Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5FcBoWSICsYwF7ZkK1XZgbJ5Cw.roa
File: a5FcBoWSICsYwF7ZkK1XZgbJ5Cw.roa (raw, json)
Hash identifier: KaG+6znPaAYAIeEgM6tyUVshnTm1vYXbeoekglFLrBA=
Subject key identifier: 6B:91:5C:06:85:92:20:2B:18:C0:5E:D9:90:AD:57:66:06:C9:E4:2C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018BD8C131FAA657FE6BF5768749F2BB52B1
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5FcBoWSICsYwF7ZkK1XZgbJ5Cw.roa
Signing time: Thu 16 Nov 2023 15:30:21 +0000
ROA not before: Thu 16 Nov 2023 15:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.232.0/22 maxlen: 24
178.210.228.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:c1:31:fa:a6:57:fe:6b:f5:76:87:49:f2:bb:52:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 16 15:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b915c068592202b18c05ed990ad576606c9e42c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dc:e2:a1:63:df:e4:4d:0e:a8:f8:8e:1b:b3:
ee:c4:5b:57:1c:87:55:3b:2f:83:0c:09:58:9b:2a:
3b:b2:54:7c:2d:c7:53:7f:bb:83:70:0b:ea:ba:bf:
bf:7f:79:43:80:8d:ae:a2:1b:8c:ce:40:91:73:36:
a4:ef:63:7f:39:98:e6:43:d7:9a:de:aa:f2:06:81:
be:6a:bc:77:19:63:5b:a5:6a:60:d1:54:96:6f:81:
e0:57:30:77:c8:c8:cb:4a:3c:65:97:b4:18:75:d4:
ed:e9:80:f1:82:c6:9a:96:a5:06:c0:66:1d:6c:5a:
b3:1a:de:a4:83:0e:c0:20:53:29:dc:c7:9a:29:8a:
ab:68:bc:3f:7d:8c:b6:60:82:c3:c0:fc:2b:aa:e4:
9a:e9:4e:3c:d1:7f:73:e5:25:ec:33:6f:35:f7:cc:
de:36:00:09:f4:7a:06:d2:1e:cd:15:c8:e3:63:0c:
44:87:34:e8:fa:b3:a8:3d:be:92:cc:37:37:44:c7:
ee:09:9d:07:9e:a8:f5:c8:63:f7:ed:71:8f:5b:b5:
05:d2:dd:2e:5b:4d:c7:3d:d9:22:74:ee:e6:70:a5:
1b:92:e1:05:63:89:4c:7c:18:40:b7:1e:74:de:78:
3c:57:74:23:bb:11:48:5e:be:43:94:e8:2e:cf:19:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:91:5C:06:85:92:20:2B:18:C0:5E:D9:90:AD:57:66:06:C9:E4:2C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/a5FcBoWSICsYwF7ZkK1XZgbJ5Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.150.0/24
88.151.56.0/23
88.209.211.0/24
88.209.226.0/24
88.209.232.0/22
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
16:43:94:41:e4:8f:5a:87:4c:0b:73:2f:b3:a5:fb:7d:70:f4:
7b:6d:b6:7c:59:5a:39:86:8a:5f:27:96:64:fd:bc:a7:cd:2b:
6a:70:79:6c:41:ca:77:35:a7:f0:e0:8b:35:c8:1d:53:c1:df:
d6:c8:f8:59:8d:49:e5:8d:23:08:bc:83:3b:9d:7f:a8:c9:a2:
9e:d2:61:14:98:b4:18:58:c9:9b:14:80:12:2e:93:70:ce:7d:
6a:72:6e:c9:99:60:12:05:f2:81:86:b9:e9:68:f2:13:9f:1b:
f1:72:71:3d:79:fc:93:c1:8b:0d:5e:27:35:59:e7:29:f1:77:
b3:65:e8:d2:53:ef:c1:0f:ec:a2:5e:d2:ca:fc:a6:56:6e:7a:
c8:b1:7e:9b:09:c7:ca:6b:b5:7c:39:e2:09:d8:bb:94:e1:27:
15:f6:5f:f3:09:9a:c9:59:43:cc:38:2f:22:26:bd:1f:07:29:
4c:80:94:01:64:e8:23:0e:0c:d6:4c:dc:4d:22:bc:7b:61:b0:
4a:81:33:62:37:4d:9e:b2:19:07:6c:16:b7:0d:98:a3:15:58:
69:ff:59:fd:d3:9d:cd:70:32:ad:f5:67:2e:fb:81:f4:7b:d1:
11:83:17:8d:28:a2:9a:63:ba:b3:d4:ad:b2:b5:88:ea:6a:96:
83:5f:fb:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvYwTH6plf+a/V2h0nyu1KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTE2MTUzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjkxNWMwNjg1OTIyMDJiMThjMDVlZDk5MGFkNTc2NjA2YzllNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNzioWPf5E0OqPiOG7PuxFtXHIdV
Oy+DDAlYmyo7slR8LcdTf7uDcAvqur+/f3lDgI2uohuMzkCRczak72N/OZjmQ9ea
3qryBoG+arx3GWNbpWpg0VSWb4HgVzB3yMjLSjxll7QYddTt6YDxgsaalqUGwGYd
bFqzGt6kgw7AIFMp3MeaKYqraLw/fYy2YILDwPwrquSa6U480X9z5SXsM28198ze
NgAJ9HoG0h7NFcjjYwxEhzTo+rOoPb6SzDc3RMfuCZ0Hnqj1yGP37XGPW7UF0t0u
W03HPdkidO7mcKUbkuEFY4lMfBhAtx503ng8V3QjuxFIXr5DlOguzxmkowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGuRXAaFkiArGMBe2ZCtV2YGyeQsMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYTVGY0JvV1NJQ3NZd0Y3WmtLMVhaZ2JKNUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATfKWAwQB
WJc4AwQAWNHTAwQAWNHiAwQCWNHoAwQAstLkMA0GCSqGSIb3DQEBCwUAA4IBAQAW
Q5RB5I9ah0wLcy+zpft9cPR7bbZ8WVo5hopfJ5Zk/bynzStqcHlsQcp3Nafw4Is1
yB1Twd/WyPhZjUnljSMIvIM7nX+oyaKe0mEUmLQYWMmbFIASLpNwzn1qcm7JmWAS
BfKBhrnpaPITnxvxcnE9efyTwYsNXic1Wecp8XezZejSU+/BD+yiXtLK/KZWbnrI
sX6bCcfKa7V8OeIJ2LuU4ScV9l/zCZrJWUPMOC8iJr0fBylMgJQBZOgjDgzWTNxN
Irx7YbBKgTNiN02eshkHbBa3DZijFVhp/1n9053NcDKt9Wcu+4H0e9ERgxeNKKKa
Y7qz1K2ytYjqapaDX/v9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org