Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/R6t3WUnmtlUN0-hqTlZpa_k0iXM.roa
File: R6t3WUnmtlUN0-hqTlZpa_k0iXM.roa (raw, json)
Hash identifier: O9EK0mU1q1GJFfE5qRDBr+v+JacA+rKYS8TWwrvQSXg=
Subject key identifier: 47:AB:77:59:49:E6:B6:55:0D:D3:E8:6A:4E:56:69:6B:F9:34:89:73
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187E8B11605933963F5727920442F04B093
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/R6t3WUnmtlUN0-hqTlZpa_k0iXM.roa
Signing time: Thu 04 May 2023 21:35:32 +0000
ROA not before: Thu 04 May 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.228.0/22 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e8:b1:16:05:93:39:63:f5:72:79:20:44:2f:04:b0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 4 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47ab775949e6b6550dd3e86a4e56696bf9348973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:81:64:1a:b7:8b:75:5a:2b:dd:4b:94:00:95:
32:92:23:d4:8f:40:76:ee:29:14:18:79:03:fe:8b:
12:52:70:d1:c4:5f:94:e0:62:fd:1e:0d:39:21:1e:
f9:b7:8b:1c:1d:95:09:f6:58:7d:a1:a6:e2:09:d8:
7e:98:df:bc:fd:c2:4e:5e:ba:f0:f0:9b:11:c2:3c:
f7:0b:2d:5c:06:0b:d9:10:3b:39:0c:d3:2d:72:33:
65:c9:62:78:c1:2c:73:a0:f6:bf:62:bd:72:df:5a:
22:9a:52:c4:e5:26:58:7b:d7:cf:9a:38:cd:ab:6d:
4d:f5:5d:80:89:6d:61:59:34:b6:6e:ed:0f:cc:5d:
86:13:4a:6f:ce:5d:14:63:74:81:1d:fa:3b:16:8b:
4d:7f:26:5c:6e:ff:de:a5:fc:65:ed:59:ab:69:21:
be:7b:71:6d:d2:f6:c7:77:2a:4c:54:6c:cf:95:20:
9c:cd:a4:31:53:a0:cd:80:e1:b4:a6:30:60:45:76:
14:26:6b:13:bd:92:7b:16:52:6a:b7:83:2a:22:2e:
4e:43:e0:c7:db:fb:d0:c7:c9:06:33:82:e2:f4:f4:
34:9b:1f:72:e8:be:af:87:b1:ca:cd:6d:b2:b5:07:
5c:84:e1:b6:19:9d:d4:7f:f7:e3:e8:de:85:9b:02:
75:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AB:77:59:49:E6:B6:55:0D:D3:E8:6A:4E:56:69:6B:F9:34:89:73
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/R6t3WUnmtlUN0-hqTlZpa_k0iXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.205.0-88.209.206.255
88.209.217.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.228.0-178.210.235.255
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a6:76:ce:c4:8b:ca:f8:2d:5f:60:c7:7b:3f:b1:dd:c5:b4:
89:8b:99:27:0e:5d:a0:23:6e:a4:85:a3:9f:f0:e7:a8:06:96:
97:6c:72:b9:7e:8a:a6:40:e9:04:2a:67:bb:f8:35:98:be:8e:
24:ac:80:f3:de:51:25:c6:b4:2e:e9:cd:31:6b:83:0d:34:3e:
3f:ce:e1:d3:48:8d:37:15:c4:b3:2d:d9:ed:2a:29:1f:1c:10:
3e:ef:f3:a6:37:57:da:e6:62:b1:22:d8:19:8a:bb:a0:77:8b:
28:97:69:9b:63:30:d0:ac:e2:9b:a3:ac:84:ea:5b:30:d2:56:
45:db:81:b6:78:7b:86:4d:ed:b3:65:c0:a5:b5:a9:02:3d:6d:
c6:bf:07:48:22:90:49:b5:fc:3e:7f:3f:64:f2:fc:3f:8b:b8:
1a:fc:bd:ba:5a:2f:89:53:94:a4:e9:72:11:d4:39:41:d1:9b:
27:16:cc:9b:42:f3:7e:13:b5:05:22:b9:ae:8e:5f:6c:db:dd:
35:32:e6:55:c2:7f:dd:56:e3:31:f8:51:0c:71:47:a3:0c:a2:
ee:d8:c0:c6:64:2f:28:16:06:44:9f:5a:7d:38:38:75:37:0f:
6c:85:f5:4c:cc:01:6e:8b:39:d8:29:a2:e1:0c:b8:39:5c:52:
66:50:9e:81
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYfosRYFkzlj9XJ5IEQvBLCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTA0MjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2FiNzc1OTQ5ZTZiNjU1MGRkM2U4NmE0ZTU2Njk2YmY5MzQ4OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4FkGreLdVor3UuUAJUykiPUj0B2
7ikUGHkD/osSUnDRxF+U4GL9Hg05IR75t4scHZUJ9lh9oabiCdh+mN+8/cJOXrrw
8JsRwjz3Cy1cBgvZEDs5DNMtcjNlyWJ4wSxzoPa/Yr1y31oimlLE5SZYe9fPmjjN
q21N9V2AiW1hWTS2bu0PzF2GE0pvzl0UY3SBHfo7FotNfyZcbv/epfxl7VmraSG+
e3Ft0vbHdypMVGzPlSCczaQxU6DNgOG0pjBgRXYUJmsTvZJ7FlJqt4MqIi5OQ+DH
2/vQx8kGM4Li9PQ0mx9y6L6vh7HKzW2ytQdchOG2GZ3Uf/fj6N6FmwJ1LwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEerd1lJ5rZVDdPoak5WaWv5NIlzMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUjZ0M1dVbm10bFVOMC1ocVRsWnBhX2swaVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAVOJnAME
AFOJnwMEAFiXPjAMAwQAWNHNAwQAWNHOAwQAWNHZAwQAWNHbAwQAWNHkAwQCWNHs
AwQBWNH2AwQAWNH+MAwDBABcNNkDBABcNNowDAMEArLS5AMEArLS6AMEALLS7QME
AMIpLzANBgkqhkiG9w0BAQsFAAOCAQEAk6Z2zsSLyvgtX2DHez+x3cW0iYuZJw5d
oCNupIWjn/DnqAaWl2xyuX6KpkDpBCpnu/g1mL6OJKyA895RJca0LunNMWuDDTQ+
P87h00iNNxXEsy3Z7SopHxwQPu/zpjdX2uZisSLYGYq7oHeLKJdpm2Mw0Kzim6Os
hOpbMNJWRduBtnh7hk3ts2XApbWpAj1txr8HSCKQSbX8Pn8/ZPL8P4u4Gvy9ulov
iVOUpOlyEdQ5QdGbJxbMm0LzfhO1BSK5ro5fbNvdNTLmVcJ/3VbjMfhRDHFHowyi
7tjAxmQvKBYGRJ9afTg4dTcPbIX1TMwBbos52Cmi4Qy4OVxSZlCegQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org