Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/c6G9oBxa46P_MhNS1Lc08mFYaBs.roa
File: c6G9oBxa46P_MhNS1Lc08mFYaBs.roa (raw, json)
Hash identifier: o5XN7IKAQMasPcHhEy8ZD6RJF19KFdLhS2O4Jocn4ps=
Subject key identifier: 73:A1:BD:A0:1C:5A:E3:A3:FF:32:13:52:D4:B7:34:F2:61:58:68:1B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B38FE86DA5000871C4F953D1A6DFD1495
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/c6G9oBxa46P_MhNS1Lc08mFYaBs.roa
Signing time: Mon 16 Oct 2023 14:58:06 +0000
ROA not before: Mon 16 Oct 2023 14:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.228.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:fe:86:da:50:00:87:1c:4f:95:3d:1a:6d:fd:14:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 16 14:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73a1bda01c5ae3a3ff321352d4b734f26158681b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:f8:41:96:ce:f1:11:bc:8a:63:70:50:6d:
be:b6:57:8f:ea:4a:46:b6:85:c4:17:56:98:b3:03:
72:8a:3d:07:46:8b:4a:65:07:2a:94:b2:5f:6f:8d:
83:46:d0:00:7e:d2:70:2f:6e:56:c4:66:30:bb:be:
94:d8:43:31:e5:97:1f:35:90:5a:5b:dd:51:e6:9d:
e9:2f:d6:2e:1b:d5:c1:a7:fa:ea:3f:ef:3a:26:eb:
c0:ca:1e:a8:05:80:f2:44:8a:6b:af:4f:c9:01:e8:
6f:38:ff:15:76:28:22:33:9d:96:fe:a8:46:95:af:
dd:25:92:cc:f4:7f:a7:ba:45:5b:54:13:9a:2c:c9:
ed:34:81:ab:7e:83:2b:42:df:2e:02:6d:dc:ec:44:
f1:b5:79:b5:05:86:5b:db:7b:69:21:e3:1a:c2:11:
70:0a:2e:18:93:f9:16:b5:7a:83:2a:7c:40:09:f4:
03:6d:dc:f6:29:cb:41:b3:4f:73:5a:c2:98:9f:e9:
fa:1b:21:76:22:32:0a:4a:5f:fe:ad:03:55:d0:65:
b5:c4:a2:0b:fc:8d:fe:3d:af:13:3d:da:d5:eb:6e:
c3:66:cd:72:1c:11:7f:bc:ba:77:7f:b0:29:31:24:
b4:4c:84:58:b1:96:b7:5a:3e:05:41:a4:7a:5f:57:
7c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A1:BD:A0:1C:5A:E3:A3:FF:32:13:52:D4:B7:34:F2:61:58:68:1B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/c6G9oBxa46P_MhNS1Lc08mFYaBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.200.0/24
88.209.211.0/24
88.209.217.0/24
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
35:03:25:fd:f7:b8:b1:35:d6:54:0f:29:69:4e:fb:64:46:6f:
2d:59:69:74:63:41:c5:c7:4c:75:5c:25:b7:6a:9c:be:3e:d5:
4a:8f:bc:0e:e2:68:64:8f:50:19:f2:ed:35:21:46:63:4d:e1:
ba:c2:04:d2:5f:a5:e5:05:f1:84:3a:12:7e:fd:02:f1:36:55:
1d:0d:60:e4:3d:04:41:38:15:3c:36:36:d1:a8:c9:9c:f7:a2:
77:0a:43:2a:9a:6a:8d:b9:82:cb:35:82:0e:2c:f1:cf:f3:2d:
0a:00:e7:42:38:b1:bc:6f:a6:e0:aa:12:6d:54:b1:1b:a7:96:
0f:45:9a:6d:fa:43:56:bb:71:16:2e:34:dc:53:aa:7c:23:de:
41:ae:3a:8f:9f:94:3a:59:c0:a9:4e:14:6d:71:8b:dc:56:6d:
0c:03:d5:47:d8:73:87:50:8c:00:af:12:c5:61:0a:2c:c9:f7:
62:53:44:8a:9a:06:91:43:24:f9:58:0f:5f:02:ea:95:31:64:
68:bc:fc:6d:30:f0:f2:ec:15:bf:09:07:6b:eb:83:28:d4:43:
29:73:3b:27:ac:70:f1:d7:5e:cc:71:6e:49:5a:1d:0e:a1:24:
91:97:00:1d:18:45:2e:4a:75:95:31:7e:f9:c5:d6:84:4f:99:
ae:44:c7:51
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYs4/obaUACHHE+VPRpt/RSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMDE2MTQ1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ExYmRhMDFjNWFlM2EzZmYzMjEzNTJkNGI3MzRmMjYxNTg2ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkX4QZbO8RG8imNwUG2+tleP6kpG
toXEF1aYswNyij0HRotKZQcqlLJfb42DRtAAftJwL25WxGYwu76U2EMx5ZcfNZBa
W91R5p3pL9YuG9XBp/rqP+86JuvAyh6oBYDyRIprr0/JAehvOP8VdigiM52W/qhG
la/dJZLM9H+nukVbVBOaLMntNIGrfoMrQt8uAm3c7ETxtXm1BYZb23tpIeMawhFw
Ci4Yk/kWtXqDKnxACfQDbdz2KctBs09zWsKYn+n6GyF2IjIKSl/+rQNV0GW1xKIL
/I3+Pa8TPdrV627DZs1yHBF/vLp3f7ApMSS0TIRYsZa3Wj4FQaR6X1d8CwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHOhvaAcWuOj/zITUtS3NPJhWGgbMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvYzZHOW9CeGE0NlBfTWhOUzFMYzA4bUZZYUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQA
WNHIAwQAWNHTAwQAWNHZAwQAstLkMA0GCSqGSIb3DQEBCwUAA4IBAQA1AyX997ix
NdZUDylpTvtkRm8tWWl0Y0HFx0x1XCW3apy+PtVKj7wO4mhkj1AZ8u01IUZjTeG6
wgTSX6XlBfGEOhJ+/QLxNlUdDWDkPQRBOBU8NjbRqMmc96J3CkMqmmqNuYLLNYIO
LPHP8y0KAOdCOLG8b6bgqhJtVLEbp5YPRZpt+kNWu3EWLjTcU6p8I95BrjqPn5Q6
WcCpThRtcYvcVm0MA9VH2HOHUIwArxLFYQosyfdiU0SKmgaRQyT5WA9fAuqVMWRo
vPxtMPDy7BW/CQdr64Mo1EMpczsnrHDx117McW5JWh0OoSSRlwAdGEUuSnWVMX75
xdaET5muRMdR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org