Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PhYSk_K_34598mmPhnG2xKUJrv0.roa
File: PhYSk_K_34598mmPhnG2xKUJrv0.roa (raw, json)
Hash identifier: oKxeyEvMT0iA4N0o2Qh3RtgboiYhjo/suCq0Kjo1gyU=
Subject key identifier: 3E:16:12:93:F2:BF:DF:8E:7D:F2:69:8F:86:71:B6:C4:A5:09:AE:FD
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A927B52FE4357863F2D3414E35399E37A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PhYSk_K_34598mmPhnG2xKUJrv0.roa
Signing time: Thu 14 Sep 2023 06:57:50 +0000
ROA not before: Thu 14 Sep 2023 06:57:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:7b:52:fe:43:57:86:3f:2d:34:14:e3:53:99:e3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 14 06:57:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e161293f2bfdf8e7df2698f8671b6c4a509aefd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:29:81:cf:32:a5:79:4b:16:a7:1c:dd:5d:
75:20:45:ba:cd:8d:b7:b0:cf:05:91:d9:b8:05:73:
a8:94:f2:bd:0b:16:d4:79:11:67:dd:d5:8d:48:60:
41:b5:35:31:c8:1e:be:04:b5:63:8b:06:0a:ac:7c:
0b:c2:74:ab:ef:b9:a2:4f:e8:68:e4:4b:92:c8:cd:
7f:f0:52:b6:09:37:c9:a0:0f:1d:7c:12:45:8f:ca:
15:0c:d4:2d:e3:a5:72:44:60:9d:08:be:61:98:d2:
c4:8f:03:d6:12:b6:f5:bf:7b:14:bf:af:bf:23:26:
51:22:9d:16:11:47:31:0a:75:bf:85:6f:1d:dd:39:
21:8d:20:bb:3e:3c:4c:b1:3c:ba:29:3c:cc:b4:f6:
8f:9d:ac:7c:dd:ed:1c:0d:f2:56:e2:c3:a7:8e:bd:
86:fe:90:6a:5c:07:09:83:97:91:cd:c9:a8:f3:c6:
56:ec:06:00:4f:13:ff:80:c5:55:db:19:e5:84:e2:
0d:e2:e1:7c:ab:b7:8b:a1:28:15:6e:e6:3d:df:de:
44:5f:22:cb:03:cd:59:4c:cf:ba:6f:e4:ef:ec:eb:
a0:a2:d8:40:9c:60:c2:e4:ee:94:30:ea:d1:d2:cd:
85:ca:a8:37:b8:39:87:71:47:ca:56:58:1f:e1:f5:
8a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:16:12:93:F2:BF:DF:8E:7D:F2:69:8F:86:71:B6:C4:A5:09:AE:FD
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PhYSk_K_34598mmPhnG2xKUJrv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.157.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
50:e0:4a:9e:44:c7:82:be:9d:c6:fd:72:c7:e6:e9:89:c8:50:
6e:f4:ad:56:f2:89:b8:63:62:c7:48:7b:36:b2:06:eb:6f:a1:
53:88:57:e8:5d:98:3a:1b:c4:b8:ce:a0:2b:d4:de:5d:93:49:
94:c6:fe:f4:ab:d8:9c:89:1d:b6:2a:d3:e7:a6:16:a4:fb:24:
bb:44:a1:36:e4:d1:b5:d1:a2:d4:b2:13:10:4e:7e:9f:b0:1c:
d3:2e:b9:05:21:11:16:88:7f:b7:fa:2b:6a:13:7d:cc:e1:2f:
10:ab:de:df:6f:3b:2f:ec:a6:da:cb:2e:43:8b:07:ef:01:81:
79:48:5e:17:bb:32:2d:30:d0:f5:e1:4a:1a:00:d0:d8:da:71:
5a:4d:63:b3:68:67:2e:c2:5f:93:5e:a2:0c:3f:19:d7:53:cc:
e8:7e:58:60:a9:79:6a:b9:2e:9d:56:01:3b:74:ae:42:bb:a4:
ae:48:d6:59:17:cd:ca:19:c5:e9:dc:a9:bf:1d:8e:42:0c:88:
cf:3f:e8:29:b5:0a:08:57:0e:f5:2f:1b:be:76:fd:cb:37:6c:
14:fd:dc:40:0c:be:42:59:d5:2a:cf:a3:8a:df:c3:a4:a5:f0:
25:74:7b:24:d5:7b:1e:da:79:50:a6:bc:23:4b:24:24:b4:29:
40:14:46:90
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYqSe1L+Q1eGPy00FONTmeN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTE0MDY1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTE2MTI5M2YyYmZkZjhlN2RmMjY5OGY4NjcxYjZjNGE1MDlhZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW8pgc8ypXlLFqcc3V11IEW6zY23
sM8Fkdm4BXOolPK9CxbUeRFn3dWNSGBBtTUxyB6+BLVjiwYKrHwLwnSr77miT+ho
5EuSyM1/8FK2CTfJoA8dfBJFj8oVDNQt46VyRGCdCL5hmNLEjwPWErb1v3sUv6+/
IyZRIp0WEUcxCnW/hW8d3TkhjSC7PjxMsTy6KTzMtPaPnax83e0cDfJW4sOnjr2G
/pBqXAcJg5eRzcmo88ZW7AYATxP/gMVV2xnlhOIN4uF8q7eLoSgVbuY9395EXyLL
A81ZTM+6b+Tv7OugothAnGDC5O6UMOrR0s2Fyqg3uDmHcUfKVlgf4fWKSQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFD4WEpPyv9+OffJpj4ZxtsSlCa79MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUGhZU2tfS18zNDU5OG1tUGhuRzJ4S1VKcnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABbZwAwQA
BbZzAwQALQmoAwQCTfKYAwQAU4mdAwQAWNHbAwQAWNHkAwQCWNHsAwQBWNH2AwQA
WNH+MAwDBABcNNkDBABcNNoDBACy0uUDBAKy0ugDBACy0u0DBADCKS8wDQYJKoZI
hvcNAQELBQADggEBAFDgSp5Ex4K+ncb9csfm6YnIUG70rVbyibhjYsdIezayButv
oVOIV+hdmDobxLjOoCvU3l2TSZTG/vSr2JyJHbYq0+emFqT7JLtEoTbk0bXRotSy
ExBOfp+wHNMuuQUhERaIf7f6K2oTfczhLxCr3t9vOy/sptrLLkOLB+8BgXlIXhe7
Mi0w0PXhShoA0NjacVpNY7NoZy7CX5Neogw/GddTzOh+WGCpeWq5Lp1WATt0rkK7
pK5I1lkXzcoZxencqb8djkIMiM8/6Cm1CghXDvUvG752/cs3bBT93EAMvkJZ1SrP
o4rfw6Sl8CV0eyTVex7aeVCmvCNLJCS0KUAURpA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org