Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TTD_5re8EeL4hMaIsygiRDsAlc4.roa
File: TTD_5re8EeL4hMaIsygiRDsAlc4.roa (raw, json)
Hash identifier: WYEmsudLVAjU3/nEIG4jpXiQby8OpBFSQzvEqVF9tME=
Subject key identifier: 4D:30:FF:E6:B7:BC:11:E2:F8:84:C6:88:B3:28:22:44:3B:00:95:CE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01884D5EE6451851A0FCD585FA68747D9AEB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TTD_5re8EeL4hMaIsygiRDsAlc4.roa
Signing time: Wed 24 May 2023 10:47:24 +0000
ROA not before: Wed 24 May 2023 10:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
178.210.231.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:5e:e6:45:18:51:a0:fc:d5:85:fa:68:74:7d:9a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 24 10:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d30ffe6b7bc11e2f884c688b32822443b0095ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:5c:05:9d:e6:96:46:d5:10:f7:52:d0:21:
e0:1a:8a:b2:4b:52:f6:f0:fb:b4:29:6c:00:83:e8:
49:2b:29:82:29:a9:71:f5:1c:26:5c:83:d9:98:2a:
f2:9b:d3:d6:18:c6:4c:2d:dc:fa:85:fe:f0:61:1e:
76:fe:7c:61:5c:33:73:53:b6:cc:b1:fe:d1:a0:f8:
1f:af:58:6e:71:46:49:0b:73:b2:e0:8c:b3:8e:87:
13:95:87:1a:61:57:9e:5b:88:81:c8:17:9e:fb:68:
f8:f4:9f:99:0a:1f:1a:ec:d6:a9:e5:34:ef:d6:58:
e1:75:3f:98:54:08:3c:db:16:be:d5:02:64:86:47:
37:00:11:20:00:aa:c0:13:e8:20:11:fd:e6:ec:85:
6b:96:1d:8d:d7:e4:24:0c:a5:7a:4e:ea:1c:aa:86:
19:2a:ea:45:4f:36:08:69:a6:a8:1e:17:d6:10:aa:
80:e4:23:ce:6a:b3:56:1d:b2:0d:6d:ad:6a:9b:98:
95:7d:4d:e5:06:21:92:c9:d9:13:d2:85:2a:e5:74:
75:03:0a:19:0d:8e:f9:4b:e2:fc:7b:e2:79:0a:e7:
4a:94:b7:e9:82:c6:e1:dc:05:19:65:51:05:b2:fd:
9f:81:0c:db:98:62:5d:cc:4b:f2:c3:e7:98:3c:38:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:30:FF:E6:B7:BC:11:E2:F8:84:C6:88:B3:28:22:44:3B:00:95:CE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TTD_5re8EeL4hMaIsygiRDsAlc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/22
88.151.62.0/24
88.209.205.0-88.209.206.255
88.209.217.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
178.210.228.0/24
178.210.230.0-178.210.235.255
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
43:14:8d:1d:ce:6e:02:5b:35:21:7d:1f:f6:69:7e:5b:42:b8:
1d:a6:97:54:a7:0e:ee:64:dd:1b:49:c9:70:fa:63:d2:3a:1a:
34:8d:3f:7d:8a:ac:17:50:08:6d:27:bc:6f:5b:ff:69:01:d7:
2a:5a:b0:68:1e:32:a9:bd:24:ce:67:4d:94:fe:dc:04:93:8d:
5c:01:3f:af:a5:a4:4e:1a:c1:f6:fc:af:0b:17:11:59:58:37:
9e:b9:2a:82:50:24:8a:6e:75:86:91:df:41:c8:8c:e4:4d:09:
81:31:27:45:3d:a4:1c:64:ae:0f:b1:9d:f0:4b:68:bd:37:2b:
67:eb:34:62:1c:5c:4b:ca:e4:bf:0c:28:f9:d2:b2:00:15:36:
57:c1:a4:f6:11:78:72:22:55:09:bc:dc:30:f5:6b:26:52:c6:
28:de:fa:dd:60:65:de:46:78:8e:18:ef:85:2d:cb:06:63:89:
e5:4a:a2:cf:46:2c:36:3e:de:ab:ce:7f:9c:88:f6:2b:6c:7a:
59:2f:ff:f6:11:8c:98:1c:6b:02:4f:22:4a:08:57:24:4d:67:
cc:55:87:95:d7:be:30:98:80:a4:62:6d:96:18:a8:f1:45:cc:
2f:8a:51:b9:2a:e4:4f:9b:86:cf:8f:77:f5:88:cc:dc:4b:57:
ae:ae:c6:96
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYhNXuZFGFGg/NWF+mh0fZrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTI0MTA0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDMwZmZlNmI3YmMxMWUyZjg4NGM2ODhiMzI4MjI0NDNiMDA5NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3VcBZ3mlkbVEPdS0CHgGoqyS1L2
8Pu0KWwAg+hJKymCKalx9RwmXIPZmCrym9PWGMZMLdz6hf7wYR52/nxhXDNzU7bM
sf7RoPgfr1hucUZJC3Oy4IyzjocTlYcaYVeeW4iByBee+2j49J+ZCh8a7Nap5TTv
1ljhdT+YVAg82xa+1QJkhkc3ABEgAKrAE+ggEf3m7IVrlh2N1+QkDKV6TuocqoYZ
KupFTzYIaaaoHhfWEKqA5CPOarNWHbINba1qm5iVfU3lBiGSydkT0oUq5XR1AwoZ
DY75S+L8e+J5CudKlLfpgsbh3AUZZVEFsv2fgQzbmGJdzEvyw+eYPDiwGQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFE0w/+a3vBHi+ITGiLMoIkQ7AJXOMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVFREXzVyZThFZUw0aE1hSXN5Z2lSRHNBbGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAlOJnAME
AFiXPjAMAwQAWNHNAwQAWNHOAwQAWNHZAwQAWNHbAwQAWNHkAwQCWNHsAwQBWNH2
MAwDBABY0f0DBABY0f4wDAMEAFw02QMEAFw02gMEALLS5DAMAwQBstLmAwQCstLo
AwQAstLtAwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQBDFI0dzm4CWzUhfR/2aX5b
QrgdppdUpw7uZN0bSclw+mPSOho0jT99iqwXUAhtJ7xvW/9pAdcqWrBoHjKpvSTO
Z02U/twEk41cAT+vpaROGsH2/K8LFxFZWDeeuSqCUCSKbnWGkd9ByIzkTQmBMSdF
PaQcZK4PsZ3wS2i9Nytn6zRiHFxLyuS/DCj50rIAFTZXwaT2EXhyIlUJvNww9Wsm
UsYo3vrdYGXeRniOGO+FLcsGY4nlSqLPRiw2Pt6rzn+ciPYrbHpZL//2EYyYHGsC
TyJKCFckTWfMVYeV174wmICkYm2WGKjxRcwvilG5KuRPm4bPj3f1iMzcS1eursaW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org