Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bIr-UPFIi8tdGfw1f0uvuwYO_pE.roa
File: bIr-UPFIi8tdGfw1f0uvuwYO_pE.roa (raw, json)
Hash identifier: /3azsAkIZ2ETyIJXqmm/Cn1sMPa/Jq7rknq0o1WW7EQ=
Subject key identifier: 6C:8A:FE:50:F1:48:8B:CB:5D:19:FC:35:7F:4B:AF:BB:06:0E:FE:91
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188BB736BBAA1C9A90B3B0F6D27317C4AA7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bIr-UPFIi8tdGfw1f0uvuwYO_pE.roa
Signing time: Wed 14 Jun 2023 19:48:03 +0000
ROA not before: Wed 14 Jun 2023 19:48:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:73:6b:ba:a1:c9:a9:0b:3b:0f:6d:27:31:7c:4a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 14 19:48:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c8afe50f1488bcb5d19fc357f4bafbb060efe91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d3:13:3e:68:a7:cf:94:ba:51:06:c6:7e:93:
ff:00:22:c2:d7:93:22:42:18:10:8b:28:b4:39:0e:
1f:6c:ba:05:87:c2:aa:b6:7d:58:50:dd:c5:ec:1d:
84:3e:61:9f:5e:38:85:8e:66:5f:28:c8:8b:1c:e0:
f9:b5:fe:c5:4b:b2:0d:66:e0:05:6c:4a:53:ae:9f:
1c:ac:c4:8e:4e:da:61:81:cb:62:b3:a3:fa:4c:df:
c6:db:d6:b0:66:36:96:88:16:83:9e:66:52:c1:5f:
3a:bc:ea:05:6d:2c:34:55:a6:26:1f:2f:87:99:38:
3d:1d:3e:7e:20:88:db:7d:6b:1b:44:bc:25:f7:8c:
a2:f4:60:bc:24:c1:c1:40:cc:c4:13:39:ca:f4:00:
09:28:43:69:9e:18:78:d9:59:51:2f:46:1c:ed:5e:
2f:e3:35:53:88:3f:9d:9a:c2:bc:13:68:94:dc:c9:
8b:0a:61:ee:5e:f9:06:51:1e:62:9b:49:44:7e:8b:
d5:2a:5f:93:f1:b6:26:50:f0:a6:87:a2:b6:ee:f0:
d3:d7:39:06:cc:63:8f:a0:ae:34:82:1b:c8:f5:db:
70:8c:df:9f:ee:d4:8e:ab:ed:75:03:e2:e4:cd:da:
71:74:37:7c:47:3b:f6:1f:5a:a7:aa:e6:10:0a:94:
81:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8A:FE:50:F1:48:8B:CB:5D:19:FC:35:7F:4B:AF:BB:06:0E:FE:91
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/bIr-UPFIi8tdGfw1f0uvuwYO_pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/22
88.209.206.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
92:8c:c5:f3:40:60:35:df:dd:5b:c1:32:86:e9:6b:5b:12:1c:
6f:46:61:d0:5e:d1:34:4a:ff:db:5c:8b:76:80:b8:9d:c0:a9:
00:ae:c7:9e:e3:60:d2:d4:a3:8b:94:c8:92:a8:3d:3e:43:12:
05:c0:69:46:54:94:99:6c:8e:73:d6:36:22:46:36:f0:ef:ac:
6d:59:4d:2d:db:36:53:0d:c0:6c:5c:36:57:e8:3e:43:84:aa:
c0:13:58:e5:e8:36:99:af:72:54:e1:1a:48:ac:22:46:7b:49:
d3:14:d6:a3:0b:28:4e:11:4d:be:bc:69:5f:35:f4:01:4f:96:
f4:42:81:8d:c1:9a:64:cf:8e:ee:48:eb:16:5a:4f:25:c2:e5:
a7:0d:5e:56:5b:6c:05:22:d0:5b:9c:42:c6:56:e8:fe:eb:cc:
5a:5a:47:81:13:97:b6:d4:e4:2b:c0:91:ca:1c:00:fd:ab:8c:
71:4c:e4:92:19:00:53:e6:c1:a3:7f:53:7f:8c:76:06:ac:aa:
8a:c4:a8:68:3c:a7:fe:a1:5a:1b:fb:02:44:1c:43:7f:95:e5:
68:c9:a3:f7:21:45:40:3e:8e:d8:c0:83:8c:10:cb:be:52:56:
20:87:c9:d9:d6:9f:2b:4f:48:3c:e8:60:63:d3:07:dc:51:a1:
6b:46:82:69
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYi7c2u6ocmpCzsPbScxfEqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE0MTk0ODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhhZmU1MGYxNDg4YmNiNWQxOWZjMzU3ZjRiYWZiYjA2MGVmZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNMTPminz5S6UQbGfpP/ACLC15Mi
QhgQiyi0OQ4fbLoFh8Kqtn1YUN3F7B2EPmGfXjiFjmZfKMiLHOD5tf7FS7INZuAF
bEpTrp8crMSOTtphgctis6P6TN/G29awZjaWiBaDnmZSwV86vOoFbSw0VaYmHy+H
mTg9HT5+IIjbfWsbRLwl94yi9GC8JMHBQMzEEznK9AAJKENpnhh42VlRL0Yc7V4v
4zVTiD+dmsK8E2iU3MmLCmHuXvkGUR5im0lEfovVKl+T8bYmUPCmh6K27vDT1zkG
zGOPoK40ghvI9dtwjN+f7tSOq+11A+LkzdpxdDd8Rzv2H1qnquYQCpSBJwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFGyK/lDxSIvLXRn8NX9Lr7sGDv6RMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYklyLVVQRklpOHRkR2Z3MWYwdXZ1d1lPX3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAAW2cAME
AAW2cwMEAC0JqAMEAk3ymAMEAFOJmQMEAlOJnAMEAFjRzgMEAFjR2wMEAFjR5AME
AljR7AMEAVjR9jAMAwQAWNH9AwQAWNH+MAwDBABcNNkDBABcNNoDBAKy0ugDBACy
0u0DBADCKS8wDQYJKoZIhvcNAQELBQADggEBAJKMxfNAYDXf3VvBMobpa1sSHG9G
YdBe0TRK/9tci3aAuJ3AqQCux57jYNLUo4uUyJKoPT5DEgXAaUZUlJlsjnPWNiJG
NvDvrG1ZTS3bNlMNwGxcNlfoPkOEqsATWOXoNpmvclThGkisIkZ7SdMU1qMLKE4R
Tb68aV819AFPlvRCgY3BmmTPju5I6xZaTyXC5acNXlZbbAUi0FucQsZW6P7rzFpa
R4ETl7bU5CvAkcocAP2rjHFM5JIZAFPmwaN/U3+MdgasqorEqGg8p/6hWhv7AkQc
Q3+V5WjJo/chRUA+jtjAg4wQy75SViCHydnWnytPSDzoYGPTB9xRoWtGgmk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org