Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dcCR1t6PQRx2qoInNT0JtxtSaHA.roa
File: dcCR1t6PQRx2qoInNT0JtxtSaHA.roa (raw, json)
Hash identifier: VNJ+zjfFbo0q/zMnhF7t5I2kjXyt+15zXDXyWNJrY+0=
Subject key identifier: 75:C0:91:D6:DE:8F:41:1C:76:AA:82:27:35:3D:09:B7:1B:52:68:70
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187B2F39963AB4C1C4BF51B6A191034730E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dcCR1t6PQRx2qoInNT0JtxtSaHA.roa
Signing time: Mon 24 Apr 2023 11:08:41 +0000
ROA not before: Mon 24 Apr 2023 11:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.248.0/24 maxlen: 24
88.209.249.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:f3:99:63:ab:4c:1c:4b:f5:1b:6a:19:10:34:73:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 24 11:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75c091d6de8f411c76aa8227353d09b71b526870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:3a:34:c8:79:2a:13:e7:54:c8:8b:62:50:
b7:b9:b8:93:85:48:8a:1e:b7:14:ef:08:4f:55:60:
f2:57:71:6a:6a:e6:cb:ad:a8:82:29:96:85:0a:ac:
f2:4e:f4:b5:a6:d3:ca:e7:89:6f:ee:11:4e:55:46:
05:0a:20:af:d8:0d:8b:34:9d:54:c9:00:1f:74:4d:
37:af:4c:8a:20:60:11:94:d8:8e:c0:09:bd:af:b2:
16:02:7f:a4:cf:73:3c:f0:4c:11:14:a8:ad:03:8c:
e7:97:5b:e3:2f:c9:9b:22:4b:03:b0:30:c1:98:8b:
29:91:e8:ff:ca:f5:91:16:60:e6:ec:b1:eb:bd:6f:
73:6d:45:70:89:56:ed:de:5c:06:c6:13:d8:25:c5:
3c:a6:8a:83:45:f8:02:63:7f:a9:36:63:73:4f:eb:
c0:3e:0f:19:f7:2e:8c:2a:26:62:0a:e9:43:48:e4:
2e:43:d7:b1:ca:a7:5d:c1:06:ac:81:26:ee:84:0f:
ee:38:b6:a2:e9:7d:8b:8e:81:62:68:08:9c:f3:a9:
fb:61:6b:c5:4c:ea:28:d6:ef:36:36:3b:54:28:e5:
ba:91:d4:35:dc:0d:72:62:f8:1b:94:70:40:f7:75:
a0:3e:40:60:4f:87:95:e4:8c:51:df:c9:ba:7f:58:
f9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C0:91:D6:DE:8F:41:1C:76:AA:82:27:35:3D:09:B7:1B:52:68:70
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dcCR1t6PQRx2qoInNT0JtxtSaHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.56.0/24
88.209.209.0/24
88.209.216.0/24
88.209.221.0/24
88.209.225.0/24
88.209.245.0/24
88.209.248.0/23
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:d4:bc:da:4e:35:2b:0c:f5:18:4f:61:e7:cf:b9:c7:ee:c6:
57:a4:ff:cc:47:82:93:8e:3a:a6:28:d4:d9:41:42:cd:13:eb:
59:e4:85:6c:02:35:a1:42:63:26:81:38:b1:94:e3:56:41:f6:
e2:cb:73:b9:39:87:7d:2f:8f:1d:2f:05:bc:87:d9:8b:41:38:
f0:9b:a0:8b:2d:fc:42:11:89:be:84:85:69:57:61:6a:5c:03:
ef:4c:8e:4a:47:bc:33:27:04:3f:00:6c:d8:67:d9:55:4e:29:
75:4d:36:5b:f0:f8:cc:55:9f:19:d9:b8:4d:27:8c:fa:4e:ee:
d6:c8:6d:cf:d0:b1:83:14:33:93:42:4b:90:89:9d:49:fc:52:
31:6d:56:7f:ba:b9:8f:07:fe:49:b8:2f:fc:71:85:e6:03:15:
2b:93:f5:d5:19:87:6b:73:2b:d4:84:ce:4d:53:25:7e:50:9a:
b9:e7:0e:72:87:49:af:0a:6b:9f:9c:2f:8c:47:12:5d:2d:2e:
2e:35:79:5d:a7:77:3c:2f:76:2a:e5:ac:33:c4:a1:40:0b:d5:
f4:31:0c:51:ab:19:66:46:f1:85:99:6d:70:cf:db:90:f8:4e:
12:e0:69:2c:93:5f:03:68:fd:fc:8b:5f:fd:0a:c8:bd:4d:ad:
a9:60:3b:76
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYey85ljq0wcS/UbahkQNHMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNDI0MTEwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWMwOTFkNmRlOGY0MTFjNzZhYTgyMjczNTNkMDliNzFiNTI2ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAY6NMh5KhPnVMiLYlC3ubiThUiK
HrcU7whPVWDyV3FqaubLraiCKZaFCqzyTvS1ptPK54lv7hFOVUYFCiCv2A2LNJ1U
yQAfdE03r0yKIGARlNiOwAm9r7IWAn+kz3M88EwRFKitA4znl1vjL8mbIksDsDDB
mIspkej/yvWRFmDm7LHrvW9zbUVwiVbt3lwGxhPYJcU8poqDRfgCY3+pNmNzT+vA
Pg8Z9y6MKiZiCulDSOQuQ9exyqddwQasgSbuhA/uOLai6X2LjoFiaAic86n7YWvF
TOoo1u82NjtUKOW6kdQ13A1yYvgblHBA93WgPkBgT4eV5IxR38m6f1j5nwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHXAkdbej0EcdqqCJzU9CbcbUmhwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZGNDUjF0NlBRUngycW9Jbk5UMEp0eHRTYUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABbZxAwQA
WJc4AwQAWNHRAwQAWNHYAwQAWNHdAwQAWNHhAwQAWNH1AwQBWNH4AwQAstLsMA0G
CSqGSIb3DQEBCwUAA4IBAQCi1LzaTjUrDPUYT2Hnz7nH7sZXpP/MR4KTjjqmKNTZ
QULNE+tZ5IVsAjWhQmMmgTixlONWQfbiy3O5OYd9L48dLwW8h9mLQTjwm6CLLfxC
EYm+hIVpV2FqXAPvTI5KR7wzJwQ/AGzYZ9lVTil1TTZb8PjMVZ8Z2bhNJ4z6Tu7W
yG3P0LGDFDOTQkuQiZ1J/FIxbVZ/urmPB/5JuC/8cYXmAxUrk/XVGYdrcyvUhM5N
UyV+UJq55w5yh0mvCmufnC+MRxJdLS4uNXldp3c8L3Yq5awzxKFAC9X0MQxRqxlm
RvGFmW1wz9uQ+E4S4Gksk18DaP38i1/9Csi9Ta2pYDt2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org