Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WHaglPNCb4jRwLvnldisg1OXiVc.roa
File: WHaglPNCb4jRwLvnldisg1OXiVc.roa (raw, json)
Hash identifier: nkW/Vm1SxZfMHo1btJH8mCcyIzY0kU6lD64uoMXU73c=
Subject key identifier: 58:76:A0:94:F3:42:6F:88:D1:C0:BB:E7:95:D8:AC:83:53:97:89:57
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018962F94791375DCA12A11C5D8131B96A85
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WHaglPNCb4jRwLvnldisg1OXiVc.roa
Signing time: Mon 17 Jul 2023 08:30:51 +0000
ROA not before: Mon 17 Jul 2023 08:30:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.230.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
2.58.168.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:62:f9:47:91:37:5d:ca:12:a1:1c:5d:81:31:b9:6a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 17 08:30:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5876a094f3426f88d1c0bbe795d8ac8353978957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5f:80:5e:2d:ee:e4:07:be:02:be:e3:74:bb:
32:a0:66:a3:e0:cd:73:de:cd:80:d6:b1:a9:38:74:
2d:88:66:44:42:68:c5:cc:42:67:ac:4c:e9:6d:a4:
0a:b8:71:99:c0:b5:3c:d7:6b:dc:d5:d9:74:17:ba:
a7:ed:ad:4c:3e:c2:d5:d8:b7:51:2a:35:e2:ee:9e:
3f:b9:5f:8b:29:38:17:ee:07:1c:26:b7:d7:68:97:
4b:ee:7c:40:1a:e8:f4:e0:52:9d:2b:16:d8:cf:48:
64:e7:ce:03:0c:68:71:7e:fe:c6:2a:12:c9:4e:49:
d3:9d:27:52:b3:a6:22:bf:01:ff:ca:3b:ac:51:ea:
88:af:4d:28:b8:04:23:76:0f:11:d7:f8:1b:06:82:
02:e2:ce:54:a9:00:9d:3e:49:45:39:d0:9b:62:27:
14:eb:a1:43:e1:66:a9:a4:41:42:27:8a:ca:6a:01:
29:64:61:56:f4:24:22:d7:15:a9:58:2d:83:82:bd:
9a:05:e6:64:fe:7a:f6:64:7e:96:05:6d:c3:be:9f:
1f:ff:59:44:12:65:bd:25:e4:d9:ac:51:7c:a6:75:
c2:36:77:69:55:f8:0b:bc:41:27:0c:b5:8c:9c:7c:
ad:08:30:97:6f:e1:6c:d4:63:3f:50:cc:18:14:e7:
d5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:76:A0:94:F3:42:6F:88:D1:C0:BB:E7:95:D8:AC:83:53:97:89:57
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WHaglPNCb4jRwLvnldisg1OXiVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0/24
5.182.113.0/24
77.242.150.0/24
88.151.56.0-88.151.58.255
88.209.195.0/24
88.209.211.0/24
88.209.221.0/24
178.210.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:49:6f:37:01:2f:07:ed:c9:10:52:14:35:58:9d:99:a6:8b:
4c:98:03:db:59:52:ff:dd:f0:24:2b:54:fb:13:c3:20:13:26:
16:f6:98:48:56:1c:60:6a:1c:5f:91:91:a9:8c:94:87:60:ce:
65:d2:29:6e:e3:b8:76:f2:2f:e4:b0:5e:cf:81:68:8d:7f:57:
e4:5d:e6:a2:82:41:e9:16:4c:2f:b2:53:95:b0:d3:71:4a:51:
9e:2d:5c:e7:03:71:54:90:cf:4a:81:7a:f5:14:b7:9c:f1:ea:
7a:b9:3d:2a:4f:a7:3e:a9:a3:bc:d5:7e:41:cf:34:23:6b:31:
da:92:0a:40:ac:6c:46:ca:3a:01:99:d4:79:27:89:7e:a9:d4:
6f:71:74:a4:f8:72:ec:4d:ee:bd:1b:9f:9a:14:8f:74:47:fc:
97:ed:93:e0:c8:2e:10:67:8d:dd:0c:72:9b:76:2a:bc:a1:a7:
31:03:13:82:85:79:3c:ea:2f:25:a0:6a:1b:11:40:d7:4e:84:
32:03:dd:7a:0a:59:ee:bf:d8:21:8c:b1:71:05:78:8e:c7:2f:
62:22:0e:ca:37:5a:b3:4b:2d:7e:6e:f8:00:27:ef:88:c3:ae:
cb:8c:02:a8:56:80:26:5f:aa:0f:8c:9f:6f:bc:dd:9c:ce:a5:
69:e3:76:79
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYli+UeRN13KEqEcXYExuWqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzE3MDgzMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc2YTA5NGYzNDI2Zjg4ZDFjMGJiZTc5NWQ4YWM4MzUzOTc4OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgF+AXi3u5Ae+Ar7jdLsyoGaj4M1z
3s2A1rGpOHQtiGZEQmjFzEJnrEzpbaQKuHGZwLU812vc1dl0F7qn7a1MPsLV2LdR
KjXi7p4/uV+LKTgX7gccJrfXaJdL7nxAGuj04FKdKxbYz0hk584DDGhxfv7GKhLJ
TknTnSdSs6YivwH/yjusUeqIr00ouAQjdg8R1/gbBoIC4s5UqQCdPklFOdCbYicU
66FD4WappEFCJ4rKagEpZGFW9CQi1xWpWC2Dgr2aBeZk/nr2ZH6WBW3Dvp8f/1lE
EmW9JeTZrFF8pnXCNndpVfgLvEEnDLWMnHytCDCXb+Fs1GM/UMwYFOfVGwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFh2oJTzQm+I0cC755XYrINTl4lXMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvV0hhZ2xQTkNiNGpSd0x2bmxkaXNnMU9YaVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAAjqoAwQA
BbZxAwQATfKWMAwDBANYlzgDBABYlzoDBABY0cMDBABY0dMDBABY0d0DBACy0uYw
DQYJKoZIhvcNAQELBQADggEBAGtJbzcBLwftyRBSFDVYnZmmi0yYA9tZUv/d8CQr
VPsTwyATJhb2mEhWHGBqHF+RkamMlIdgzmXSKW7juHbyL+SwXs+BaI1/V+Rd5qKC
QekWTC+yU5Ww03FKUZ4tXOcDcVSQz0qBevUUt5zx6nq5PSpPpz6po7zVfkHPNCNr
MdqSCkCsbEbKOgGZ1HkniX6p1G9xdKT4cuxN7r0bn5oUj3RH/Jftk+DILhBnjd0M
cpt2KryhpzEDE4KFeTzqLyWgahsRQNdOhDID3XoKWe6/2CGMsXEFeI7HL2IiDso3
WrNLLX5u+AAn74jDrsuMAqhWgCZfqg+Mn2+83ZzOpWnjdnk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org