Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Uf2_CSXGVvgkolQa4S-Q9cepd5o.roa
File: Uf2_CSXGVvgkolQa4S-Q9cepd5o.roa (raw, json)
Hash identifier: CkCIp6Rz4WbGJU8SSqtt87wIJLRfR6YU1kZYsR7BDPU=
Subject key identifier: 51:FD:BF:09:25:C6:56:F8:24:A2:54:1A:E1:2F:90:F5:C7:A9:77:9A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187E0E2598D44E5FE11F72A5FE9D335D20A
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Uf2_CSXGVvgkolQa4S-Q9cepd5o.roa
Signing time: Wed 03 May 2023 09:12:23 +0000
ROA not before: Wed 03 May 2023 09:12:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.228.0/22 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:e2:59:8d:44:e5:fe:11:f7:2a:5f:e9:d3:35:d2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 3 09:12:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51fdbf0925c656f824a2541ae12f90f5c7a9779a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6e:9e:39:84:71:ff:ea:b8:da:9e:30:0e:44:
55:63:b8:2c:9c:2d:5f:30:12:65:55:a2:36:6b:b0:
df:ef:92:6c:40:31:7b:b8:15:bc:ae:84:21:07:c5:
20:44:04:7d:e3:83:be:11:c1:31:f8:b6:74:9b:c3:
3b:74:14:49:8b:49:d6:37:b8:e2:4c:34:58:9a:81:
69:90:e6:44:2a:ef:d5:ad:4c:ee:dd:38:ab:27:13:
0a:66:53:21:cc:4f:8f:54:cb:88:32:ff:1b:be:b3:
bd:7e:c1:fd:b0:ae:95:f5:ad:df:0c:1f:b5:64:5a:
1f:bf:aa:7c:f5:5f:d6:b8:84:43:db:cd:95:56:e6:
0e:35:40:a0:81:8d:57:3d:45:47:ff:1a:54:3d:e4:
d5:4f:e4:8a:77:54:28:94:1b:09:16:ab:ac:7b:16:
6a:c5:97:97:8c:f3:11:0f:18:fb:2f:9d:bb:4c:d5:
b2:f3:be:94:56:30:a9:49:99:51:9b:48:00:c3:fa:
b5:c9:f1:8f:0c:e6:60:f4:cc:56:7b:18:39:cd:37:
d4:f8:a7:91:4b:21:41:7c:fa:ed:9f:dc:87:7e:33:
9b:fc:41:1d:c9:91:e2:ee:d5:15:cb:95:7b:4e:f1:
f5:c8:02:6e:f8:b0:1d:df:3a:34:b7:38:8e:4f:4f:
b5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FD:BF:09:25:C6:56:F8:24:A2:54:1A:E1:2F:90:F5:C7:A9:77:9A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Uf2_CSXGVvgkolQa4S-Q9cepd5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.205.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.228.0-178.210.235.255
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:46:e1:fc:85:ce:7e:06:f4:f8:00:d5:51:b2:af:71:66:68:
b3:1b:e4:49:97:b1:07:55:c6:d2:53:d7:a4:f5:de:18:a5:61:
bd:b8:d2:cc:8d:4b:f9:f3:d3:42:d4:00:35:7d:f1:40:6a:68:
ed:c0:6b:35:2a:3f:ac:f4:5d:ba:e2:90:9f:2b:9e:1f:82:a1:
a7:70:c1:23:fd:54:2d:2e:05:93:71:8b:5a:38:4c:76:c2:45:
17:ac:45:bb:ee:cb:67:d3:79:8f:5e:ad:b3:1b:6d:82:4f:1b:
7f:d0:20:92:83:cd:cd:b6:45:9e:7c:a6:33:c9:9a:41:02:f2:
35:8f:a0:05:7d:eb:68:7c:0a:e5:95:7f:b3:e2:2a:c0:45:36:
aa:06:33:52:e5:19:bf:8a:b3:1d:fe:2c:5b:5a:52:81:4a:5a:
7a:1f:b4:d8:ef:c1:64:e0:87:8f:c7:22:18:08:76:47:9d:25:
3f:19:c8:ba:41:37:4a:47:51:5e:95:1b:1b:26:e5:31:06:04:
37:e2:11:7f:57:bf:d5:ee:d3:b4:ad:dd:6a:81:13:63:57:58:
7c:26:8f:db:20:65:1a:83:74:ad:26:55:06:2e:6a:31:15:7f:
9b:2a:7b:3e:5e:a4:7f:c4:2d:39:c4:4d:78:c9:7d:fb:1c:ee:
75:a8:87:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYfg4lmNROX+EfcqX+nTNdIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTAzMDkxMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZkYmYwOTI1YzY1NmY4MjRhMjU0MWFlMTJmOTBmNWM3YTk3NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj26eOYRx/+q42p4wDkRVY7gsnC1f
MBJlVaI2a7Df75JsQDF7uBW8roQhB8UgRAR944O+EcEx+LZ0m8M7dBRJi0nWN7ji
TDRYmoFpkOZEKu/VrUzu3TirJxMKZlMhzE+PVMuIMv8bvrO9fsH9sK6V9a3fDB+1
ZFofv6p89V/WuIRD282VVuYONUCggY1XPUVH/xpUPeTVT+SKd1QolBsJFqusexZq
xZeXjPMRDxj7L527TNWy876UVjCpSZlRm0gAw/q1yfGPDOZg9MxWexg5zTfU+KeR
SyFBfPrtn9yHfjOb/EEdyZHi7tUVy5V7TvH1yAJu+LAd3zo0tziOT0+1bQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFFH9vwklxlb4JKJUGuEvkPXHqXeaMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVWYyX0NTWEdWdmdrb2xRYTRTLVE5Y2VwZDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAVOJnAME
AFOJnwMEAFiXPgMEAFjRzQMEAFjR5AMEAljR7AMEAVjR9gMEAFjR/jAMAwQAXDTZ
AwQAXDTaMAwDBAKy0uQDBAKy0ugDBACy0u0DBADCKS8wDQYJKoZIhvcNAQELBQAD
ggEBALlG4fyFzn4G9PgA1VGyr3FmaLMb5EmXsQdVxtJT16T13hilYb240syNS/nz
00LUADV98UBqaO3AazUqP6z0XbrikJ8rnh+CoadwwSP9VC0uBZNxi1o4THbCRRes
Rbvuy2fTeY9erbMbbYJPG3/QIJKDzc22RZ58pjPJmkEC8jWPoAV962h8CuWVf7Pi
KsBFNqoGM1LlGb+Ksx3+LFtaUoFKWnoftNjvwWTgh4/HIhgIdkedJT8ZyLpBN0pH
UV6VGxsm5TEGBDfiEX9Xv9Xu07St3WqBE2NXWHwmj9sgZRqDdK0mVQYuajEVf5sq
ez5epH/ELTnETXjJffsc7nWohxM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org