSyBykddwbxROg7H/x0mV8QqMJ4EkmHrapKGHZt1OzShxLihdrSeJm+
lHJ/G73ZMQuMxu7bph0FslYoCr4KpFgPxYc314WYh5V9rU/dqLEY58T2w4plvbYH
cTS+UbK5s5pRxZgs2SwfeLen5ZQ/+xX4SnyNAD3cy+7zox/LmUekCAZlaQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFCsnY5ciVEiiBDXwHddG9um0GjqbMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvS3lkamx5SlVTS0lFTmZBZDEwYjI2YlFhT3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQALQmp
AwQCLQmoMAwDBAMtDggDBAAtDgoDBARN8pADBABTiZ8DBANY0cAwDAMEBFjR0AME
AljR4AMEAFjR5wMEAljR8AMEA1w00AMEAFw02wMEA7LS4AMEALLS7AMEA7L4yAME
AMGKfTANBgkqhkiG9w0BAQsFAAOCAQEAGJB7Hvjr6hIexxiComT+XSZxsILLTLW3
S+IoyLnSiMpFOVDyomIwoKaXqVvBbSRRcbHdKb93Fmkp38DA0GiHoY4cY8wZDsmS
saqBiX+aas8204JpU/uBdwme7IcwOw61UmR6mYYe7P//jQkoRyDoisMR0PzLZxfV
e5juZG+n9K67Q9LTTMue3+gQf/9VFiOIbWH1i0Erm/HN5o8dCCAsuQZlRkrQTgpp
gDNIbtvrm65D12WMbNx3GbqcRIvF0+dKBxt6Lp9j/cDJknhZ7J2l+QWfQtvhoS5W
/8It7+f7dnwKrJ8FRkKDMB9ZV0n92l06Bn+mXiZjoB178i3JIdYAfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org