Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/O-Fudi3NPuqAXqxNsNgnGuOYEJc.roa
File: O-Fudi3NPuqAXqxNsNgnGuOYEJc.roa (raw, json)
Hash identifier: VVbMlOLUq0v63QW1hjXzyQT25B/IKDnYnzRtjoV7eJg=
Subject key identifier: 3B:E1:6E:76:2D:CD:3E:EA:80:5E:AC:4D:B0:D8:27:1A:E3:98:10:97
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018EA473A1749BB60F59870840C2B14ED3F6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/O-Fudi3NPuqAXqxNsNgnGuOYEJc.roa
Signing time: Wed 03 Apr 2024 14:53:45 +0000
ROA not before: Wed 03 Apr 2024 14:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:73:a1:74:9b:b6:0f:59:87:08:40:c2:b1:4e:d3:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 3 14:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be16e762dcd3eea805eac4db0d8271ae3981097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:89:e0:45:9c:99:f6:53:74:9c:c3:c3:64:
0c:dc:b0:ee:0e:8c:36:c8:a2:0a:24:5c:bc:c1:8f:
7e:80:7d:8d:26:7c:2f:f3:b0:23:9d:bc:6f:b0:7c:
ab:ff:bf:14:ad:61:85:db:4c:2e:6e:9b:06:0a:22:
bb:b2:64:3d:b8:57:5c:e7:19:49:89:67:07:20:74:
c5:88:db:b7:7c:50:f0:f2:30:eb:7f:ce:d3:0e:ae:
a8:34:47:8a:f6:55:f0:c1:59:46:29:37:f0:3c:93:
38:4c:eb:94:41:33:c8:58:97:f0:de:75:3e:7a:95:
f5:14:e7:5a:7f:f7:18:95:74:52:68:11:06:21:9e:
82:3f:23:4a:ca:35:94:40:99:f7:fb:dd:6a:d0:8c:
68:0f:aa:be:97:9d:33:24:ae:14:f2:49:bf:2e:f8:
41:b9:c3:e2:72:7e:48:4e:5e:08:f5:69:cd:31:88:
12:ab:a5:da:6a:95:cb:4e:bb:93:01:5b:4e:a5:6c:
ce:6a:90:33:45:8f:71:83:25:6e:57:54:28:45:7c:
53:25:d6:eb:4e:48:8b:c8:16:ed:cc:a9:d9:01:f8:
68:1e:eb:a5:aa:2a:65:9d:09:05:00:e4:0b:2f:27:
d2:a0:30:c6:93:69:4e:33:8e:42:c9:47:df:61:59:
c9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E1:6E:76:2D:CD:3E:EA:80:5E:AC:4D:B0:D8:27:1A:E3:98:10:97
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/O-Fudi3NPuqAXqxNsNgnGuOYEJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0-178.210.237.255
178.210.240.0/20
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
67:43:b2:80:5d:8f:75:41:c1:62:ce:4a:d6:47:db:66:e5:7e:
0f:3d:7b:cc:a3:be:2c:74:82:ff:9d:73:ce:cd:33:b2:cf:22:
9f:87:3e:11:39:58:08:99:da:8e:7b:51:eb:4b:5f:40:88:23:
db:8d:29:9b:90:05:04:78:61:76:a9:54:92:2c:22:a7:6c:da:
12:fa:01:35:f6:90:21:3b:8b:6f:b1:50:f9:29:cb:5f:7b:f9:
bd:01:f0:81:0d:e1:e9:ea:a5:bc:f6:7c:d6:f6:3c:f3:d7:3b:
c8:fe:b8:a9:5f:38:9d:38:e7:20:e6:a2:9c:65:c1:3c:60:17:
f9:36:99:8d:3d:f8:4f:81:6c:6c:23:84:40:bd:f9:15:9b:eb:
52:23:28:71:da:66:d3:7b:df:d6:7f:2e:c2:6c:e9:7b:06:09:
a4:49:d1:6b:c3:a4:2a:d9:50:00:e5:e6:7f:1d:97:e1:dd:35:
65:5b:3c:b6:23:c4:fb:59:f3:be:e4:5a:aa:aa:b7:66:c5:a9:
67:97:d3:2c:30:90:1b:4c:43:d5:b2:31:1f:8f:cc:82:93:c3:
e2:47:92:bf:31:30:cb:9e:74:f5:b0:86:49:c8:5d:6e:e0:08:
f9:ad:09:91:d7:20:60:3c:94:ae:91:6b:23:22:2b:61:98:e1:
4e:f8:1d:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAY6kc6F0m7YPWYcIQMKxTtP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNDAzMTQ1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUxNmU3NjJkY2QzZWVhODA1ZWFjNGRiMGQ4MjcxYWUzOTgxMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvqJ4EWcmfZTdJzDw2QM3LDuDow2
yKIKJFy8wY9+gH2NJnwv87AjnbxvsHyr/78UrWGF20wubpsGCiK7smQ9uFdc5xlJ
iWcHIHTFiNu3fFDw8jDrf87TDq6oNEeK9lXwwVlGKTfwPJM4TOuUQTPIWJfw3nU+
epX1FOdaf/cYlXRSaBEGIZ6CPyNKyjWUQJn3+91q0IxoD6q+l50zJK4U8km/LvhB
ucPicn5ITl4I9WnNMYgSq6XaapXLTruTAVtOpWzOapAzRY9xgyVuV1QoRXxTJdbr
TkiLyBbtzKnZAfhoHuulqiplnQkFAOQLLyfSoDDGk2lOM45CyUffYVnJnwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFDvhbnYtzT7qgF6sTbDYJxrjmBCXMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTy1GdWRpM05QdXFBWHF4TnNOZ25HdU9ZRUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4MAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFjRwQME
AFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02zAMAwQFstLgAwQBstLs
AwQEstLwAwQDsvjIAwQAwYp9MA0EAgACMAcDBQMqAB9AMA0GCSqGSIb3DQEBCwUA
A4IBAQBnQ7KAXY91QcFizkrWR9tm5X4PPXvMo74sdIL/nXPOzTOyzyKfhz4ROVgI
mdqOe1HrS19AiCPbjSmbkAUEeGF2qVSSLCKnbNoS+gE19pAhO4tvsVD5Kctfe/m9
AfCBDeHp6qW89nzW9jzz1zvI/ripXzidOOcg5qKcZcE8YBf5NpmNPfhPgWxsI4RA
vfkVm+tSIyhx2mbTe9/Wfy7CbOl7BgmkSdFrw6Qq2VAA5eZ/HZfh3TVlWzy2I8T7
WfO+5Fqqqrdmxalnl9MsMJAbTEPVsjEfj8yCk8PiR5K/MTDLnnT1sIZJyF1u4Aj5
rQmR1yBgPJSukWsjIithmOFO+B1H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org