Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VAuNaun0Gz4iISLAt-5LTT3P6OI.roa
File: VAuNaun0Gz4iISLAt-5LTT3P6OI.roa (raw, json)
Hash identifier: qd3+3VRmLDK5Uyu2G0EHK8lm0M1d1OaZC+N+IlIbNnY=
Subject key identifier: 54:0B:8D:6A:E9:F4:1B:3E:22:21:22:C0:B7:EE:4B:4D:3D:CF:E8:E2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A4F9A451300005DC6C195D62E1AADD7CB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VAuNaun0Gz4iISLAt-5LTT3P6OI.roa
Signing time: Fri 01 Sep 2023 07:17:04 +0000
ROA not before: Fri 01 Sep 2023 07:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.63.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:9a:45:13:00:00:5d:c6:c1:95:d6:2e:1a:ad:d7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 1 07:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=540b8d6ae9f41b3e222122c0b7ee4b4d3dcfe8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e5:81:7b:7f:4b:c7:d3:8f:2a:2f:b1:06:4d:
ec:41:1a:95:29:67:25:1a:35:34:e6:85:ee:fe:ac:
a6:33:e4:36:a2:25:53:98:b7:57:93:1d:3a:5c:4f:
f4:7c:9b:15:ab:73:c6:72:c7:fa:11:0f:88:f6:2d:
3c:f3:2d:0f:76:7d:0b:eb:ce:f9:b8:9b:4e:96:05:
28:1f:b8:68:11:87:7f:b2:1d:fa:e1:bd:2f:d2:01:
73:98:fe:39:27:4e:ee:87:b2:6b:1f:54:f4:9d:99:
b0:47:a2:37:ea:ce:11:7b:c7:ff:4f:5e:fb:d8:a3:
b3:d3:e1:e4:5d:1f:4b:0a:99:ba:c2:93:1f:a4:84:
8c:b6:b6:b3:a4:7e:ab:f3:9f:b9:d9:86:26:0a:5f:
6a:75:5b:54:4f:a0:6a:c3:e4:3f:2f:20:fc:ea:db:
be:89:15:de:92:0c:2d:da:bb:43:ea:f3:f5:4a:bc:
80:15:e8:ae:a5:f3:21:9d:fc:a4:33:50:6b:2a:f5:
4e:6a:6a:a1:aa:3c:74:60:86:78:5d:09:a4:c7:70:
1f:14:de:2d:c5:b1:4a:84:d2:3d:c7:09:e6:d4:dc:
ff:03:d5:4b:a8:42:95:8f:c2:7c:e2:82:d4:6c:d9:
2a:6e:8b:eb:28:7d:73:af:30:e6:fd:2c:4c:0a:fc:
43:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0B:8D:6A:E9:F4:1B:3E:22:21:22:C0:B7:EE:4B:4D:3D:CF:E8:E2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/VAuNaun0Gz4iISLAt-5LTT3P6OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
77.242.159.0/24
88.151.56.0/23
88.151.63.0/24
88.209.201.0/24
88.209.211.0/24
88.209.217.0/24
88.209.245.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:10:58:bb:4d:e4:69:fa:f1:72:5e:13:e2:81:fa:cb:d8:cc:
3b:c4:cf:28:f2:d7:85:1e:6d:10:66:1e:d5:67:b3:84:21:22:
c4:5c:43:4e:25:b7:38:3c:e4:e9:be:f5:28:eb:f6:d3:e7:a9:
1b:0e:a9:e5:e8:aa:b1:aa:9b:62:84:45:de:37:ca:38:7f:03:
dc:8b:c2:69:9e:9e:ab:d0:c7:06:13:c5:90:7c:e7:82:90:15:
06:32:6b:41:90:27:76:e7:50:3d:bf:93:16:7d:f7:08:a9:a6:
34:99:d8:84:ff:41:d4:77:f1:e6:f9:47:4a:54:aa:96:b7:74:
24:94:9d:e0:39:b1:a6:e7:40:28:ab:25:e3:84:9b:cf:75:30:
f9:2d:0a:2e:38:da:a3:b3:ce:3c:db:11:c0:84:e0:79:72:7b:
af:14:77:b9:c1:3c:22:b1:3f:80:a6:93:21:1c:50:6a:bb:f0:
55:25:30:c4:25:d8:34:64:8e:4d:93:7e:45:a3:5c:ac:ba:b4:
0c:3d:c4:ee:05:dd:ae:7f:35:b8:a7:b4:48:1f:85:15:4c:b1:
68:c2:f0:99:46:33:8d:ad:c7:0e:aa:6a:23:7e:fc:95:e1:ae:
5f:02:d5:87:90:54:06:f6:02:1d:02:f5:7c:b1:94:f2:1a:49:
21:9a:0e:39
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYpPmkUTAABdxsGV1i4ardfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTAxMDcxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDBiOGQ2YWU5ZjQxYjNlMjIyMTIyYzBiN2VlNGI0ZDNkY2ZlOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheWBe39Lx9OPKi+xBk3sQRqVKWcl
GjU05oXu/qymM+Q2oiVTmLdXkx06XE/0fJsVq3PGcsf6EQ+I9i088y0Pdn0L6875
uJtOlgUoH7hoEYd/sh364b0v0gFzmP45J07uh7JrH1T0nZmwR6I36s4Re8f/T177
2KOz0+HkXR9LCpm6wpMfpISMtrazpH6r85+52YYmCl9qdVtUT6Bqw+Q/LyD86tu+
iRXekgwt2rtD6vP1SryAFeiupfMhnfykM1BrKvVOamqhqjx0YIZ4XQmkx3AfFN4t
xbFKhNI9xwnm1Nz/A9VLqEKVj8J84oLUbNkqbovrKH1zrzDm/SxMCvxDSwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFQLjWrp9Bs+IiEiwLfuS009z+jiMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVkF1TmF1bjBHejRpSVNMQXQtNUxUVDNQNk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATfKWAwQA
TfKfAwQBWJc4AwQAWJc/AwQAWNHJAwQAWNHTAwQAWNHZAwQAWNH1AwQAstL6MA0G
CSqGSIb3DQEBCwUAA4IBAQCMEFi7TeRp+vFyXhPigfrL2Mw7xM8o8teFHm0QZh7V
Z7OEISLEXENOJbc4POTpvvUo6/bT56kbDqnl6KqxqptihEXeN8o4fwPci8Jpnp6r
0McGE8WQfOeCkBUGMmtBkCd251A9v5MWffcIqaY0mdiE/0HUd/Hm+UdKVKqWt3Qk
lJ3gObGm50AoqyXjhJvPdTD5LQouONqjs8482xHAhOB5cnuvFHe5wTwisT+AppMh
HFBqu/BVJTDEJdg0ZI5Nk35Fo1ysurQMPcTuBd2ufzW4p7RIH4UVTLFowvCZRjON
rccOqmojfvyV4a5fAtWHkFQG9gIdAvV8sZTyGkkhmg45
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org