Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cNmLiN5Z8eb4-rJvHzovKeKXssA.roa
File: cNmLiN5Z8eb4-rJvHzovKeKXssA.roa (raw, json)
Hash identifier: Np9pNGHq+RSOwuCRoXBRLW/WiDgruFyV/HdzjzcOPD4=
Subject key identifier: 70:D9:8B:88:DE:59:F1:E6:F8:FA:B2:6F:1F:3A:2F:29:E2:97:B2:C0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187E8B1158238B0BF5F524484EFC4C5FC37
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cNmLiN5Z8eb4-rJvHzovKeKXssA.roa
Signing time: Thu 04 May 2023 21:35:32 +0000
ROA not before: Thu 04 May 2023 21:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e8:b1:15:82:38:b0:bf:5f:52:44:84:ef:c4:c5:fc:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 4 21:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d98b88de59f1e6f8fab26f1f3a2f29e297b2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1c:bc:ef:0e:de:91:64:6c:b6:1b:11:ec:2b:
b1:26:93:2b:70:ac:b9:a3:01:08:72:5c:2e:54:6e:
83:ba:53:fd:77:35:0d:cf:a1:2b:74:82:6a:66:6e:
09:4e:cb:9a:38:85:ec:a5:ef:55:3c:32:fd:95:ea:
36:f6:88:89:4c:a1:ef:65:2c:87:da:89:25:16:c7:
ed:90:33:c2:4a:e7:20:3a:03:35:4f:c6:57:75:3e:
09:a3:f0:2a:c8:58:81:91:ab:ab:18:d5:3d:69:5e:
51:ea:9c:ee:23:e8:eb:de:0f:e0:ed:f2:2c:1f:76:
a6:7b:41:99:5c:58:31:1c:ae:bd:f7:92:3d:56:6a:
c6:59:3c:37:99:13:c9:98:f4:d4:dc:fe:4c:a3:43:
6f:f4:96:64:1e:0f:a1:bc:d1:c2:d9:ad:ad:e3:f8:
ef:77:a8:c3:4e:6b:1f:90:5a:9d:d4:f4:f9:1a:ab:
f4:10:ae:47:ee:1f:9e:ae:8c:52:d7:c2:38:3b:ad:
7f:e9:06:41:81:dd:ec:d7:7a:d0:fd:4d:55:7f:63:
74:d5:a5:90:fb:46:25:3a:bc:fa:e4:20:bd:3c:6f:
84:a9:cd:e4:69:53:9e:ed:1b:81:51:36:46:06:e1:
52:23:65:a7:66:0e:22:9f:07:ac:f4:84:2c:bb:37:
b3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D9:8B:88:DE:59:F1:E6:F8:FA:B2:6F:1F:3A:2F:29:E2:97:B2:C0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cNmLiN5Z8eb4-rJvHzovKeKXssA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
42:1f:de:37:9f:ac:98:3f:2a:f2:49:77:cb:96:b1:78:69:98:
2e:d5:6b:20:bb:8d:4a:4f:ac:28:8b:da:0c:37:c4:dd:31:74:
83:59:a0:2d:89:73:40:e9:53:71:85:87:0d:56:c0:8d:b6:6f:
44:da:9e:a5:70:88:50:5f:7b:37:64:dd:bb:9d:7e:bc:7f:b8:
86:6f:35:fb:86:a7:79:d4:22:ba:6c:f5:79:02:ac:48:22:16:
bc:5b:fc:b6:bc:4c:02:5b:de:3c:b3:8c:37:9b:43:d4:f7:12:
d4:8e:47:ae:79:fe:f4:40:1b:5a:9a:37:a7:60:a2:d0:01:0b:
ef:a9:6d:34:c9:09:20:d0:4b:04:92:96:42:db:1a:96:de:00:
bb:93:91:a7:49:c7:27:eb:07:09:ba:4a:2b:78:ea:ce:bd:98:
f0:69:7e:e9:da:5f:68:b8:7d:cd:be:b0:67:f3:b4:d1:6f:8c:
7d:f4:cc:90:2c:1d:65:6b:10:7d:8f:d9:ef:bb:6d:29:99:4a:
56:0b:37:d4:59:de:4a:df:19:ee:a4:95:c7:c4:10:a5:f5:e7:
f0:f9:55:81:36:16:55:97:cf:53:a8:6c:6d:be:64:f1:06:18:
68:62:71:57:fc:d2:14:41:1d:a2:76:b9:f7:ce:d7:2b:7e:d3:
19:d1:cd:92
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYfosRWCOLC/X1JEhO/Exfw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTA0MjEzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ5OGI4OGRlNTlmMWU2ZjhmYWIyNmYxZjNhMmYyOWUyOTdiMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBy87w7ekWRsthsR7CuxJpMrcKy5
owEIclwuVG6DulP9dzUNz6ErdIJqZm4JTsuaOIXspe9VPDL9leo29oiJTKHvZSyH
2oklFsftkDPCSucgOgM1T8ZXdT4Jo/AqyFiBkaurGNU9aV5R6pzuI+jr3g/g7fIs
H3ame0GZXFgxHK6995I9VmrGWTw3mRPJmPTU3P5Mo0Nv9JZkHg+hvNHC2a2t4/jv
d6jDTmsfkFqd1PT5Gqv0EK5H7h+eroxS18I4O61/6QZBgd3s13rQ/U1Vf2N01aWQ
+0YlOrz65CC9PG+Eqc3kaVOe7RuBUTZGBuFSI2WnZg4inwes9IQsuzezlQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFHDZi4jeWfHm+Pqybx86Lynil7LAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY05tTGlONVo4ZWI0LXJKdkh6b3ZLZUtYc3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAAt
CakDBAItCagDBAAtDggDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwME
AE3ynAMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wME
ArLS4AMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOC
AQEAQh/eN5+smD8q8kl3y5axeGmYLtVrILuNSk+sKIvaDDfE3TF0g1mgLYlzQOlT
cYWHDVbAjbZvRNqepXCIUF97N2Tdu51+vH+4hm81+4anedQiumz1eQKsSCIWvFv8
trxMAlvePLOMN5tD1PcS1I5Hrnn+9EAbWpo3p2Ci0AEL76ltNMkJINBLBJKWQtsa
lt4Au5ORp0nHJ+sHCbpKK3jqzr2Y8Gl+6dpfaLh9zb6wZ/O00W+MffTMkCwdZWsQ
fY/Z77ttKZlKVgs31FneSt8Z7qSVx8QQpfXn8PlVgTYWVZfPU6hsbb5k8QYYaGJx
V/zSFEEdona5987XK37TGdHNkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org