Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZQG5LQS6UFE9gfcOpJUhOW0CUC4.roa
File: ZQG5LQS6UFE9gfcOpJUhOW0CUC4.roa (raw, json)
Hash identifier: njCY5ucNf8G45z3HkFwUYIchH2AvWSfGweMTJ1buZ78=
Subject key identifier: 65:01:B9:2D:04:BA:50:51:3D:81:F7:0E:A4:95:21:39:6D:02:50:2E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0183A372143312038ABBCB4BDE7DF24C0446
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZQG5LQS6UFE9gfcOpJUhOW0CUC4.roa
Signing time: Tue 04 Oct 2022 14:41:45 +0000
ROA not before: Tue 04 Oct 2022 14:41:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
178.210.224.0/21 maxlen: 21
83.137.159.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:72:14:33:12:03:8a:bb:cb:4b:de:7d:f2:4c:04:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 4 14:41:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6501b92d04ba50513d81f70ea49521396d02502e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f4:74:7e:8d:1a:84:20:a5:6d:bc:cb:6a:9b:
40:a2:be:ae:4d:ed:3f:62:26:9d:77:21:9e:49:0f:
a1:6e:6b:d0:9a:2a:0d:c9:73:aa:5e:7c:57:84:79:
ab:fb:42:4b:ef:da:cc:57:26:b6:18:99:a5:42:50:
fa:9f:81:56:6f:c6:7d:1b:15:b0:3a:6e:a3:8d:46:
53:3f:93:67:5f:92:f2:20:cc:e0:14:ba:7e:bf:ca:
da:07:90:f7:13:53:7c:3b:bd:e2:af:56:6a:25:c2:
f2:fa:14:d6:48:02:93:1c:c6:b7:6b:d1:fb:a0:50:
56:24:fd:03:64:9b:92:8e:65:72:00:b3:45:59:d0:
8f:35:aa:eb:b0:94:6d:ef:f2:c3:09:df:51:9c:40:
9d:f3:55:9c:aa:57:83:f0:3d:9c:ba:c7:ab:05:35:
7d:24:06:97:b7:f8:c9:2c:85:0f:2d:f0:5c:f9:dc:
44:cb:32:d9:3a:6e:9e:ff:80:27:4b:f9:1c:65:ea:
21:29:92:46:84:8e:ad:91:0a:c1:58:c8:52:bd:19:
f2:4b:96:63:06:8f:27:06:d7:5c:b1:6e:38:d2:b8:
7c:70:3a:6a:fa:48:a4:e8:29:ad:42:1f:96:19:de:
c9:01:37:99:c1:a8:e1:69:9d:16:68:5e:52:ac:47:
b2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:01:B9:2D:04:BA:50:51:3D:81:F7:0E:A4:95:21:39:6D:02:50:2E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZQG5LQS6UFE9gfcOpJUhOW0CUC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/20
83.137.159.0/24
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.240.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:bb:de:b7:4e:9e:b1:5e:0c:5d:27:e1:c0:1a:61:60:71:19:
8c:c6:bf:4c:e4:c4:ff:3b:5c:f3:8e:b7:63:6c:85:5a:fb:66:
27:d4:f5:8f:9a:d2:ea:82:4f:23:ec:9f:16:6b:c6:12:27:fd:
8f:2c:82:2e:43:fa:5f:d1:65:80:21:93:9b:91:e1:e8:d5:66:
02:78:0b:43:dd:b0:81:6a:1c:ab:2d:e3:f0:f6:0e:b3:ea:45:
c1:be:5a:d3:1c:2f:95:02:e4:38:2e:c5:67:7b:e6:c5:7a:5f:
83:66:ec:a1:80:f6:f9:c4:ac:b3:eb:d4:5a:68:01:9e:61:a5:
40:ef:2c:b6:bb:9c:7f:bb:c2:d8:b6:77:96:ee:83:b8:48:a1:
7b:be:1a:24:e3:88:f3:17:61:e2:09:ee:7a:9a:2f:da:db:f8:
58:0b:a2:c6:f5:cf:2d:c3:49:e3:f6:b2:8d:90:7c:34:5e:03:
70:0a:27:85:80:e6:91:0f:46:8e:63:a7:80:e5:37:04:ba:30:
30:7d:b5:e5:04:26:35:00:a1:f5:e8:47:7b:50:46:4d:5b:b3:
f7:2b:21:26:f0:90:7f:6b:2d:e1:d3:13:8b:b0:b2:87:43:5f:
a5:ed:11:67:7e:c4:84:85:f2:08:e5:0d:cf:af:f7:2f:89:14:
ba:49:61:e3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYOjchQzEgOKu8tL3n3yTARGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMDA0MTQ0MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAxYjkyZDA0YmE1MDUxM2Q4MWY3MGVhNDk1MjEzOTZkMDI1MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/R0fo0ahCClbbzLaptAor6uTe0/
YiaddyGeSQ+hbmvQmioNyXOqXnxXhHmr+0JL79rMVya2GJmlQlD6n4FWb8Z9GxWw
Om6jjUZTP5NnX5LyIMzgFLp+v8raB5D3E1N8O73ir1ZqJcLy+hTWSAKTHMa3a9H7
oFBWJP0DZJuSjmVyALNFWdCPNarrsJRt7/LDCd9RnECd81WcqleD8D2cuserBTV9
JAaXt/jJLIUPLfBc+dxEyzLZOm6e/4AnS/kcZeohKZJGhI6tkQrBWMhSvRnyS5Zj
Bo8nBtdcsW440rh8cDpq+kik6CmtQh+WGd7JATeZwajhaZ0WaF5SrEeyjwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFGUBuS0EulBRPYH3DqSVITltAlAuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWlFHNUxRUzZVRkU5Z2ZjT3BKVWhPVzBDVUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBARN8pADBABTiZ8DBANY0cAwDAMEBFjR0AMEAljR
4AMEAljR8AMEA1w00AMEAFw02wMEA7LS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkq
hkiG9w0BAQsFAAOCAQEADLvet06esV4MXSfhwBphYHEZjMa/TOTE/ztc8463Y2yF
WvtmJ9T1j5rS6oJPI+yfFmvGEif9jyyCLkP6X9FlgCGTm5Hh6NVmAngLQ92wgWoc
qy3j8PYOs+pFwb5a0xwvlQLkOC7FZ3vmxXpfg2bsoYD2+cSss+vUWmgBnmGlQO8s
trucf7vC2LZ3lu6DuEihe74aJOOI8xdh4gnuepov2tv4WAuixvXPLcNJ4/ayjZB8
NF4DcAonhYDmkQ9GjmOngOU3BLowMH215QQmNQCh9ehHe1BGTVuz9yshJvCQf2st
4dMTi7Cyh0Nfpe0RZ37EhIXyCOUNz6/3L4kUuklh4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org