Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S1Iz5Qt2GcThnHnvz9c-_AblRVw.roa
File: S1Iz5Qt2GcThnHnvz9c-_AblRVw.roa (raw, json)
Hash identifier: uBlxPHzl66+X4HBj6YZkKDA9XURJiwL5TEUyibkUHnQ=
Subject key identifier: 4B:52:33:E5:0B:76:19:C4:E1:9C:79:EF:CF:D7:3E:FC:06:E5:45:5C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187B7508AC81D8F5146794D5EB8D6B7F754
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S1Iz5Qt2GcThnHnvz9c-_AblRVw.roa
Signing time: Tue 25 Apr 2023 07:28:41 +0000
ROA not before: Tue 25 Apr 2023 07:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
88.209.249.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:50:8a:c8:1d:8f:51:46:79:4d:5e:b8:d6:b7:f7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 25 07:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5233e50b7619c4e19c79efcfd73efc06e5455c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:03:92:79:8c:ce:c8:ac:1c:44:39:20:7f:0f:
9b:ec:f3:86:9e:71:49:f1:2e:30:7f:6a:62:48:9b:
04:04:34:54:7a:9f:1a:b3:82:60:3d:a2:b0:ea:d3:
66:48:63:dd:61:3d:6c:c6:f2:66:9a:7d:a6:43:2e:
62:89:68:71:5d:ba:26:d9:ab:fc:da:6b:ac:1b:6d:
45:18:ce:e2:ee:12:d9:69:68:af:df:ec:b9:af:93:
de:64:00:87:28:ba:81:34:35:cc:f7:75:9d:9a:9e:
e0:59:09:8e:61:27:35:a1:f0:49:33:37:de:c5:60:
75:f6:33:75:6a:9b:09:4d:d6:b4:12:05:dd:d9:ff:
cc:ce:99:e4:d9:d7:3b:1d:22:8d:d3:f1:3e:6a:3e:
48:cd:02:d4:93:dc:29:27:6b:cc:a8:55:f9:34:b0:
ee:f3:01:48:c8:2e:77:3f:5d:77:2d:ea:28:a8:df:
33:5d:6f:4a:f0:de:36:eb:11:8d:49:9e:9c:ca:15:
9c:35:ab:68:5f:d1:a9:72:99:99:b2:72:17:42:bb:
02:a9:b8:83:bd:ba:cf:1e:70:95:37:35:82:3e:69:
52:92:94:87:1a:87:52:a1:41:7f:b9:23:c5:58:2c:
19:19:32:73:9f:50:29:a1:7f:7a:9a:ea:a6:3a:aa:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:52:33:E5:0B:76:19:C4:E1:9C:79:EF:CF:D7:3E:FC:06:E5:45:5C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/S1Iz5Qt2GcThnHnvz9c-_AblRVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.56.0/24
88.151.61.0/24
88.209.209.0/24
88.209.216.0/24
88.209.221.0/24
88.209.225.0/24
88.209.245.0/24
88.209.248.0/23
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:0f:ab:fa:ef:89:8f:27:85:ef:76:90:07:de:4c:94:82:cd:
fa:e9:99:c6:b6:3a:6c:0b:12:73:42:e5:96:a3:6c:c3:c7:98:
a6:e5:43:64:52:a0:a1:17:b2:2f:7d:77:91:7b:48:bd:06:34:
52:b3:e2:d2:75:48:c9:d6:b1:c2:1c:35:66:d7:57:1d:89:ae:
ec:d8:53:16:ee:b5:2a:0a:5d:41:ee:fd:f9:8e:38:01:a2:66:
54:ea:00:f9:e6:6d:1f:f4:6a:9a:69:87:6d:d4:06:a2:16:f3:
a1:36:8e:f0:8d:d6:39:8d:d4:2d:d2:67:5c:56:75:54:04:2f:
9b:29:b9:80:32:24:21:f2:7e:0c:98:14:eb:fb:32:48:36:7b:
fd:fd:34:12:bf:58:33:d4:88:42:60:2e:fc:8a:b8:62:63:08:
6b:c6:40:3d:35:5f:0f:4f:4c:c6:81:16:14:2f:55:12:83:1c:
f2:11:42:7b:f2:cc:6f:29:a8:85:f1:bb:77:5d:34:b0:16:2b:
3c:a9:aa:1f:05:69:55:ef:b3:2a:0e:9d:30:a2:70:76:12:72:
a8:8f:16:5a:77:5d:34:5e:21:e5:0f:71:45:b7:69:f8:f4:4e:
72:c8:04:f6:f2:cb:fb:56:ed:b1:f0:19:b6:27:6a:5f:01:d3:
32:b2:4e:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYe3UIrIHY9RRnlNXrjWt/dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNDI1MDcyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjUyMzNlNTBiNzYxOWM0ZTE5Yzc5ZWZjZmQ3M2VmYzA2ZTU0NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QOSeYzOyKwcRDkgfw+b7POGnnFJ
8S4wf2piSJsEBDRUep8as4JgPaKw6tNmSGPdYT1sxvJmmn2mQy5iiWhxXbom2av8
2musG21FGM7i7hLZaWiv3+y5r5PeZACHKLqBNDXM93Wdmp7gWQmOYSc1ofBJMzfe
xWB19jN1apsJTda0EgXd2f/Mzpnk2dc7HSKN0/E+aj5IzQLUk9wpJ2vMqFX5NLDu
8wFIyC53P113LeooqN8zXW9K8N426xGNSZ6cyhWcNatoX9GpcpmZsnIXQrsCqbiD
vbrPHnCVNzWCPmlSkpSHGodSoUF/uSPFWCwZGTJzn1ApoX96muqmOqqOgQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEtSM+ULdhnE4Zx578/XPvwG5UVcMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUzFJejVRdDJHY1Robkhudno5Yy1fQWJsUlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABbZxAwQA
WJc4AwQAWJc9AwQAWNHRAwQAWNHYAwQAWNHdAwQAWNHhAwQAWNH1AwQBWNH4AwQA
stLsMA0GCSqGSIb3DQEBCwUAA4IBAQAOD6v674mPJ4XvdpAH3kyUgs366ZnGtjps
CxJzQuWWo2zDx5im5UNkUqChF7IvfXeRe0i9BjRSs+LSdUjJ1rHCHDVm11cdia7s
2FMW7rUqCl1B7v35jjgBomZU6gD55m0f9GqaaYdt1AaiFvOhNo7wjdY5jdQt0mdc
VnVUBC+bKbmAMiQh8n4MmBTr+zJINnv9/TQSv1gz1IhCYC78irhiYwhrxkA9NV8P
T0zGgRYUL1USgxzyEUJ78sxvKaiF8bt3XTSwFis8qaofBWlV77MqDp0wonB2EnKo
jxZad100XiHlD3FFt2n49E5yyAT28sv7Vu2x8Bm2J2pfAdMysk48
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org