Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OSm0fFhTOQQ9sCP3lnTa_TG7jvQ.roa
File: OSm0fFhTOQQ9sCP3lnTa_TG7jvQ.roa (raw, json)
Hash identifier: s/Ka0ACj8d+tpUKAlT5OrwNlqUHU9Z0NJTZ+I3XiLHY=
Subject key identifier: 39:29:B4:7C:58:53:39:04:3D:B0:23:F7:96:74:DA:FD:31:BB:8E:F4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186179A3E10D860EACC3BDFBA77AD035828
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OSm0fFhTOQQ9sCP3lnTa_TG7jvQ.roa
Signing time: Fri 03 Feb 2023 14:07:09 +0000
ROA not before: Fri 03 Feb 2023 14:07:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/22 maxlen: 24
178.210.228.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:9a:3e:10:d8:60:ea:cc:3b:df:ba:77:ad:03:58:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 3 14:07:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3929b47c585339043db023f79674dafd31bb8ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:70:a8:0d:34:b5:72:b7:66:33:2b:78:e8:
73:6a:e0:4a:1a:94:46:22:35:7e:e4:42:3c:47:01:
82:5d:91:a5:a6:1b:cc:a8:a3:cd:17:5f:02:a3:bb:
88:65:ca:a4:77:df:65:c9:86:b5:46:6d:86:1f:af:
e9:05:20:b5:5e:4f:68:c3:fb:4e:f8:a6:d0:b3:e7:
c5:d2:02:9a:c5:e8:53:c0:13:66:52:bd:a8:8d:78:
fe:7e:78:d3:cc:60:e7:58:20:ee:95:fe:73:4c:f2:
06:85:56:30:2b:b7:80:d2:23:d2:f9:0b:61:42:77:
d6:dd:9c:9f:0d:c2:47:89:f9:c9:2b:77:a9:09:40:
95:47:ff:e5:55:0e:08:8e:16:7f:3e:83:85:ea:76:
cb:65:a4:fd:d4:b8:6d:61:4e:ee:ed:9e:f3:fc:bb:
38:e8:a5:6a:0b:62:33:c2:ce:60:08:da:3b:47:cf:
5e:c7:f8:09:d2:02:de:1d:e1:3c:99:95:01:d9:44:
5b:35:97:a6:d4:c5:0e:0f:5d:b8:86:18:23:1c:af:
b4:74:70:77:f2:44:5b:d2:81:de:d2:e3:37:46:ca:
31:f2:4a:60:ac:0d:69:a5:e3:a6:35:d0:c8:c7:01:
42:83:46:5a:57:87:e6:2c:a0:f5:2b:67:8b:bb:38:
8f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:29:B4:7C:58:53:39:04:3D:B0:23:F7:96:74:DA:FD:31:BB:8E:F4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OSm0fFhTOQQ9sCP3lnTa_TG7jvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/20
88.209.192.0/21
88.209.208.0-88.209.225.255
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
55:99:aa:fe:ae:ad:7d:21:27:d2:5b:4d:94:62:a6:0a:9a:56:
9d:75:90:74:dc:9d:05:f4:55:1b:5f:24:f3:ad:64:64:09:d3:
b7:a3:65:a1:7b:75:ed:38:6b:c4:ff:de:33:20:35:26:8c:3d:
b1:31:d3:e2:4f:64:8d:99:3e:f7:53:8d:0c:9a:56:f2:a2:d5:
56:d5:08:e5:5d:f2:f1:38:8a:71:af:98:38:92:13:8f:b0:f3:
43:ce:bc:d2:4a:d0:f6:e9:74:c8:8a:85:be:e0:48:c3:32:a6:
a4:38:67:2b:b2:b6:03:0f:25:29:b5:e0:ad:91:65:3e:cf:79:
c4:4e:e3:96:8f:75:87:3f:8e:ba:7d:d2:92:b3:91:91:2d:01:
7a:e3:f8:96:c9:0c:33:1b:9e:12:ba:0b:89:67:75:40:c2:3b:
a8:da:c6:03:8c:22:fd:73:36:74:03:e4:76:ba:eb:0f:b2:76:
6f:07:54:43:6b:08:48:42:2f:f0:54:75:a2:07:77:48:24:e8:
17:e1:57:2b:ea:1d:1e:a3:36:1e:60:49:f3:1e:02:db:c8:32:
4a:f7:a2:10:25:31:ec:50:bf:e8:44:26:c8:1e:0e:88:a3:10:
47:5c:3e:cd:ee:f1:bc:6c:a2:f3:de:48:d1:b3:47:c2:dc:0d:
8f:fd:b5:67
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYYXmj4Q2GDqzDvfunetA1goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjAzMTQwNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI5YjQ3YzU4NTMzOTA0M2RiMDIzZjc5Njc0ZGFmZDMxYmI4ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6RwqA00tXK3ZjMreOhzauBKGpRG
IjV+5EI8RwGCXZGlphvMqKPNF18Co7uIZcqkd99lyYa1Rm2GH6/pBSC1Xk9ow/tO
+KbQs+fF0gKaxehTwBNmUr2ojXj+fnjTzGDnWCDulf5zTPIGhVYwK7eA0iPS+Qth
QnfW3ZyfDcJHifnJK3epCUCVR//lVQ4IjhZ/PoOF6nbLZaT91LhtYU7u7Z7z/Ls4
6KVqC2Izws5gCNo7R89ex/gJ0gLeHeE8mZUB2URbNZem1MUOD124hhgjHK+0dHB3
8kRb0oHe0uM3Rsox8kpgrA1ppeOmNdDIxwFCg0ZaV4fmLKD1K2eLuziPBQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDkptHxYUzkEPbAj95Z02v0xu470MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvT1NtMGZGaFRPUVE5c0NQM2xuVGFfVEc3anZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBARN8pADBANY0cAwDAMEBFjR0AMEAVjR4AMEA1w0
0AMEAFw02wMEA7LS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkqhkiG9w0BAQsFAAOC
AQEAVZmq/q6tfSEn0ltNlGKmCppWnXWQdNydBfRVG18k861kZAnTt6NloXt17Thr
xP/eMyA1Jow9sTHT4k9kjZk+91ONDJpW8qLVVtUI5V3y8TiKca+YOJITj7DzQ868
0krQ9ul0yIqFvuBIwzKmpDhnK7K2Aw8lKbXgrZFlPs95xE7jlo91hz+Oun3SkrOR
kS0BeuP4lskMMxueEroLiWd1QMI7qNrGA4wi/XM2dAPkdrrrD7J2bwdUQ2sISEIv
8FR1ogd3SCToF+FXK+odHqM2HmBJ8x4C28gySveiECUx7FC/6EQmyB4OiKMQR1w+
ze7xvGyi895I0bNHwtwNj/21Zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org