Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Qtfy_z3tLxAG-LoPCGvNQmdJWRg.roa
File: Qtfy_z3tLxAG-LoPCGvNQmdJWRg.roa (raw, json)
Hash identifier: 79HiUKspSz2ts6NUt9wzyh0ecHk/nWQ+ZVm0D16iGqQ=
Subject key identifier: 42:D7:F2:FF:3D:ED:2F:10:06:F8:BA:0F:08:6B:CD:42:67:49:59:18
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01840F2E21B469DC77F6C72260984F284261
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Qtfy_z3tLxAG-LoPCGvNQmdJWRg.roa
Signing time: Tue 25 Oct 2022 12:46:32 +0000
ROA not before: Tue 25 Oct 2022 12:46:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.237.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:2e:21:b4:69:dc:77:f6:c7:22:60:98:4f:28:42:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 25 12:46:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42d7f2ff3ded2f1006f8ba0f086bcd4267495918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5e:aa:13:2f:ec:2f:70:06:6e:b0:74:3a:d3:
6a:4c:f3:5d:48:33:64:a4:b2:fd:53:40:ec:8d:f4:
a4:5c:eb:5b:2e:fc:ac:dd:4e:1d:ad:8e:b8:e1:ca:
28:a4:55:2f:30:e7:59:61:b0:d6:d2:f8:6f:99:d4:
99:ca:70:60:36:7d:b1:10:39:e3:c2:2c:93:43:c9:
27:29:5f:54:d1:bb:d0:5f:a2:73:3b:a2:f6:e0:29:
23:ed:61:3e:bf:3f:86:0e:26:10:88:95:82:09:73:
f7:41:67:18:f4:7e:ad:61:61:48:af:48:8b:65:39:
69:f2:30:24:a6:50:85:f5:0b:b2:8a:79:be:76:38:
dc:35:19:1d:0e:ab:48:0e:48:49:4a:e8:81:1c:10:
58:90:03:08:f1:d9:3b:ab:94:f2:60:44:d0:96:a6:
6c:bd:fa:6f:cb:c6:e8:81:fc:44:d6:00:14:94:12:
6b:0d:9d:fd:66:e0:05:fe:38:84:68:2d:f3:94:13:
e6:11:8f:0e:9c:7e:af:d8:4f:a4:db:7d:e2:b0:b3:
b8:2a:b4:b7:e8:cb:2f:7b:9e:c6:df:f5:4d:e6:06:
7e:ea:a1:fe:5e:77:48:98:01:87:b2:33:9c:c4:58:
3e:a4:8d:29:3c:67:dc:42:e2:b8:da:be:0f:b5:6d:
96:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D7:F2:FF:3D:ED:2F:10:06:F8:BA:0F:08:6B:CD:42:67:49:59:18
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Qtfy_z3tLxAG-LoPCGvNQmdJWRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.228.0/23
88.209.236.0/22
88.209.246.0/23
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
53:39:85:2d:c5:0e:45:e9:7c:8f:24:a5:63:aa:18:ed:b1:79:
74:c9:4f:a4:bb:44:f1:9f:6c:4f:b9:f9:c0:04:85:04:4e:9e:
f2:43:e7:b1:d5:e3:74:2e:73:c0:8c:4a:60:44:e9:09:42:7c:
bb:32:c5:21:89:0a:ee:d5:79:be:8d:42:77:8e:31:c3:2f:a8:
b7:71:b7:99:1c:92:c1:31:46:14:ca:b7:d6:38:cb:b1:66:f3:
06:df:dd:b6:65:4b:2e:92:85:b0:d9:bc:b0:08:ef:e9:7c:c1:
dc:cd:3f:6e:5f:1b:e3:cb:43:6b:ba:60:9f:07:99:d8:92:94:
95:96:f8:bb:f5:47:44:81:b9:23:ff:e4:29:62:f3:51:1e:a3:
0b:93:75:25:35:d4:30:e0:98:48:23:12:13:0e:0b:96:4c:fa:
98:fb:e2:27:53:30:f9:2a:3b:9d:f0:4d:76:bc:5c:bd:a6:ed:
3b:71:a3:cb:aa:e3:ca:50:98:5f:ec:e4:8d:1a:a6:97:f4:57:
5a:17:8e:f7:c7:5c:70:f1:27:c9:f8:02:18:f7:35:0c:b8:5c:
1d:7f:fa:e2:01:55:40:af:2c:60:58:f0:a3:15:1c:75:06:54:
a5:ea:0a:8a:40:68:db:7f:55:7c:e3:bd:4e:69:32:34:eb:3d:
b1:61:d2:77
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYQPLiG0adx39sciYJhPKEJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMDI1MTI0NjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ3ZjJmZjNkZWQyZjEwMDZmOGJhMGYwODZiY2Q0MjY3NDk1OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl6qEy/sL3AGbrB0OtNqTPNdSDNk
pLL9U0DsjfSkXOtbLvys3U4drY644coopFUvMOdZYbDW0vhvmdSZynBgNn2xEDnj
wiyTQ8knKV9U0bvQX6JzO6L24Ckj7WE+vz+GDiYQiJWCCXP3QWcY9H6tYWFIr0iL
ZTlp8jAkplCF9Quyinm+djjcNRkdDqtIDkhJSuiBHBBYkAMI8dk7q5TyYETQlqZs
vfpvy8bogfxE1gAUlBJrDZ39ZuAF/jiEaC3zlBPmEY8OnH6v2E+k233isLO4KrS3
6Msve57G3/VN5gZ+6qH+XndImAGHsjOcxFg+pI0pPGfcQuK42r4PtW2WgQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFELX8v897S8QBvi6DwhrzUJnSVkYMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUXRmeV96M3RMeEFHLUxvUENHdk5RbWRKV1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAU4mfAwQAWJc+AwQB
WNHkAwQCWNHsAwQBWNH2AwQAXDTaAwQCstLoAwQAstLtAwQAwikvMA0GCSqGSIb3
DQEBCwUAA4IBAQBTOYUtxQ5F6XyPJKVjqhjtsXl0yU+ku0Txn2xPufnABIUETp7y
Q+ex1eN0LnPAjEpgROkJQny7MsUhiQru1Xm+jUJ3jjHDL6i3cbeZHJLBMUYUyrfW
OMuxZvMG3922ZUsukoWw2bywCO/pfMHczT9uXxvjy0NrumCfB5nYkpSVlvi79UdE
gbkj/+QpYvNRHqMLk3UlNdQw4JhIIxITDguWTPqY++InUzD5Kjud8E12vFy9pu07
caPLquPKUJhf7OSNGqaX9FdaF473x1xw8SfJ+AIY9zUMuFwdf/riAVVAryxgWPCj
FRx1BlSl6gqKQGjbf1V8471OaTI06z2xYdJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org