Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Tmifp2NChRjcQ0dpWODsBSlK65A.roa
File: Tmifp2NChRjcQ0dpWODsBSlK65A.roa (raw, json)
Hash identifier: LNBrbr33Jn/c13y/8/thVchveciKlngeqemSGpJ4hgQ=
Subject key identifier: 4E:68:9F:A7:63:42:85:18:DC:43:47:69:58:E0:EC:05:29:4A:EB:90
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B494280E37D5A9DC72013C10950CC7CCA
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Tmifp2NChRjcQ0dpWODsBSlK65A.roa
Signing time: Thu 19 Oct 2023 18:46:16 +0000
ROA not before: Thu 19 Oct 2023 18:46:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.237.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.229.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
88.209.219.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:42:80:e3:7d:5a:9d:c7:20:13:c1:09:50:cc:7c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 19 18:46:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e689fa763428518dc43476958e0ec05294aeb90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f7:2f:41:e3:80:5f:62:d5:bc:d4:23:3c:1d:
e3:f8:8b:92:de:35:08:58:53:41:86:e7:da:7d:b0:
50:09:b1:85:8c:d7:8e:ff:25:8c:11:88:76:d4:de:
62:19:b9:53:72:fd:26:bf:48:57:82:ab:24:b3:c6:
a6:7c:5e:c2:ed:76:e9:5e:73:fe:fa:b1:17:ec:2d:
9a:90:f5:39:a6:56:e7:28:c7:db:2a:28:cb:c5:15:
52:8c:26:6a:22:27:94:49:c1:12:c1:97:41:5d:a8:
31:cb:2a:1e:c3:fe:38:ae:8c:4f:22:49:e6:6f:6e:
ba:69:7d:e0:87:c4:74:68:41:68:be:82:d1:89:29:
5f:5c:92:70:67:80:cc:f6:a9:b6:90:d7:d4:d3:5b:
a9:cc:d8:b8:20:f7:39:89:56:a6:80:6d:23:d5:39:
b0:17:b0:21:57:e2:1e:26:de:a2:dd:86:7c:85:e1:
d8:74:13:4e:79:cc:77:a1:5e:e6:6f:39:a6:28:03:
97:07:1c:d5:9f:af:96:f6:f5:30:97:83:50:5c:38:
66:83:dd:ae:bc:d7:1b:09:0e:f9:44:ab:c4:4a:44:
35:2c:74:82:0d:b5:f9:85:1c:2b:ca:ac:a5:64:c4:
93:e9:9f:8e:d3:ac:f9:4f:af:cc:e5:4d:37:ab:67:
03:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:68:9F:A7:63:42:85:18:DC:43:47:69:58:E0:EC:05:29:4A:EB:90
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Tmifp2NChRjcQ0dpWODsBSlK65A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.157.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.229.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:51:ff:48:51:0b:91:e4:00:fa:9b:c8:db:65:50:83:a1:a3:
82:63:9e:64:01:ac:42:cf:1b:2e:bd:a7:e3:37:f6:a3:24:20:
38:a1:9e:16:32:8b:09:63:07:09:42:54:aa:5b:5f:d2:e9:a8:
e9:c1:40:17:d7:90:3d:eb:b8:a3:c1:65:e6:11:28:76:c3:4a:
73:02:63:c5:91:e9:6c:5f:b0:a7:b3:bb:35:2c:3f:8f:7e:c8:
fd:a4:ce:6d:cb:bc:97:d4:bf:1b:cc:57:ca:02:de:6f:68:2c:
17:41:2e:a6:2a:6b:bf:47:40:96:44:8b:ff:f4:f7:e4:c1:2a:
ca:21:01:02:10:7b:0c:03:c3:a7:01:64:ff:76:99:4d:76:8e:
a7:1b:30:76:ff:2f:ba:b4:44:25:cd:74:32:e4:d7:8f:1a:e1:
2e:53:88:c6:76:ce:43:06:16:fc:65:f4:39:ae:af:98:f3:ff:
96:b3:0f:7e:f7:84:b3:57:75:bf:54:c9:8b:10:0a:29:83:97:
83:3f:7f:42:8c:7c:67:9e:86:58:37:d9:9a:f9:67:8e:64:42:
eb:af:70:05:03:70:9c:60:ff:71:ff:d7:49:b1:24:de:70:af:
97:54:38:3f:6a:ee:d3:b8:34:bd:2a:04:6b:9f:ba:b8:cd:30:
7c:44:8b:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYtJQoDjfVqdxyATwQlQzHzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDE5MTg0NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY4OWZhNzYzNDI4NTE4ZGM0MzQ3Njk1OGUwZWMwNTI5NGFlYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPcvQeOAX2LVvNQjPB3j+IuS3jUI
WFNBhufafbBQCbGFjNeO/yWMEYh21N5iGblTcv0mv0hXgqsks8amfF7C7XbpXnP+
+rEX7C2akPU5plbnKMfbKijLxRVSjCZqIieUScESwZdBXagxyyoew/44roxPIknm
b266aX3gh8R0aEFovoLRiSlfXJJwZ4DM9qm2kNfU01upzNi4IPc5iVamgG0j1Tmw
F7AhV+IeJt6i3YZ8heHYdBNOecx3oV7mbzmmKAOXBxzVn6+W9vUwl4NQXDhmg92u
vNcbCQ75RKvESkQ1LHSCDbX5hRwryqylZMST6Z+O06z5T6/M5U03q2cDdwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFE5on6djQoUY3ENHaVjg7AUpSuuQMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVG1pZnAyTkNoUmpjUTBkcFdPRHNCU2xLNjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmQMEAFOJnQMEAFjR2wMEAFjR5AMEAljR7AME
AVjR9gMEAFjR/jAMAwQAXDTZAwQAXDTaAwQAstLlAwQCstLoAwQAstLtAwQAwikv
MA0GCSqGSIb3DQEBCwUAA4IBAQCqUf9IUQuR5AD6m8jbZVCDoaOCY55kAaxCzxsu
vafjN/ajJCA4oZ4WMosJYwcJQlSqW1/S6ajpwUAX15A967ijwWXmESh2w0pzAmPF
kelsX7Cns7s1LD+Pfsj9pM5ty7yX1L8bzFfKAt5vaCwXQS6mKmu/R0CWRIv/9Pfk
wSrKIQECEHsMA8OnAWT/dplNdo6nGzB2/y+6tEQlzXQy5NePGuEuU4jGds5DBhb8
ZfQ5rq+Y8/+Wsw9+94SzV3W/VMmLEAopg5eDP39CjHxnnoZYN9ma+WeOZELrr3AF
A3CcYP9x/9dJsSTecK+XVDg/au7TuDS9KgRrn7q4zTB8RItu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org