Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YByyoXxLKqvsDtoGpXFdT5ycw-c.roa
File: YByyoXxLKqvsDtoGpXFdT5ycw-c.roa (raw, json)
Hash identifier: k6Rf2k7v+F6nqiIN2dxUoha4HVdnSQQaGb2yVLsjXcU=
Subject key identifier: 60:1C:B2:A1:7C:4B:2A:AB:EC:0E:DA:06:A5:71:5D:4F:9C:9C:C3:E7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B4D5806AB03282FC68A070B6FC0D72FCC
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YByyoXxLKqvsDtoGpXFdT5ycw-c.roa
Signing time: Fri 20 Oct 2023 13:48:16 +0000
ROA not before: Fri 20 Oct 2023 13:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 83.137.158.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:58:06:ab:03:28:2f:c6:8a:07:0b:6f:c0:d7:2f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 20 13:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601cb2a17c4b2aabec0eda06a5715d4f9c9cc3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:78:c8:a2:99:33:1c:a6:1c:f2:fd:a7:4a:70:
c8:5e:d3:ec:a0:53:41:0d:aa:00:ab:eb:8c:c5:bb:
09:2c:30:31:fd:6a:b9:7c:39:6d:fb:9d:e8:85:7e:
2b:a6:fd:f3:9d:79:29:60:88:53:eb:ca:f5:a7:cd:
e7:27:13:90:64:15:32:28:d5:ae:66:8a:c5:66:66:
3a:92:7f:21:b2:37:c7:2b:0f:75:b7:52:6e:7b:2b:
27:5a:46:51:e4:ec:7f:bf:e6:ce:ef:50:7d:fd:eb:
fd:54:5e:0b:40:ff:6a:c3:00:4f:e1:93:e5:b2:f8:
13:bf:29:91:5a:c1:1d:ef:b8:a7:ec:91:29:ba:73:
56:8c:16:61:9e:fc:1b:7c:8f:4f:32:c4:3e:bb:7e:
48:08:6e:c8:81:e9:90:97:b9:74:86:cb:69:04:25:
83:89:5d:bd:0c:13:e0:d2:65:8e:4c:d4:56:6a:0a:
f5:5a:4e:61:b1:c3:e0:d0:88:06:51:a4:70:3c:41:
fd:d1:84:9b:d0:10:f7:83:6b:82:89:e3:50:41:ab:
1f:eb:37:11:0c:80:04:c0:e8:04:c3:8c:cc:44:ea:
a1:85:e9:47:6e:fd:56:26:08:2d:98:9a:37:c0:a8:
41:79:d5:8b:45:23:b4:78:18:ad:35:c4:fe:86:f7:
7f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1C:B2:A1:7C:4B:2A:AB:EC:0E:DA:06:A5:71:5D:4F:9C:9C:C3:E7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/YByyoXxLKqvsDtoGpXFdT5ycw-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
72:fd:f1:54:73:5a:11:fd:7d:31:15:5f:b8:0d:ac:3a:96:80:
88:2e:80:ee:3e:10:d0:fc:56:11:26:6e:23:4b:d1:87:62:15:
e1:57:d4:e0:45:e6:9b:2e:fc:52:21:3a:b4:fd:c7:a2:6b:32:
5a:42:a5:08:eb:b9:55:7c:f0:18:77:8c:24:1f:7e:1f:f0:3f:
3d:af:02:7e:38:a1:a6:69:2e:d9:07:93:ed:50:1c:c9:0d:7a:
a4:f3:b1:ef:db:f4:0a:30:71:ee:61:e0:1e:0c:8b:fe:ef:e9:
1d:39:bb:3e:3b:91:f0:b4:8e:8a:03:bb:f5:3f:b7:04:47:54:
ae:b4:98:be:00:51:62:5a:ca:97:09:fe:f4:a4:e4:33:b7:39:
c3:27:77:cd:eb:93:75:cf:b2:99:2c:bc:e6:d7:a1:95:f8:b1:
9d:c9:20:2e:10:43:f7:63:a3:d0:f7:c4:46:0c:a8:9d:6c:e3:
85:9e:55:04:64:07:7c:86:dc:1e:11:06:73:6f:12:76:36:ae:
a7:be:0b:65:05:52:fe:f4:46:a4:a6:fa:79:21:2c:8d:de:47:
b8:41:da:b2:a4:c6:a1:4a:9e:7b:d8:5a:30:56:cc:84:08:c3:
94:37:7f:4c:b0:bc:b6:22:23:5e:e5:23:b3:bc:28:62:6f:f6:
58:3f:41:c6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYtNWAarAygvxooHC2/A1y/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDIwMTM0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFjYjJhMTdjNGIyYWFiZWMwZWRhMDZhNTcxNWQ0ZjljOWNjM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0njIopkzHKYc8v2nSnDIXtPsoFNB
DaoAq+uMxbsJLDAx/Wq5fDlt+53ohX4rpv3znXkpYIhT68r1p83nJxOQZBUyKNWu
ZorFZmY6kn8hsjfHKw91t1JueysnWkZR5Ox/v+bO71B9/ev9VF4LQP9qwwBP4ZPl
svgTvymRWsEd77in7JEpunNWjBZhnvwbfI9PMsQ+u35ICG7IgemQl7l0hstpBCWD
iV29DBPg0mWOTNRWagr1Wk5hscPg0IgGUaRwPEH90YSb0BD3g2uCieNQQasf6zcR
DIAEwOgEw4zMROqhhelHbv1WJggtmJo3wKhBedWLRSO0eBitNcT+hvd/CwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGAcsqF8Syqr7A7aBqVxXU+cnMPnMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWUJ5eW9YeExLcXZzRHRvR3BYRmRUNXljdy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFOJngME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEAbLS4AME
A7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEAcv3x
VHNaEf19MRVfuA2sOpaAiC6A7j4Q0PxWESZuI0vRh2IV4VfU4EXmmy78UiE6tP3H
omsyWkKlCOu5VXzwGHeMJB9+H/A/Pa8Cfjihpmku2QeT7VAcyQ16pPOx79v0CjBx
7mHgHgyL/u/pHTm7PjuR8LSOigO79T+3BEdUrrSYvgBRYlrKlwn+9KTkM7c5wyd3
zeuTdc+ymSy85tehlfixnckgLhBD92Oj0PfERgyonWzjhZ5VBGQHfIbcHhEGc28S
djaup74LZQVS/vRGpKb6eSEsjd5HuEHasqTGoUqee9haMFbMhAjDlDd/TLC8tiIj
XuUjs7woYm/2WD9Bxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org