Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Lv1ET9SAB01rdZc5DXXQ7SHiSlk.roa
File: Lv1ET9SAB01rdZc5DXXQ7SHiSlk.roa (raw, json)
Hash identifier: wTnkA4hlN/D6dq4xNP8LqTjIcQXLXt1/IpgTXso9Ohk=
Subject key identifier: 2E:FD:44:4F:D4:80:07:4D:6B:75:97:39:0D:75:D0:ED:21:E2:4A:59
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E32E224E40C81449260F1BFF5728CC82D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Lv1ET9SAB01rdZc5DXXQ7SHiSlk.roa
Signing time: Tue 12 Mar 2024 13:37:45 +0000
ROA not before: Tue 12 Mar 2024 13:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 5.182.112.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:e2:24:e4:0c:81:44:92:60:f1:bf:f5:72:8c:c8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 12 13:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2efd444fd480074d6b7597390d75d0ed21e24a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:02:7e:89:a4:63:f9:e6:54:c1:6b:c7:19:f5:
39:bd:b5:d9:ec:fb:da:18:0e:c8:a3:48:a9:e2:56:
e9:e2:4d:5a:21:13:2c:91:e9:62:cb:35:59:24:e6:
55:b6:c7:57:3b:41:70:21:0b:c0:6c:e4:de:18:aa:
52:b0:0a:f0:b9:7a:14:a5:32:0d:35:81:25:59:73:
29:f5:31:8a:cc:a5:74:57:86:44:33:3a:9d:9e:88:
73:6c:f8:e8:74:da:39:60:fe:01:5e:26:16:89:94:
98:98:df:1b:34:bb:c5:e1:0c:44:99:3b:88:89:92:
86:16:ea:4f:27:55:82:1f:9e:32:8e:cb:f8:11:10:
09:8e:3f:01:5a:32:8d:41:e6:b8:b9:f8:3c:a5:19:
70:cf:89:a1:07:89:46:67:59:ea:5e:f1:05:88:77:
38:27:44:b9:84:d2:25:84:ff:0a:8b:98:b4:50:ce:
c7:66:8d:d2:cb:43:c4:4a:3a:40:22:95:e3:25:ac:
c2:45:7e:e6:c2:f2:49:19:b0:bd:f0:4c:f5:0a:fd:
6b:4f:60:ad:b5:0b:15:a0:35:20:da:7f:4e:2a:9b:
9f:ed:2b:58:b3:03:8b:ed:88:04:dd:89:04:75:50:
72:71:77:fd:18:7e:97:7e:e5:b6:86:ba:4c:8a:ea:
5b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FD:44:4F:D4:80:07:4D:6B:75:97:39:0D:75:D0:ED:21:E2:4A:59
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Lv1ET9SAB01rdZc5DXXQ7SHiSlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.153.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
178.210.224.0/19
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
1e:77:ac:ce:8d:d8:9a:24:21:ee:5d:38:82:6d:9d:0d:e9:4d:
31:9e:37:b4:c9:27:b0:db:2e:5b:62:e3:5b:c1:5b:28:bd:26:
00:ba:69:dc:70:79:44:21:d3:00:66:f1:38:ae:94:06:47:80:
e8:7b:ff:04:64:69:78:16:32:3c:97:ae:7b:a6:90:74:4b:c8:
5e:ef:c1:85:37:5d:7e:47:dc:be:36:da:1c:e4:0f:b3:a6:e8:
02:e0:ae:01:a5:8e:ec:8a:3c:c5:39:5e:1d:37:64:f2:62:5c:
eb:c7:8b:11:93:b3:16:ff:81:7e:05:71:6c:55:4d:2f:b5:83:
4c:ec:25:71:4c:f8:43:35:4c:09:91:dc:e4:b8:98:93:e0:68:
5d:5d:9f:80:43:48:b5:3b:46:0c:44:aa:c5:12:26:51:ae:52:
b1:44:7e:e4:f2:24:68:1c:0f:69:a6:a4:31:05:37:b4:56:0a:
a5:01:ed:be:25:cc:63:3e:dc:6f:6c:82:f7:51:17:d7:55:20:
51:f2:22:78:eb:f3:e5:57:f0:67:01:80:cc:d0:27:56:4e:a3:
85:6f:40:3e:2c:58:8e:9c:74:b5:65:23:6f:b5:fb:6b:8e:ca:
25:cd:c5:35:9d:48:4c:9f:f8:03:48:0f:58:a0:8f:ab:58:01:
b5:99:1b:5f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY4y4iTkDIFEkmDxv/VyjMgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzEyMTMzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWZkNDQ0ZmQ0ODAwNzRkNmI3NTk3MzkwZDc1ZDBlZDIxZTI0YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQJ+iaRj+eZUwWvHGfU5vbXZ7Pva
GA7Io0ip4lbp4k1aIRMskeliyzVZJOZVtsdXO0FwIQvAbOTeGKpSsArwuXoUpTIN
NYElWXMp9TGKzKV0V4ZEMzqdnohzbPjodNo5YP4BXiYWiZSYmN8bNLvF4QxEmTuI
iZKGFupPJ1WCH54yjsv4ERAJjj8BWjKNQea4ufg8pRlwz4mhB4lGZ1nqXvEFiHc4
J0S5hNIlhP8Ki5i0UM7HZo3Sy0PESjpAIpXjJazCRX7mwvJJGbC98Ez1Cv1rT2Ct
tQsVoDUg2n9OKpuf7StYswOL7YgE3YkEdVBycXf9GH6XfuW2hrpMiupb7wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFC79RE/UgAdNa3WXOQ110O0h4kpZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTHYxRVQ5U0FCMDFyZFpjNURYWFE3U0hpU2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQABbZw
MAwDBAAtCakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwME
AFOJmQMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEBbLS4AME
A7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEAHnes
zo3YmiQh7l04gm2dDelNMZ43tMknsNsuW2LjW8FbKL0mALpp3HB5RCHTAGbxOK6U
BkeA6Hv/BGRpeBYyPJeue6aQdEvIXu/BhTddfkfcvjbaHOQPs6boAuCuAaWO7Io8
xTleHTdk8mJc68eLEZOzFv+BfgVxbFVNL7WDTOwlcUz4QzVMCZHc5LiYk+BoXV2f
gENItTtGDESqxRImUa5SsUR+5PIkaBwPaaakMQU3tFYKpQHtviXMYz7cb2yC91EX
11UgUfIieOvz5VfwZwGAzNAnVk6jhW9APixYjpx0tWUjb7X7a47KJc3FNZ1ITJ/4
A0gPWKCPq1gBtZkbXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org