Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OfkgcKF4-zJ-f5uqdI0FYj_I2SE.roa
File: OfkgcKF4-zJ-f5uqdI0FYj_I2SE.roa (raw, json)
Hash identifier: N8BODztPZSQhqutbZ+iVR29HSfdpw1cdILmMGAFOLwE=
Subject key identifier: 39:F9:20:70:A1:78:FB:32:7E:7F:9B:AA:74:8D:05:62:3F:C8:D9:21
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018581D648359858A6265DC6BA8D6D486354
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OfkgcKF4-zJ-f5uqdI0FYj_I2SE.roa
Signing time: Thu 05 Jan 2023 12:09:42 +0000
ROA not before: Thu 05 Jan 2023 12:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:d6:48:35:98:58:a6:26:5d:c6:ba:8d:6d:48:63:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 5 12:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39f92070a178fb327e7f9baa748d05623fc8d921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:43:d6:5b:bb:b1:11:01:81:92:39:02:b0:4d:
b7:33:b2:e3:61:5e:65:96:37:2e:17:41:5d:3c:36:
5b:60:f2:f1:19:de:99:cd:86:44:97:56:e0:bd:a0:
e2:73:0c:a1:88:6c:bc:32:b1:b7:00:d5:67:1b:64:
f9:f1:89:1a:d5:14:0f:9c:d2:f2:c2:18:ce:19:c5:
24:d7:93:ef:88:a5:0f:e3:f1:41:66:d8:3e:0c:a6:
fe:b5:ea:82:6c:ce:43:fd:18:0b:01:b8:9e:bf:be:
de:48:54:9e:b0:b1:c5:1d:65:d9:eb:d1:e8:67:51:
50:08:ef:cd:c0:73:6f:a6:eb:d1:d7:8e:ed:0d:48:
26:4e:e0:7a:d0:f5:f1:cf:51:32:04:c7:cd:a4:1d:
73:5a:e0:25:7b:76:9c:bb:a6:45:00:7d:ac:69:7d:
a9:ad:15:a2:6c:b0:34:ea:bd:44:91:2a:ae:76:7e:
35:f0:8d:c6:55:a8:1f:89:a3:a3:b4:09:5c:2a:92:
08:9d:ed:7f:29:1a:5b:f1:77:17:99:63:77:f4:1b:
92:46:b9:cc:77:a5:97:a9:7f:2b:c0:04:d1:4e:91:
e1:88:3e:f6:e2:12:94:ec:ea:b3:77:f6:bb:19:a0:
1f:cc:2b:eb:ce:53:6e:2e:9a:38:27:40:18:cb:f7:
6b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F9:20:70:A1:78:FB:32:7E:7F:9B:AA:74:8D:05:62:3F:C8:D9:21
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OfkgcKF4-zJ-f5uqdI0FYj_I2SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:7f:39:0d:aa:3e:9b:5c:a1:24:34:c3:4f:0a:60:73:90:9e:
83:f8:6e:d0:31:84:56:5c:e1:4d:8f:38:4d:db:45:85:f2:d1:
f7:21:ed:05:ff:21:0c:b4:e0:46:5d:42:7d:a4:74:3b:db:75:
ae:0f:37:32:c2:35:0c:2c:17:64:98:e5:df:49:37:71:0b:7d:
75:1f:25:e5:d4:0f:29:7d:c0:98:7b:cc:5c:59:82:e8:d2:ad:
48:b1:70:90:85:8e:db:cc:0b:77:f7:2c:55:64:a4:ab:59:b9:
8c:27:87:1b:d8:c9:37:ad:33:20:76:09:7c:ef:a3:5e:8a:35:
91:8d:13:6f:22:60:47:6c:74:c5:39:6c:cf:36:41:a9:52:df:
45:10:c1:80:42:e6:e1:68:3f:33:27:79:d5:c5:40:0e:b5:2c:
8d:64:1f:45:92:93:5a:b0:f1:23:99:42:b9:f0:56:06:89:aa:
5a:82:ba:35:40:7a:4b:a3:cb:ee:27:16:1d:d1:34:29:16:5b:
38:e8:80:cf:80:9e:2c:fe:d5:d0:b3:fd:32:82:75:12:7f:57:
35:9c:c9:c6:a6:e8:7b:de:44:65:2a:0e:f6:de:0f:bb:3d:be:
70:91:96:0e:e5:b0:31:a7:44:bb:f8:39:ba:a4:ad:10:0c:b6:
d6:fd:66:82
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYWB1kg1mFimJl3Guo1tSGNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTA1MTIwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWY5MjA3MGExNzhmYjMyN2U3ZjliYWE3NDhkMDU2MjNmYzhkOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0PWW7uxEQGBkjkCsE23M7LjYV5l
ljcuF0FdPDZbYPLxGd6ZzYZEl1bgvaDicwyhiGy8MrG3ANVnG2T58Yka1RQPnNLy
whjOGcUk15PviKUP4/FBZtg+DKb+teqCbM5D/RgLAbiev77eSFSesLHFHWXZ69Ho
Z1FQCO/NwHNvpuvR147tDUgmTuB60PXxz1EyBMfNpB1zWuAle3acu6ZFAH2saX2p
rRWibLA06r1EkSqudn418I3GVagfiaOjtAlcKpIIne1/KRpb8XcXmWN39BuSRrnM
d6WXqX8rwATRTpHhiD724hKU7Oqzd/a7GaAfzCvrzlNuLpo4J0AYy/drQQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDn5IHChePsyfn+bqnSNBWI/yNkhMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvT2ZrZ2NLRjQtekotZjV1cWRJMEZZal9JMlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAWJc+AwQAWNHkAwQC
WNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQCstLoAwQAstLtAwQAwikvMA0GCSqGSIb3
DQEBCwUAA4IBAQCzfzkNqj6bXKEkNMNPCmBzkJ6D+G7QMYRWXOFNjzhN20WF8tH3
Ie0F/yEMtOBGXUJ9pHQ723WuDzcywjUMLBdkmOXfSTdxC311HyXl1A8pfcCYe8xc
WYLo0q1IsXCQhY7bzAt39yxVZKSrWbmMJ4cb2Mk3rTMgdgl876NeijWRjRNvImBH
bHTFOWzPNkGpUt9FEMGAQubhaD8zJ3nVxUAOtSyNZB9FkpNasPEjmUK58FYGiapa
gro1QHpLo8vuJxYd0TQpFls46IDPgJ4s/tXQs/0ygnUSf1c1nMnGpuh73kRlKg72
3g+7Pb5wkZYO5bAxp0S7+Dm6pK0QDLbW/WaC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org