Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QJVWeCIaT46oGUTObjxDO7cw4Ms.roa
File: QJVWeCIaT46oGUTObjxDO7cw4Ms.roa (raw, json)
Hash identifier: iOhv9xYLDBOwBJkCP/6gUTW13xeslso8G3qaiwJ4ZPw=
Subject key identifier: 40:95:56:78:22:1A:4F:8E:A8:19:44:CE:6E:3C:43:3B:B7:30:E0:CB
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018ABBD908096F513003CEE1FDDDDDE1952D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QJVWeCIaT46oGUTObjxDO7cw4Ms.roa
Signing time: Fri 22 Sep 2023 07:44:37 +0000
ROA not before: Fri 22 Sep 2023 07:44:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.228.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:d9:08:09:6f:51:30:03:ce:e1:fd:dd:dd:e1:95:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 22 07:44:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40955678221a4f8ea81944ce6e3c433bb730e0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:e0:b9:e2:a0:29:b8:b9:0a:36:c9:ca:dc:
da:c2:71:02:e4:8e:4a:58:1e:23:ba:55:42:7c:25:
dc:ed:60:0d:6b:f6:83:3d:5b:86:85:16:12:3a:5a:
30:b6:07:fa:81:e0:fa:7a:a8:c6:1b:4a:d6:14:e9:
63:b6:24:33:3b:c3:d4:15:cf:6f:20:4c:7a:9a:1a:
9a:1c:7f:c7:16:5a:4d:e0:3c:03:05:fc:fc:55:8c:
72:d9:cc:ee:b7:a9:33:08:67:49:0a:9b:2d:d0:cb:
4e:a9:cf:97:1d:18:bd:3c:61:8d:13:b2:6d:21:bd:
7c:50:38:9c:c5:96:39:a6:5e:a9:51:ac:f1:60:a9:
42:f1:df:ff:a1:28:8d:88:0a:fd:d1:1f:03:7b:fd:
ba:1b:1c:bc:24:12:07:c5:26:30:33:bf:2d:6b:31:
61:78:86:a2:c9:16:68:5b:8f:17:0f:c3:f7:e4:f9:
e5:25:ba:72:54:7d:c5:da:4e:a8:af:a8:23:a3:62:
90:5f:f5:40:3f:37:3d:f8:50:25:54:1f:66:14:83:
89:b3:bb:89:dc:41:bc:b8:c9:f6:4f:21:25:ea:df:
27:f1:98:59:cd:69:9e:7a:14:39:5d:fc:f8:02:bb:
bf:9c:81:ce:f1:33:69:7e:eb:cf:5c:d3:ed:b6:a3:
cc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:95:56:78:22:1A:4F:8E:A8:19:44:CE:6E:3C:43:3B:B7:30:E0:CB
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QJVWeCIaT46oGUTObjxDO7cw4Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.151.63.0/24
88.209.211.0/24
88.209.217.0/24
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:92:04:ce:64:a8:f0:9e:9c:8c:9f:9a:5b:90:ca:de:b8:0e:
af:30:11:8d:75:62:eb:aa:de:a6:09:91:be:31:2f:e9:a7:bb:
ae:1d:de:c0:02:e6:ab:1c:c3:2e:9a:70:10:36:7d:45:5f:a9:
0f:2c:e3:86:45:62:ae:ff:94:b3:21:51:d1:7f:da:ba:2c:17:
c5:ec:85:c6:c0:a8:c5:db:e5:0f:1f:ed:ca:d5:0d:d5:1c:49:
be:0e:70:f0:e7:0f:54:b3:82:99:e2:f2:b0:aa:d9:65:10:d0:
ae:88:ac:1c:f9:84:e1:62:79:2e:bd:9a:f9:17:be:23:3b:2f:
18:af:17:97:3d:a1:d1:2c:b7:cf:88:3f:d0:e3:c4:6e:d5:a3:
7f:c7:dc:04:69:c9:33:8d:86:ba:d9:74:dd:9e:05:b5:01:44:
b6:a7:36:c2:29:de:9e:77:09:c1:57:00:fc:3f:31:d3:4f:56:
d4:9f:e1:0d:46:ea:db:90:f5:0c:b4:31:3f:a3:a8:64:83:0e:
74:d3:7d:95:26:ad:de:14:7d:16:71:01:e5:39:0d:a3:a1:64:
ed:f8:55:3e:c2:34:69:eb:61:e5:ce:32:00:9c:bf:cb:44:f4:
44:0d:a5:48:c1:6d:af:c5:7c:3b:06:0d:cc:85:ae:72:30:cb:
f1:44:c2:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYq72QgJb1EwA87h/d3d4ZUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTIyMDc0NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk1NTY3ODIyMWE0ZjhlYTgxOTQ0Y2U2ZTNjNDMzYmI3MzBlMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoELgueKgKbi5CjbJytzawnEC5I5K
WB4julVCfCXc7WANa/aDPVuGhRYSOlowtgf6geD6eqjGG0rWFOljtiQzO8PUFc9v
IEx6mhqaHH/HFlpN4DwDBfz8VYxy2czut6kzCGdJCpst0MtOqc+XHRi9PGGNE7Jt
Ib18UDicxZY5pl6pUazxYKlC8d//oSiNiAr90R8De/26Gxy8JBIHxSYwM78tazFh
eIaiyRZoW48XD8P35PnlJbpyVH3F2k6or6gjo2KQX/VAPzc9+FAlVB9mFIOJs7uJ
3EG8uMn2TyEl6t8n8ZhZzWmeehQ5Xfz4Aru/nIHO8TNpfuvPXNPttqPMFwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFECVVngiGk+OqBlEzm48Qzu3MODLMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUUpWV2VDSWFUNDZvR1VUT2JqeERPN2N3NE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATfKWAwQB
WJc4AwQAWJc/AwQAWNHTAwQAWNHZAwQAstLkMA0GCSqGSIb3DQEBCwUAA4IBAQCj
kgTOZKjwnpyMn5pbkMreuA6vMBGNdWLrqt6mCZG+MS/pp7uuHd7AAuarHMMumnAQ
Nn1FX6kPLOOGRWKu/5SzIVHRf9q6LBfF7IXGwKjF2+UPH+3K1Q3VHEm+DnDw5w9U
s4KZ4vKwqtllENCuiKwc+YThYnkuvZr5F74jOy8YrxeXPaHRLLfPiD/Q48Ru1aN/
x9wEackzjYa62XTdngW1AUS2pzbCKd6edwnBVwD8PzHTT1bUn+ENRurbkPUMtDE/
o6hkgw50032VJq3eFH0WcQHlOQ2joWTt+FU+wjRp62HlzjIAnL/LRPREDaVIwW2v
xXw7Bg3Mha5yMMvxRMJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org