Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZyD-2YK8TzukUa-ZVBuUDCkOMso.roa
File: ZyD-2YK8TzukUa-ZVBuUDCkOMso.roa (raw, json)
Hash identifier: Pg4I3m2y4OypR+dUSPXpE3qW5V/ERMDhWc2oZIFnOPc=
Subject key identifier: 67:20:FE:D9:82:BC:4F:3B:A4:51:AF:99:54:1B:94:0C:29:0E:32:CA
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01882476FD02D39C5BFAD5D72A3ED88FA2F5
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZyD-2YK8TzukUa-ZVBuUDCkOMso.roa
Signing time: Tue 16 May 2023 12:09:17 +0000
ROA not before: Tue 16 May 2023 12:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
88.209.249.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:76:fd:02:d3:9c:5b:fa:d5:d7:2a:3e:d8:8f:a2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 16 12:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6720fed982bc4f3ba451af99541b940c290e32ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:f7:85:d8:d4:d7:22:aa:ce:f6:50:0f:92:
3d:06:13:df:2b:87:68:a2:f1:b3:ad:5f:75:59:95:
05:e6:a8:1d:cf:c3:7d:4a:2c:08:75:be:bd:6c:3a:
a3:5e:b3:13:07:82:5f:54:6e:9a:c7:69:a6:0b:86:
81:74:c7:02:f0:d8:89:8e:a4:34:c0:87:ff:e4:ab:
93:82:25:19:21:90:56:70:a1:3e:5c:18:d8:04:2d:
57:5f:f9:ed:e9:06:ea:14:25:ef:b3:5e:9d:37:58:
82:c3:08:30:87:81:6f:f7:b2:4b:a5:f3:b6:11:e5:
cd:51:b8:57:77:3d:f2:5f:1f:29:f9:88:70:b6:79:
55:db:9d:e6:48:31:9f:9b:32:5e:fe:2d:92:66:d3:
ce:6c:d0:4b:f3:7c:7a:48:79:ef:0e:6e:e2:ba:b2:
b3:87:e4:fd:78:7c:44:52:a6:9b:29:a4:fe:07:c8:
e7:fc:8a:df:81:6f:5c:de:23:26:69:ff:87:a6:a8:
03:b9:40:88:b0:7c:15:e8:9b:17:cd:58:7a:f1:13:
b2:ba:1d:77:08:40:91:85:60:13:96:0c:2b:94:3e:
e1:c7:b3:85:fe:da:88:8d:67:00:ca:c7:d0:97:05:
04:b3:34:c0:57:d2:ce:56:97:90:78:98:31:79:ae:
af:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:20:FE:D9:82:BC:4F:3B:A4:51:AF:99:54:1B:94:0C:29:0E:32:CA
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZyD-2YK8TzukUa-ZVBuUDCkOMso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.58.0/24
88.151.61.0/24
88.209.194.0/23
88.209.207.0/24
88.209.209.0/24
88.209.211.0/24
88.209.216.0/24
88.209.220.0-88.209.222.255
88.209.224.0/23
88.209.229.0/24
88.209.248.0/23
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
98:5e:1e:f0:ee:b1:6d:f0:b8:13:cb:f6:b4:b0:28:e2:45:d0:
02:f2:c6:8c:97:7d:04:a6:b5:7d:a2:2d:73:2f:17:eb:ea:43:
9b:7f:ba:22:e4:18:69:c8:0e:f0:66:29:cc:a9:46:35:fe:64:
74:0a:51:6f:0f:c1:0d:81:78:30:81:34:4d:fc:75:59:03:6d:
ca:9f:45:52:03:cb:e4:c9:c7:4d:5b:f6:e8:20:e3:5f:85:11:
5d:db:d5:68:b0:97:b2:1a:5b:26:39:d9:6f:e4:cd:bd:e1:64:
f4:7d:9a:24:19:b9:36:db:be:ea:f3:d8:91:ec:82:3e:a6:f5:
bc:2f:4a:5a:f8:38:e2:b7:99:bb:54:09:69:31:41:c4:6c:eb:
4b:db:e5:6f:61:1a:18:cc:70:06:05:78:72:aa:54:5c:05:c5:
f8:be:3d:76:4f:1c:f1:3f:27:6d:ce:d3:4e:e4:b0:73:0e:81:
90:fd:d2:f3:9f:c9:e8:d2:2e:ec:93:5d:9d:5a:fb:99:9c:84:
59:92:65:49:78:1d:c6:5f:22:63:c0:92:cc:ce:85:37:6f:71:
0b:6e:74:b0:85:5a:87:46:c8:46:e4:ec:75:8b:23:52:3e:04:
3c:42:7c:3f:2b:e3:b2:e0:51:4f:60:cb:42:42:5e:56:5d:f4:
a8:0c:77:7e
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYgkdv0C05xb+tXXKj7Yj6L1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTE2MTIwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzIwZmVkOTgyYmM0ZjNiYTQ1MWFmOTk1NDFiOTQwYzI5MGUzMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr33hdjU1yKqzvZQD5I9BhPfK4do
ovGzrV91WZUF5qgdz8N9SiwIdb69bDqjXrMTB4JfVG6ax2mmC4aBdMcC8NiJjqQ0
wIf/5KuTgiUZIZBWcKE+XBjYBC1XX/nt6QbqFCXvs16dN1iCwwgwh4Fv97JLpfO2
EeXNUbhXdz3yXx8p+YhwtnlV253mSDGfmzJe/i2SZtPObNBL83x6SHnvDm7iurKz
h+T9eHxEUqabKaT+B8jn/IrfgW9c3iMmaf+HpqgDuUCIsHwV6JsXzVh68ROyuh13
CECRhWATlgwrlD7hx7OF/tqIjWcAysfQlwUEszTAV9LOVpeQeJgxea6vhwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGcg/tmCvE87pFGvmVQblAwpDjLKMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWnlELTJZSzhUenVrVWEtWlZCdVVEQ2tPTXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQABbZxAwQA
WJc6AwQAWJc9AwQBWNHCAwQAWNHPAwQAWNHRAwQAWNHTAwQAWNHYMAwDBAJY0dwD
BABY0d4DBAFY0eADBABY0eUDBAFY0fgDBACy0uwwDQYJKoZIhvcNAQELBQADggEB
AJheHvDusW3wuBPL9rSwKOJF0ALyxoyXfQSmtX2iLXMvF+vqQ5t/uiLkGGnIDvBm
KcypRjX+ZHQKUW8PwQ2BeDCBNE38dVkDbcqfRVIDy+TJx01b9ugg41+FEV3b1Wiw
l7IaWyY52W/kzb3hZPR9miQZuTbbvurz2JHsgj6m9bwvSlr4OOK3mbtUCWkxQcRs
60vb5W9hGhjMcAYFeHKqVFwFxfi+PXZPHPE/J23O007ksHMOgZD90vOfyejSLuyT
XZ1a+5mchFmSZUl4HcZfImPAkszOhTdvcQtudLCFWodGyEbk7HWLI1I+BDxCfD8r
47LgUU9gy0JCXlZd9KgMd34=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org