Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SwBGbjfN5F4f1o8qEsb-FGeqcu0.roa
File: SwBGbjfN5F4f1o8qEsb-FGeqcu0.roa (raw, json)
Hash identifier: X/GYALwg/PrC2QS+9Rhqf6Nc6+qDV5yVQ7/AxMSFOHg=
Subject key identifier: 4B:00:46:6E:37:CD:E4:5E:1F:D6:8F:2A:12:C6:FE:14:67:AA:72:ED
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018AEF6B488D9D79DF0E38A2CB16DCFF02E5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SwBGbjfN5F4f1o8qEsb-FGeqcu0.roa
Signing time: Mon 02 Oct 2023 08:05:00 +0000
ROA not before: Mon 02 Oct 2023 08:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5065
IP address blocks: 178.210.231.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
88.151.57.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:6b:48:8d:9d:79:df:0e:38:a2:cb:16:dc:ff:02:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 2 08:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b00466e37cde45e1fd68f2a12c6fe1467aa72ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:96:9d:66:bb:cb:dd:24:c4:12:9e:ab:2d:
b9:70:67:02:ca:25:63:c7:64:26:39:84:13:a1:3d:
74:37:b1:bd:2a:d0:41:71:00:ab:e0:b2:c7:7a:3a:
c1:59:5e:15:c8:e2:b7:48:81:b7:f5:5b:74:4a:07:
bd:1b:25:9c:e1:c2:18:0f:3f:e7:10:9d:4b:dc:26:
7b:cc:74:e4:7a:f3:fa:65:8c:21:ab:cf:95:f4:4c:
49:1b:60:c5:78:b8:c2:f0:5e:00:ec:51:f3:df:a9:
cd:94:f4:bc:f1:6a:41:54:91:f6:12:89:ea:a4:e8:
41:61:03:a9:28:e5:72:5b:9b:99:b3:9c:ea:ba:63:
43:97:32:6e:86:14:ab:3a:a1:03:bb:e2:e3:6a:1d:
a3:08:67:37:38:85:17:3e:02:1e:5a:bb:da:87:7f:
45:34:00:c8:87:96:ef:b4:07:f8:66:d1:8e:e6:9f:
c7:fb:cb:71:a1:84:2e:ea:72:43:d0:b0:0a:20:5a:
16:f5:85:dc:6b:87:a9:8f:d5:33:77:f4:9b:9c:8d:
bd:eb:98:01:28:ab:3a:15:18:ba:d9:9a:82:c0:5f:
24:da:1c:a9:8d:52:ec:35:0f:fc:d2:3c:6e:8c:bf:
63:e2:25:6a:e3:51:78:0e:44:a2:0d:97:98:9c:11:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:00:46:6E:37:CD:E4:5E:1F:D6:8F:2A:12:C6:FE:14:67:AA:72:ED
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SwBGbjfN5F4f1o8qEsb-FGeqcu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.169.0-2.58.170.255
77.242.158.0/24
88.151.57.0-88.151.58.255
178.210.230.0/23
Signature Algorithm: sha256WithRSAEncryption
34:e4:86:77:49:00:9a:ed:79:87:68:ad:db:13:54:3b:e3:15:
c9:db:14:7f:3d:87:03:8b:2f:fd:e0:9f:40:83:16:11:9b:5b:
31:cc:70:47:62:9a:9e:d6:f6:f8:6e:25:da:b6:2d:a7:36:51:
3a:c7:42:0d:86:48:40:33:64:39:8e:8b:23:66:9e:26:7d:9f:
b7:4d:84:20:a5:a9:ef:78:f7:9c:41:b3:b0:56:42:72:3d:3b:
67:6f:e0:ba:1f:78:e3:97:c0:0c:d1:de:df:ce:76:8c:02:9a:
0d:61:e9:c7:a7:63:7f:9e:b0:16:81:84:43:ae:4d:91:6a:80:
01:6b:09:ee:4e:36:e1:fb:0a:a9:bd:46:70:23:5c:4d:6b:f4:
cf:c5:f8:c6:50:86:57:2b:f2:a2:8a:e3:85:ac:e1:37:a1:1c:
fa:c2:99:d7:c2:9d:39:48:fb:cc:ef:96:ac:e2:1c:00:97:de:
90:f4:0d:5e:92:56:0a:46:1d:52:e1:b2:74:69:eb:bc:3d:2b:
98:cc:26:56:5f:0c:87:31:12:90:5e:7e:0d:93:d8:1a:5c:68:
ec:46:11:75:40:b9:a4:17:39:2a:21:53:7f:c8:83:6f:06:70:
76:07:10:d6:f1:94:43:83:7e:7b:b8:77:66:98:2a:03:7e:63:
a9:80:7c:db
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYrva0iNnXnfDjiiyxbc/wLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDAyMDgwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjAwNDY2ZTM3Y2RlNDVlMWZkNjhmMmExMmM2ZmUxNDY3YWE3MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusOWnWa7y90kxBKeqy25cGcCyiVj
x2QmOYQToT10N7G9KtBBcQCr4LLHejrBWV4VyOK3SIG39Vt0Sge9GyWc4cIYDz/n
EJ1L3CZ7zHTkevP6ZYwhq8+V9ExJG2DFeLjC8F4A7FHz36nNlPS88WpBVJH2Eonq
pOhBYQOpKOVyW5uZs5zqumNDlzJuhhSrOqEDu+Ljah2jCGc3OIUXPgIeWrvah39F
NADIh5bvtAf4ZtGO5p/H+8txoYQu6nJD0LAKIFoW9YXca4epj9Uzd/SbnI2965gB
KKs6FRi62ZqCwF8k2hypjVLsNQ/80jxujL9j4iVq41F4DkSiDZeYnBGvqwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEsARm43zeReH9aPKhLG/hRnqnLtMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvU3dCR2JqZk41RjRmMW84cUVzYi1GR2VxY3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAACOqkD
BAACOqoDBABN8p4wDAMEAFiXOQMEAFiXOgMEAbLS5jANBgkqhkiG9w0BAQsFAAOC
AQEANOSGd0kAmu15h2it2xNUO+MVydsUfz2HA4sv/eCfQIMWEZtbMcxwR2Kantb2
+G4l2rYtpzZROsdCDYZIQDNkOY6LI2aeJn2ft02EIKWp73j3nEGzsFZCcj07Z2/g
uh9445fADNHe3852jAKaDWHpx6djf56wFoGEQ65NkWqAAWsJ7k424fsKqb1GcCNc
TWv0z8X4xlCGVyvyoorjhazhN6Ec+sKZ18KdOUj7zO+WrOIcAJfekPQNXpJWCkYd
UuGydGnrvD0rmMwmVl8MhzESkF5+DZPYGlxo7EYRdUC5pBc5KiFTf8iDbwZwdgcQ
1vGUQ4N+e7h3ZpgqA35jqYB82w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org