Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/d5GqKztBYZdRU8ZbBYvUM3TbrbM.roa
File: d5GqKztBYZdRU8ZbBYvUM3TbrbM.roa (raw, json)
Hash identifier: zixfPjPtLtsl4lsdjFopJDzfNgBurTHe8ruM6gaP/44=
Subject key identifier: 77:91:AA:2B:3B:41:61:97:51:53:C6:5B:05:8B:D4:33:74:DB:AD:B3
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188437D4CEDD0574AB8F2EA94607AF1D1E3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/d5GqKztBYZdRU8ZbBYvUM3TbrbM.roa
Signing time: Mon 22 May 2023 12:44:24 +0000
ROA not before: Mon 22 May 2023 12:44:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
2.58.171.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
2.58.168.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:7d:4c:ed:d0:57:4a:b8:f2:ea:94:60:7a:f1:d1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 22 12:44:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7791aa2b3b4161975153c65b058bd43374dbadb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8a:08:d3:b6:c7:2e:78:37:a9:40:6f:12:bb:
c6:7d:63:b2:80:5e:dd:5e:17:61:ba:8e:d7:02:43:
ef:86:fb:b4:e7:f9:e5:b5:32:13:e9:0e:5a:8c:c9:
8a:7f:eb:08:ad:57:b6:08:13:1c:29:64:f1:f3:7e:
de:17:fc:d3:7c:fa:f6:12:95:4b:15:59:30:0d:e4:
fe:11:82:9a:e3:19:ef:67:72:eb:a5:89:29:f1:9b:
88:a5:6e:4f:51:e9:2e:03:0e:97:6a:66:af:7c:e4:
4a:9d:8e:fe:b8:28:de:a6:55:30:0c:b5:28:79:4c:
0c:dd:80:ea:36:9b:51:91:dc:08:e8:67:55:73:09:
f3:0f:0d:87:c4:54:ee:29:57:0d:cf:96:59:43:21:
2d:55:cb:80:e0:1e:4a:83:43:7e:74:e1:85:aa:01:
c7:86:93:c3:76:3a:7e:52:a1:20:fc:3f:22:1b:80:
dd:03:20:af:ff:98:db:1f:42:ab:ea:60:60:b9:10:
30:e1:5a:01:05:d6:37:5e:b5:d1:b8:aa:eb:73:25:
29:5d:99:3c:b0:4e:91:c5:ca:0b:58:9b:bf:fb:4c:
a3:f6:0b:8e:c0:8f:b0:97:16:61:ad:bd:c3:53:3d:
e4:89:b1:31:07:a1:96:ed:fd:7a:6c:09:86:34:11:
d3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:91:AA:2B:3B:41:61:97:51:53:C6:5B:05:8B:D4:33:74:DB:AD:B3
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/d5GqKztBYZdRU8ZbBYvUM3TbrbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0/22
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:2d:40:ef:fa:aa:20:ea:49:30:a1:a6:ed:2f:d4:21:7c:db:
fd:3e:9a:9b:69:17:8c:59:2f:ea:16:18:7b:3f:5d:6f:99:45:
3a:6f:53:db:f2:28:4e:17:d3:66:4a:c0:1a:cb:4a:9c:90:b6:
54:14:fd:67:fd:b2:b4:88:50:19:41:10:18:a9:0f:30:58:a3:
b9:fe:1e:18:6c:e8:a3:98:eb:6a:44:e9:2b:e0:24:23:ce:7b:
f6:a9:1f:e2:5a:c6:77:d1:be:75:e7:69:03:ea:0b:ec:ef:da:
f2:a6:68:be:33:7b:ab:0e:9a:0d:dc:b4:58:6f:09:4c:c9:40:
1e:7b:38:fd:f0:3f:8e:f7:21:17:1f:25:2b:74:33:43:95:a9:
a9:74:90:4d:a8:ec:80:b5:1c:ae:e4:cb:09:9c:4b:92:96:41:
f5:84:f0:8d:44:54:f4:2d:60:bf:80:de:3c:82:77:39:9d:d1:
35:fe:89:14:09:ff:ef:50:5e:25:16:65:ff:90:61:18:63:38:
80:2b:a1:13:9b:b8:4c:26:19:b4:6e:82:34:09:15:92:90:ed:
0e:39:13:28:f9:01:18:1c:92:10:4e:bf:94:93:28:24:51:99:
8d:60:49:5b:d9:54:25:6b:d2:16:08:c1:88:cd:8b:17:49:47:
85:4c:d4:73
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYhDfUzt0FdKuPLqlGB68dHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTIyMTI0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzkxYWEyYjNiNDE2MTk3NTE1M2M2NWIwNThiZDQzMzc0ZGJhZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4oI07bHLng3qUBvErvGfWOygF7d
Xhdhuo7XAkPvhvu05/nltTIT6Q5ajMmKf+sIrVe2CBMcKWTx837eF/zTfPr2EpVL
FVkwDeT+EYKa4xnvZ3LrpYkp8ZuIpW5PUekuAw6XamavfORKnY7+uCjeplUwDLUo
eUwM3YDqNptRkdwI6GdVcwnzDw2HxFTuKVcNz5ZZQyEtVcuA4B5Kg0N+dOGFqgHH
hpPDdjp+UqEg/D8iG4DdAyCv/5jbH0Kr6mBguRAw4VoBBdY3XrXRuKrrcyUpXZk8
sE6RxcoLWJu/+0yj9guOwI+wlxZhrb3DUz3kibExB6GW7f16bAmGNBHTwwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHeRqis7QWGXUVPGWwWL1DN0262zMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZDVHcUt6dEJZWmRSVThaYkJZdlVNM1RicmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAgI6
qDAMAwQALQmpAwQCLQmoAwQALQ4IAwQBLQ4KAwQALVhdMAwDBARN8pADBABN8pQD
BABN8pcDBABN8pwDBABY0cEDBABY0cQDBABY0dADBABY0dIDBAJY0dQDBANcNNAD
BABcNNsDBAKy0uADBAOy+MgDBADBin0wDQQCAAIwBwMFAyoAH0AwDQYJKoZIhvcN
AQELBQADggEBAF4tQO/6qiDqSTChpu0v1CF82/0+mptpF4xZL+oWGHs/XW+ZRTpv
U9vyKE4X02ZKwBrLSpyQtlQU/Wf9srSIUBlBEBipDzBYo7n+Hhhs6KOY62pE6Svg
JCPOe/apH+JaxnfRvnXnaQPqC+zv2vKmaL4ze6sOmg3ctFhvCUzJQB57OP3wP473
IRcfJSt0M0OVqal0kE2o7IC1HK7kywmcS5KWQfWE8I1EVPQtYL+A3jyCdzmd0TX+
iRQJ/+9QXiUWZf+QYRhjOIAroRObuEwmGbRugjQJFZKQ7Q45Eyj5ARgckhBOv5ST
KCRRmY1gSVvZVCVr0hYIwYjNixdJR4VM1HM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org