Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PX5XspR0KXbpc5hsdEJGUkyaCZE.roa
File: PX5XspR0KXbpc5hsdEJGUkyaCZE.roa (raw, json)
Hash identifier: UWvTwHcregccdRoi0ti3FU4sWs1rVO3lQXmamZwDNa4=
Subject key identifier: 3D:7E:57:B2:94:74:29:76:E9:73:98:6C:74:42:46:52:4C:9A:09:91
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01863A8DAB67CF824E452E94B8232BA2DBF5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PX5XspR0KXbpc5hsdEJGUkyaCZE.roa
Signing time: Fri 10 Feb 2023 09:00:08 +0000
ROA not before: Fri 10 Feb 2023 09:00:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:8d:ab:67:cf:82:4e:45:2e:94:b8:23:2b:a2:db:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 10 09:00:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d7e57b294742976e973986c744246524c9a0991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:c6:5c:73:16:da:67:a0:fd:cd:92:9d:6b:
e1:f3:35:eb:ce:e1:67:4a:10:8d:8b:9a:6c:78:89:
15:86:e1:39:db:12:43:77:e8:a5:69:43:aa:be:8e:
81:df:b8:cf:5a:de:4d:2b:06:3d:80:52:3b:3c:fd:
6c:db:b1:8b:13:73:7d:77:d2:56:6a:ab:a9:3d:5c:
a8:1b:66:7c:a5:f6:8d:38:75:c0:a1:5c:47:df:7d:
11:83:a4:12:2d:b1:e6:a2:ca:67:6f:db:25:2e:e3:
ea:6a:f9:d9:10:b2:19:16:71:9c:62:5e:ea:66:35:
3c:1c:e2:a0:18:20:93:3b:b7:c9:e3:6f:58:6e:7a:
18:98:63:fa:ac:9a:0a:b5:3b:5b:e6:39:9e:3d:45:
ab:77:fb:ad:6f:f2:56:ac:8d:c8:68:45:4e:d2:5c:
70:ea:9b:71:db:4a:de:3c:b2:f7:66:42:6f:53:72:
9c:1a:0b:cf:b7:db:54:19:a1:0c:65:db:8f:15:d5:
82:c1:fb:da:d1:e6:d9:c8:7a:8c:ba:45:eb:4b:59:
86:37:02:a3:50:45:ec:14:60:3c:41:47:3a:81:a6:
a7:81:86:47:25:3d:84:cb:35:64:ae:26:8e:72:f3:
51:ef:25:4c:30:1e:b2:ab:3c:e5:a6:dd:97:5f:5a:
9a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7E:57:B2:94:74:29:76:E9:73:98:6C:74:42:46:52:4C:9A:09:91
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PX5XspR0KXbpc5hsdEJGUkyaCZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/22
88.151.62.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0/24
92.52.218.0/24
178.210.232.0/22
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ff:a4:af:cf:19:e7:d5:89:87:b5:3c:13:12:bd:ba:8d:dc:
db:78:56:dc:30:ae:d1:79:43:c0:3d:64:a9:dd:28:c4:4f:0e:
7d:b7:d3:8f:11:9b:59:a1:77:4c:7b:d4:eb:8f:22:9d:55:0c:
3d:a6:b0:da:cc:d6:69:45:63:c2:26:0a:70:5b:bb:6e:e0:fe:
8d:3d:04:85:1a:60:73:13:a4:85:94:15:96:95:d8:24:34:34:
9f:81:2e:2b:65:6a:d7:25:c9:a3:98:c9:1f:9e:92:85:32:e7:
10:06:2a:f3:1d:e5:68:fa:4d:86:10:86:0a:b2:f0:12:18:34:
89:af:50:ac:d9:d4:af:75:1f:1f:56:3f:ce:77:81:5b:e1:3e:
ec:23:7d:b5:85:bd:bf:c4:b2:96:2b:18:d6:25:ba:1b:65:f4:
cc:a2:02:de:28:f3:fe:e6:0a:b3:cc:9c:46:c1:c5:1d:c0:09:
80:37:53:f5:4e:06:f8:04:ec:05:75:48:62:d5:dc:6b:12:2f:
cc:4f:0d:8a:55:68:79:2c:53:a8:93:f6:e1:35:1f:a4:d6:fb:
bc:45:34:c3:da:27:0f:da:e1:b7:3a:bd:a7:a8:50:e4:bf:b2:
f9:64:54:7d:64:d3:55:40:93:25:67:ef:14:5b:d4:68:af:36:
29:9d:c7:3e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYY6jatnz4JORS6UuCMrotv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjEwMDkwMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdlNTdiMjk0NzQyOTc2ZTk3Mzk4NmM3NDQyNDY1MjRjOWEwOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hrGXHMW2meg/c2SnWvh8zXrzuFn
ShCNi5pseIkVhuE52xJDd+ilaUOqvo6B37jPWt5NKwY9gFI7PP1s27GLE3N9d9JW
aqupPVyoG2Z8pfaNOHXAoVxH330Rg6QSLbHmospnb9slLuPqavnZELIZFnGcYl7q
ZjU8HOKgGCCTO7fJ429YbnoYmGP6rJoKtTtb5jmePUWrd/utb/JWrI3IaEVO0lxw
6ptx20rePLL3ZkJvU3KcGgvPt9tUGaEMZduPFdWCwfva0ebZyHqMukXrS1mGNwKj
UEXsFGA8QUc6gaangYZHJT2EyzVkriaOcvNR7yVMMB6yqzzlpt2XX1qavwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFD1+V7KUdCl26XOYbHRCRlJMmgmRMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUFg1WHNwUjBLWGJwYzVoc2RFSkdVa3lhQ1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQCU4mcAwQAWJc+AwQAWNHkAwQC
WNHsAwQBWNH2AwQAWNH9AwQAXDTaAwQCstLoAwQAwikvMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ/6Svzxnn1YmHtTwTEr26jdzbeFbcMK7ReUPAPWSp3SjETw59t9OPEZtZ
oXdMe9TrjyKdVQw9prDazNZpRWPCJgpwW7tu4P6NPQSFGmBzE6SFlBWWldgkNDSf
gS4rZWrXJcmjmMkfnpKFMucQBirzHeVo+k2GEIYKsvASGDSJr1Cs2dSvdR8fVj/O
d4Fb4T7sI321hb2/xLKWKxjWJbobZfTMogLeKPP+5gqzzJxGwcUdwAmAN1P1Tgb4
BOwFdUhi1dxrEi/MTw2KVWh5LFOok/bhNR+k1vu8RTTD2icP2uG3Or2nqFDkv7L5
ZFR9ZNNVQJMlZ+8UW9RorzYpncc+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org