Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QO2SCp_kv-pC5tMtiBpIDaBtrYQ.roa
File: QO2SCp_kv-pC5tMtiBpIDaBtrYQ.roa (raw, json)
Hash identifier: z2IQ5miNylor2kjZwiy0d+9uLpb1TBeJtU8P9Iaok28=
Subject key identifier: 40:ED:92:0A:9F:E4:BF:EA:42:E6:D3:2D:88:1A:48:0D:A0:6D:AD:84
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188E820FF75CD3AA95E3569FB072D81A50D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QO2SCp_kv-pC5tMtiBpIDaBtrYQ.roa
Signing time: Fri 23 Jun 2023 12:00:56 +0000
ROA not before: Fri 23 Jun 2023 12:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:20:ff:75:cd:3a:a9:5e:35:69:fb:07:2d:81:a5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 23 12:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40ed920a9fe4bfea42e6d32d881a480da06dad84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:18:30:a7:b0:89:37:6d:db:d8:d4:4f:37:c6:
e9:d9:a4:9b:c6:be:51:87:c5:f3:6f:99:93:ac:f5:
14:c7:1c:3d:6f:89:c0:e0:6d:ad:da:6a:31:e1:fc:
63:52:39:44:a4:0b:d4:16:aa:72:66:ce:14:1c:55:
b0:ec:f6:60:7c:41:f9:f7:ff:9d:6a:04:f6:dc:03:
c6:8a:a0:17:84:7b:ab:c0:ec:ba:72:65:cb:e7:a9:
f4:e0:02:91:0e:cd:65:62:1a:4c:af:b3:0e:1d:9c:
b7:61:52:f4:9e:29:66:1a:d7:c1:cb:26:41:fe:e9:
83:ff:24:71:52:66:71:a2:66:f7:a3:84:c4:7a:dd:
67:26:c6:a1:e8:f9:7a:45:51:d6:e1:2e:87:77:67:
1a:d8:95:dd:e4:55:3f:5c:04:f5:22:06:7c:0c:61:
3c:01:14:9c:07:a9:d0:eb:58:07:b0:92:d0:f4:13:
9e:f4:8f:7d:f0:1f:4d:f0:21:2d:e9:95:01:cb:63:
10:a2:65:ef:83:40:3d:60:ea:2b:7d:ec:23:f1:41:
14:8e:ce:e8:d5:ab:06:02:92:af:58:60:0b:d3:e3:
7f:d4:45:d4:15:a2:0f:e8:6e:6c:47:c7:09:02:ff:
38:fe:2a:f0:aa:bb:87:60:c2:d8:62:5e:f5:93:29:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:92:0A:9F:E4:BF:EA:42:E6:D3:2D:88:1A:48:0D:A0:6D:AD:84
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QO2SCp_kv-pC5tMtiBpIDaBtrYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0-83.137.159.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
be:6a:b3:59:bd:7b:de:b3:e2:7d:4f:60:aa:7f:aa:46:b7:22:
5c:cb:38:a7:62:e4:7e:68:73:d2:10:eb:6a:5c:18:eb:19:36:
12:8c:49:f1:f4:b3:e4:ce:cc:16:03:03:6d:9c:4d:4f:cf:25:
6e:cc:c7:a3:3c:cb:c3:3e:79:c4:30:ab:ad:b1:82:60:df:0c:
74:3f:89:ce:6b:81:5e:a2:98:d4:19:8c:39:c5:bb:0b:ba:fc:
a2:1f:6b:50:3a:2b:aa:1c:91:46:6d:2d:cd:b7:30:1c:be:4a:
a8:54:44:de:ad:f2:87:7a:7f:40:e7:ba:5f:be:eb:71:a9:85:
6c:16:19:8b:ce:e4:b7:fb:f1:80:1a:60:f9:69:c4:bd:79:6f:
b5:38:42:f1:49:75:f4:87:4b:98:60:7f:1b:38:e7:1e:74:80:
bc:28:20:7a:a1:dc:b7:b4:56:03:17:0c:b0:72:6c:5c:a9:0b:
2c:ea:c2:2c:5e:a8:c0:56:10:18:8a:33:15:b7:b4:c0:87:97:
f1:3d:5b:a0:9b:5b:dd:cf:29:25:6b:48:3d:22:ad:f6:b1:94:
b6:3e:e0:69:55:e3:21:98:0c:0a:c2:25:25:a0:2e:67:a8:fd:
f2:38:1a:77:5e:6b:92:f9:7b:75:58:24:4d:c7:0d:14:fc:e9:
eb:cb:87:cd
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYjoIP91zTqpXjVp+wctgaUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjIzMTIwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkOTIwYTlmZTRiZmVhNDJlNmQzMmQ4ODFhNDgwZGEwNmRhZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBgwp7CJN23b2NRPN8bp2aSbxr5R
h8Xzb5mTrPUUxxw9b4nA4G2t2mox4fxjUjlEpAvUFqpyZs4UHFWw7PZgfEH59/+d
agT23APGiqAXhHurwOy6cmXL56n04AKRDs1lYhpMr7MOHZy3YVL0nilmGtfByyZB
/umD/yRxUmZxomb3o4TEet1nJsah6Pl6RVHW4S6Hd2ca2JXd5FU/XAT1IgZ8DGE8
ARScB6nQ61gHsJLQ9BOe9I998B9N8CEt6ZUBy2MQomXvg0A9YOorfewj8UEUjs7o
1asGApKvWGAL0+N/1EXUFaIP6G5sR8cJAv84/irwqruHYMLYYl71kyklTwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFEDtkgqf5L/qQubTLYgaSA2gba2EMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUU8yU0NwX2t2LXBDNXRNdGlCcElEYUJ0cllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmTAMAwQAU4mdAwQFU4mAAwQAWNHbAwQAWNHk
AwQCWNHsAwQBWNH2AwQAWNH+MAwDBABcNNkDBABcNNoDBACy0uUDBAKy0ugDBACy
0u0DBADCKS8wDQYJKoZIhvcNAQELBQADggEBAL5qs1m9e96z4n1PYKp/qka3IlzL
OKdi5H5oc9IQ62pcGOsZNhKMSfH0s+TOzBYDA22cTU/PJW7Mx6M8y8M+ecQwq62x
gmDfDHQ/ic5rgV6imNQZjDnFuwu6/KIfa1A6K6ockUZtLc23MBy+SqhURN6t8od6
f0Dnul++63GphWwWGYvO5Lf78YAaYPlpxL15b7U4QvFJdfSHS5hgfxs45x50gLwo
IHqh3Le0VgMXDLBybFypCyzqwixeqMBWEBiKMxW3tMCHl/E9W6CbW93PKSVrSD0i
rfaxlLY+4GlV4yGYDArCJSWgLmeo/fI4Gndea5L5e3VYJE3HDRT86evLh80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org