Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/XM58OP2D6_YsVCBeU3kxuoqt7X0.roa
File: XM58OP2D6_YsVCBeU3kxuoqt7X0.roa (raw, json)
Hash identifier: UIH8I7GOKDb8Dssr4fyLkE84DYenkWMEYxinjKE2/mc=
Subject key identifier: 5C:CE:7C:38:FD:83:EB:F6:2C:54:20:5E:53:79:31:BA:8A:AD:ED:7D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01840DDDEBCD0A8C6B8E4AE914C8D8E72351
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/XM58OP2D6_YsVCBeU3kxuoqt7X0.roa
Signing time: Tue 25 Oct 2022 06:39:18 +0000
ROA not before: Tue 25 Oct 2022 06:39:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.237.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:dd:eb:cd:0a:8c:6b:8e:4a:e9:14:c8:d8:e7:23:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 25 06:39:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cce7c38fd83ebf62c54205e537931ba8aaded7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bd:6a:ee:a0:22:63:2b:d2:4d:91:52:c0:79:
96:f3:c5:2e:29:d9:53:7f:76:71:83:cc:68:49:83:
0c:ea:46:fb:d6:94:7e:1c:49:dc:f3:c2:3a:99:db:
65:67:21:a8:ae:31:2f:d6:80:9b:6c:b3:68:16:29:
9b:7e:c0:5d:90:04:91:40:76:69:96:1a:81:b8:70:
0a:10:db:99:f5:fa:3a:a6:93:d0:ac:4b:cf:92:9e:
a4:f8:86:f9:32:6a:36:ed:df:59:2b:85:11:92:0d:
29:af:2d:e4:af:60:99:2c:bd:7d:bf:2e:4c:8d:14:
55:2c:dd:11:01:d0:38:f3:ed:81:d9:98:97:91:ef:
4f:72:b3:01:dd:ea:ea:aa:b0:96:58:48:48:f3:bd:
36:cb:5d:27:88:a3:28:00:11:f5:25:c7:c1:8c:c0:
33:25:bb:4f:de:c3:df:f6:d6:9d:c1:7e:f9:31:cd:
6a:bd:66:38:02:cf:9e:8c:6f:9b:5d:24:6c:49:eb:
9f:d9:75:f6:15:7f:eb:1b:a3:14:bf:8c:9c:cf:7c:
d4:fe:72:5f:59:1a:60:ed:3c:e9:b9:39:d0:70:3d:
38:16:ce:58:4d:d8:b3:1c:50:74:65:f1:70:57:6d:
d6:3d:80:79:7a:37:55:87:b7:bc:8a:15:2d:63:2b:
70:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CE:7C:38:FD:83:EB:F6:2C:54:20:5E:53:79:31:BA:8A:AD:ED:7D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/XM58OP2D6_YsVCBeU3kxuoqt7X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.228.0/23
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
45:03:cd:cd:45:fa:c6:67:e6:24:96:0a:7d:f2:42:72:e2:11:
08:2f:99:60:61:9a:0a:9b:ea:f9:23:02:54:82:28:11:bf:46:
0c:b0:a5:67:71:9b:3e:f5:c4:2c:13:e7:22:19:c8:27:e7:9a:
e2:8d:57:e9:b3:2c:95:38:56:25:64:52:f9:b7:e0:58:f0:6f:
e7:1e:6c:08:71:0c:3e:ed:ca:6f:f3:71:d7:c2:5d:8a:63:c2:
22:3d:d3:70:4f:ca:3f:6b:18:a9:60:24:40:10:d8:67:24:84:
4b:51:66:15:c3:15:46:2e:aa:74:97:0c:b9:b5:54:33:98:52:
bc:13:a8:bf:cf:f8:62:37:8f:7a:cd:6d:fb:d2:17:ee:49:eb:
fc:15:c6:59:e4:ba:e0:69:0c:64:2a:fc:c2:df:a0:4c:73:5a:
5f:cc:94:09:54:57:6d:6f:b1:50:7c:05:7b:01:7a:3b:80:4f:
f1:e2:95:d2:bd:97:34:aa:91:1d:d7:c2:fe:bd:40:aa:5a:04:
9d:72:a4:a6:03:a2:86:f3:cb:4e:f4:3b:ea:7a:fc:9b:ca:fc:
e3:8c:91:ee:ca:ce:18:ac:3e:c5:57:85:1a:86:36:ff:cc:a5:
e2:db:f4:8f:b6:02:d8:3d:e8:89:66:74:f6:a3:84:51:cc:a7:
81:f1:05:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYQN3evNCoxrjkrpFMjY5yNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMDI1MDYzOTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NlN2MzOGZkODNlYmY2MmM1NDIwNWU1Mzc5MzFiYThhYWRlZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir1q7qAiYyvSTZFSwHmW88UuKdlT
f3Zxg8xoSYMM6kb71pR+HEnc88I6mdtlZyGorjEv1oCbbLNoFimbfsBdkASRQHZp
lhqBuHAKENuZ9fo6ppPQrEvPkp6k+Ib5Mmo27d9ZK4URkg0pry3kr2CZLL19vy5M
jRRVLN0RAdA48+2B2ZiXke9PcrMB3erqqrCWWEhI8702y10niKMoABH1JcfBjMAz
JbtP3sPf9tadwX75Mc1qvWY4As+ejG+bXSRsSeuf2XX2FX/rG6MUv4ycz3zU/nJf
WRpg7TzpuTnQcD04Fs5YTdizHFB0ZfFwV23WPYB5ejdVh7e8ihUtYytwCwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFzOfDj9g+v2LFQgXlN5MbqKre19MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWE01OE9QMkQ2X1lzVkNCZVUza3h1b3F0N1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAU4mfAwQAWJc+AwQB
WNHkAwQCWNHsAwQBWNH2AwQAWNH+AwQAXDTaAwQCstLoAwQAstLtAwQAwikvMA0G
CSqGSIb3DQEBCwUAA4IBAQBFA83NRfrGZ+Yklgp98kJy4hEIL5lgYZoKm+r5IwJU
gigRv0YMsKVncZs+9cQsE+ciGcgn55rijVfpsyyVOFYlZFL5t+BY8G/nHmwIcQw+
7cpv83HXwl2KY8IiPdNwT8o/axipYCRAENhnJIRLUWYVwxVGLqp0lwy5tVQzmFK8
E6i/z/hiN496zW370hfuSev8FcZZ5LrgaQxkKvzC36BMc1pfzJQJVFdtb7FQfAV7
AXo7gE/x4pXSvZc0qpEd18L+vUCqWgSdcqSmA6KG88tO9DvqevybyvzjjJHuys4Y
rD7FV4Uahjb/zKXi2/SPtgLYPeiJZnT2o4RRzKeB8QW7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org