Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q3e4e1_pRjROD_dhkn8FL8XHNTo.roa
File: Q3e4e1_pRjROD_dhkn8FL8XHNTo.roa (raw, json)
Hash identifier: /d7/6EUagBlzkQc/TmJ97JbYxtgmi2veFfHirUpMR6U=
Subject key identifier: 43:77:B8:7B:5F:E9:46:34:4E:0F:F7:61:92:7F:05:2F:C5:C7:35:3A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018DEB3531FD3EB1715779D32BF5791C1935
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q3e4e1_pRjROD_dhkn8FL8XHNTo.roa
Signing time: Tue 27 Feb 2024 15:35:48 +0000
ROA not before: Tue 27 Feb 2024 15:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 5.182.115.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
83.137.158.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.254.0/23 maxlen: 23
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:35:31:fd:3e:b1:71:57:79:d3:2b:f5:79:1c:19:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 27 15:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4377b87b5fe946344e0ff761927f052fc5c7353a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:34:08:c8:eb:b1:e4:cb:13:f4:57:7d:ad:28:
71:5f:19:ae:e7:c6:43:3a:45:72:84:86:cd:4f:87:
e5:f8:0a:7e:b8:a1:7c:6a:38:9d:a9:17:27:00:84:
09:a3:a7:78:be:e8:63:7e:a3:bc:79:50:8c:0b:93:
7e:18:f4:f6:a1:c6:6c:78:fa:8c:dc:1f:d1:e8:c2:
b5:09:bb:70:06:04:3d:17:da:32:e3:a9:f5:11:16:
00:c5:ea:4d:aa:5d:f8:c8:50:b1:63:72:95:91:db:
a6:31:d4:0e:25:b8:b1:c1:8c:2f:7f:52:96:fa:23:
37:c5:91:23:bc:2f:c0:cc:47:23:62:64:f4:81:ee:
59:04:36:46:24:f0:a9:05:dd:88:aa:04:3c:bd:2a:
22:cc:59:5a:00:ab:37:b7:31:fd:1f:f2:d8:9a:58:
0b:92:93:df:c5:df:41:51:98:69:7b:9d:03:75:8d:
8b:29:11:02:f3:d2:48:70:78:27:17:a5:cc:fe:c1:
03:f9:ff:4d:00:e2:0f:f0:d8:55:c1:c1:9f:62:9e:
2f:98:1b:f5:66:fb:5b:fc:32:4f:dd:30:ae:ed:5c:
33:ba:ff:8a:53:e2:34:68:49:be:2a:fe:ce:2a:9a:
6b:f6:58:08:b2:1e:0e:11:02:f2:b0:ad:71:9a:ce:
50:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:77:B8:7B:5F:E9:46:34:4E:0F:F7:61:92:7F:05:2F:C5:C7:35:3A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Q3e4e1_pRjROD_dhkn8FL8XHNTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.115.0/24
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0-77.242.155.255
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.219.0/24
92.52.208.0/21
178.210.224.0-178.210.251.255
178.210.254.0/23
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
73:5a:92:60:62:b4:14:c9:1a:80:dc:5d:09:0d:3a:46:15:5d:
7d:67:8a:94:0e:22:4d:48:32:eb:9a:bc:43:22:20:cb:19:e6:
10:ad:a2:9b:b0:c3:54:83:26:77:7a:06:42:e1:8b:f7:a1:ee:
eb:b0:2d:36:4e:a9:98:47:4b:f9:f3:43:75:b7:7c:66:f0:fd:
b1:36:67:f1:68:40:03:52:23:3d:84:ee:d8:8f:3b:c0:03:6c:
4f:01:e4:fa:71:4e:22:f1:b4:6c:32:1e:cf:a8:29:9b:f9:09:
35:01:8f:5f:30:04:1d:6c:e1:af:ba:67:bc:6c:e6:5b:02:b9:
2d:96:4e:2a:7f:1d:40:5b:1a:9c:10:8a:1b:bd:03:66:da:80:
c8:a4:80:82:da:16:48:d2:90:9e:1c:f8:fb:93:9b:7c:09:c5:
ca:a9:de:0b:69:d2:a1:af:e6:b9:01:3c:54:84:22:97:ae:bc:
24:59:48:fa:aa:7b:55:94:bf:47:21:d2:33:eb:26:45:be:1b:
44:08:f5:78:be:7d:c7:b2:c8:bb:60:e0:9b:4f:83:39:12:96:
6e:f3:79:24:35:28:f2:c8:0a:58:b1:49:26:e2:33:4d:ac:c9:
b9:45:48:f1:47:d3:87:de:48:ad:18:e5:80:90:f1:4f:90:25:
f7:eb:f1:fd
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY3rNTH9PrFxV3nTK/V5HBk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMjI3MTUzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc3Yjg3YjVmZTk0NjM0NGUwZmY3NjE5MjdmMDUyZmM1YzczNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDQIyOux5MsT9Fd9rShxXxmu58ZD
OkVyhIbNT4fl+Ap+uKF8ajidqRcnAIQJo6d4vuhjfqO8eVCMC5N+GPT2ocZsePqM
3B/R6MK1CbtwBgQ9F9oy46n1ERYAxepNql34yFCxY3KVkdumMdQOJbixwYwvf1KW
+iM3xZEjvC/AzEcjYmT0ge5ZBDZGJPCpBd2IqgQ8vSoizFlaAKs3tzH9H/LYmlgL
kpPfxd9BUZhpe50DdY2LKREC89JIcHgnF6XM/sED+f9NAOIP8NhVwcGfYp4vmBv1
Zvtb/DJP3TCu7Vwzuv+KU+I0aEm+Kv7OKppr9lgIsh4OEQLysK1xms5QpQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFEN3uHtf6UY0Tg/3YZJ/BS/FxzU6MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUTNlNGUxX3BSalJPRF9kaGtuOEZMOFhITlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAAF
tnMwDAMEAC0JqQMEAi0JqAMEAS0OCgMEAC1YXTAMAwQETfKQAwQATfKUMAwDBABN
8pcDBAJN8pgDBABTiZ4DBABY0cEDBABY0cQDBABY0dADBABY0dIDBAJY0dQDBABY
0dsDBANcNNAwDAMEBbLS4AMEArLS+AMEAbLS/gMEA7L4yAMEAMGKfTANBAIAAjAH
AwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEAc1qSYGK0FMkagNxdCQ06RhVdfWeK
lA4iTUgy65q8QyIgyxnmEK2im7DDVIMmd3oGQuGL96Hu67AtNk6pmEdL+fNDdbd8
ZvD9sTZn8WhAA1IjPYTu2I87wANsTwHk+nFOIvG0bDIez6gpm/kJNQGPXzAEHWzh
r7pnvGzmWwK5LZZOKn8dQFsanBCKG70DZtqAyKSAgtoWSNKQnhz4+5ObfAnFyqne
C2nSoa/muQE8VIQil668JFlI+qp7VZS/RyHSM+smRb4bRAj1eL59x7LIu2Dgm0+D
ORKWbvN5JDUo8sgKWLFJJuIzTazJuUVI8UfTh95IrRjlgJDxT5Al9+vx/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org