Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vt4xJYTFDbX6yXv5NlQa8KlOBjI.roa
File: Vt4xJYTFDbX6yXv5NlQa8KlOBjI.roa (raw, json)
Hash identifier: u+JG+KTop/KLBTAQXgR8iLKyiz+GmBy/cHi0aQMJ6RY=
Subject key identifier: 56:DE:31:25:84:C5:0D:B5:FA:C9:7B:F9:36:54:1A:F0:A9:4E:06:32
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7A3BA4D3A255E8E7A05DB289D4549
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vt4xJYTFDbX6yXv5NlQa8KlOBjI.roa
Signing time: Mon 02 Jan 2023 09:54:44 +0000
ROA not before: Mon 02 Jan 2023 09:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47169
IP address blocks: 88.209.250.0/23 maxlen: 23
45.88.92.0/24 maxlen: 24
178.210.254.0/23 maxlen: 23
92.52.192.0/21 maxlen: 21
92.52.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:a3:ba:4d:3a:25:5e:8e:7a:05:db:28:9d:45:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56de312584c50db5fac97bf936541af0a94e0632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ec:3b:d1:69:da:b0:71:c7:8c:5c:ea:85:64:
8c:b8:eb:22:45:15:4b:52:d7:b7:43:f5:43:c6:43:
e8:eb:0c:38:b5:9b:c1:16:2f:4f:63:f9:f8:e8:6d:
e4:28:4a:53:e2:b7:c3:35:15:3f:f8:61:de:06:6b:
77:50:e9:5c:a4:45:38:95:46:ff:be:6d:56:0e:ad:
a4:fa:02:7f:9e:8b:48:c4:bf:c0:00:3f:ea:1c:25:
d1:06:2e:4a:74:d5:f1:f5:5a:9c:1a:36:32:07:fe:
ec:bc:14:c1:50:24:bd:bf:08:40:37:d2:7d:82:37:
0e:c5:29:02:95:0d:5d:f5:45:9f:c2:9f:a0:5b:ef:
d3:dd:bd:de:11:85:d6:d2:56:32:42:dc:5f:6a:8f:
c8:64:eb:8d:e5:98:06:ae:a0:7e:0d:8b:0c:b9:f7:
fc:d9:c7:5c:dd:51:1f:1f:ab:8f:2a:b2:18:39:67:
42:d8:6d:16:b6:8b:5a:10:cd:5b:ec:a1:cf:b4:16:
13:62:5a:67:32:e7:17:6e:5e:23:a0:51:ae:b0:dc:
05:13:fa:5b:0c:54:e5:ff:d6:59:c2:7a:e3:68:2e:
6a:9f:64:2f:e4:bb:e9:06:35:97:bc:97:fd:db:4f:
25:86:a5:ef:43:20:fb:d5:91:6e:76:e8:fd:72:6e:
9d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DE:31:25:84:C5:0D:B5:FA:C9:7B:F9:36:54:1A:F0:A9:4E:06:32
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vt4xJYTFDbX6yXv5NlQa8KlOBjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.92.0/24
88.209.250.0/23
92.52.192.0-92.52.203.255
178.210.254.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:6c:34:40:c4:6b:f7:75:f7:f7:e7:5b:c2:aa:a1:34:f5:43:
2e:18:95:f5:a0:ee:5e:8d:64:0f:45:2a:c2:a0:30:c6:5b:03:
06:f8:47:a5:48:7a:1c:2f:16:29:ff:8a:35:67:cf:a5:30:47:
23:c5:80:9f:aa:b3:b2:2b:6c:26:de:50:79:ec:eb:31:1e:81:
34:2b:cb:eb:46:17:80:99:da:9e:20:d9:c5:6b:db:7f:c6:bd:
18:22:76:d0:13:5a:f1:20:95:17:f2:04:3c:25:e3:9a:57:13:
b3:d4:ac:86:21:a7:1d:ae:81:3b:f6:09:dd:a8:7b:08:37:f5:
f8:0c:e4:3b:1d:2a:40:b7:0b:de:ff:f3:58:67:7c:a4:66:59:
85:d6:94:9c:ea:ba:8f:c7:f2:89:ae:65:9a:b8:ed:dd:32:2a:
9e:2e:a0:4e:1b:de:50:06:d0:44:28:6e:1d:35:57:ca:13:c5:
b6:f9:03:a4:05:cb:43:f2:8f:3d:fc:3c:1b:17:02:28:2d:ec:
d7:a8:b8:58:cf:97:ca:5e:cb:07:9d:00:47:66:b4:0e:bd:1b:
89:9c:80:19:3b:5d:eb:99:24:43:4d:2f:f7:23:86:17:94:0c:
8d:98:27:17:eb:6e:50:ae:f7:37:8a:03:ad:7e:62:eb:71:e3:
45:49:4b:6b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVx56O6TTolXo56BdsonUVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRlMzEyNTg0YzUwZGI1ZmFjOTdiZjkzNjU0MWFmMGE5NGUwNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhew70WnasHHHjFzqhWSMuOsiRRVL
Ute3Q/VDxkPo6ww4tZvBFi9PY/n46G3kKEpT4rfDNRU/+GHeBmt3UOlcpEU4lUb/
vm1WDq2k+gJ/notIxL/AAD/qHCXRBi5KdNXx9VqcGjYyB/7svBTBUCS9vwhAN9J9
gjcOxSkClQ1d9UWfwp+gW+/T3b3eEYXW0lYyQtxfao/IZOuN5ZgGrqB+DYsMuff8
2cdc3VEfH6uPKrIYOWdC2G0WtotaEM1b7KHPtBYTYlpnMucXbl4joFGusNwFE/pb
DFTl/9ZZwnrjaC5qn2Qv5LvpBjWXvJf9208lhqXvQyD71ZFuduj9cm6dpwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFbeMSWExQ21+sl7+TZUGvCpTgYyMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVnQ0eEpZVEZEYlg2eVh2NU5sUWE4S2xPQmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVhcAwQB
WNH6MAwDBAZcNMADBAJcNMgDBAGy0v4wDQYJKoZIhvcNAQELBQADggEBAKFsNEDE
a/d19/fnW8KqoTT1Qy4YlfWg7l6NZA9FKsKgMMZbAwb4R6VIehwvFin/ijVnz6Uw
RyPFgJ+qs7IrbCbeUHns6zEegTQry+tGF4CZ2p4g2cVr23/GvRgidtATWvEglRfy
BDwl45pXE7PUrIYhpx2ugTv2Cd2oewg39fgM5DsdKkC3C97/81hnfKRmWYXWlJzq
uo/H8omuZZq47d0yKp4uoE4b3lAG0EQobh01V8oTxbb5A6QFy0Pyjz38PBsXAigt
7NeouFjPl8peywedAEdmtA69G4mcgBk7XeuZJENNL/cjhheUDI2YJxfrblCu9zeK
A61+Yutx40VJS2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org