Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dwt5WmoXfnNv84C4-ja87ma-1wk.roa
File: dwt5WmoXfnNv84C4-ja87ma-1wk.roa (raw, json)
Hash identifier: Q9YjJqhkKf2UXjQDmclp5asDiod8mi+Q8lY3tzAMfJc=
Subject key identifier: 77:0B:79:5A:6A:17:7E:73:6F:F3:80:B8:FA:36:BC:EE:66:BE:D7:09
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189E352C20C94F8A19AD10D41E7980AB69D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dwt5WmoXfnNv84C4-ja87ma-1wk.roa
Signing time: Fri 11 Aug 2023 06:39:58 +0000
ROA not before: Fri 11 Aug 2023 06:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 88.209.253.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:52:c2:0c:94:f8:a1:9a:d1:0d:41:e7:98:0a:b6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 11 06:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=770b795a6a177e736ff380b8fa36bcee66bed709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:56:c1:9e:55:95:f9:bc:41:2a:f7:92:4a:
86:d1:8a:e6:fc:76:dd:c9:0b:ab:ef:47:4a:19:e0:
c4:8a:7f:cf:da:a7:67:96:59:56:c2:3e:89:c5:ef:
7c:08:9c:2c:04:0d:e0:b4:5c:1a:48:e6:78:30:1e:
3f:33:c5:6c:4e:48:b6:09:a3:fa:fc:e1:f8:74:10:
e0:d3:57:81:60:20:5a:a7:ee:26:7f:4a:b7:a4:e5:
76:60:32:e9:6e:c3:bb:ed:f3:69:42:b6:4a:2f:33:
2c:cc:04:2e:26:10:d6:83:61:1a:2b:fe:fd:92:f7:
50:61:15:9f:9d:3e:6f:03:4a:7a:42:6b:6f:2c:bc:
0d:3f:e9:4d:3c:a8:9c:a5:e1:fd:8c:67:36:3b:df:
a2:1e:70:5c:8b:bc:6d:93:89:2f:ec:78:6f:f8:76:
f5:f2:f7:97:30:0c:d7:23:b7:c0:66:2e:dd:79:30:
ee:1e:57:2b:9a:41:24:97:f0:1d:cd:be:bf:4a:80:
c1:f1:55:87:29:8e:1c:a7:da:d7:99:1c:38:d8:d5:
b9:74:35:33:9f:dc:2f:65:8e:fa:54:7d:97:71:a7:
a6:48:7a:39:e4:39:30:33:d2:aa:5a:7b:be:62:0e:
ae:ac:32:4f:e4:3f:2b:5d:d5:59:70:34:2b:71:df:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0B:79:5A:6A:17:7E:73:6F:F3:80:B8:FA:36:BC:EE:66:BE:D7:09
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dwt5WmoXfnNv84C4-ja87ma-1wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.157.0-77.242.158.255
88.151.62.0/24
88.209.253.0/24
178.210.228.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:1d:32:43:9d:56:c8:a2:dd:41:10:bc:e1:9b:c3:1b:61:fb:
57:39:2c:ce:3a:6b:6c:8f:1f:5f:49:37:cb:37:64:1c:b3:aa:
48:83:29:23:a8:e8:9c:83:51:16:49:17:b9:9a:7a:4e:71:c4:
5d:78:64:a5:16:65:73:1e:b6:4a:66:79:63:10:dc:03:f4:cf:
bb:70:9a:5c:2d:88:bc:d1:07:93:7d:08:3e:09:44:23:b8:73:
7b:3b:9e:35:b3:85:7f:dc:cd:82:dd:35:30:d2:1d:f8:44:17:
69:94:da:c0:81:2d:8f:c1:c4:6f:6a:fb:3a:3d:83:cd:c2:2a:
48:99:2a:f8:0c:9d:4b:c4:35:a0:ba:da:2c:f0:98:aa:fc:2a:
3f:50:97:27:a9:b3:4b:1c:e3:af:e2:28:60:12:79:32:f0:34:
b6:9d:ba:b3:ac:f8:f1:97:f6:7d:59:92:64:42:ce:a4:a2:fa:
2c:af:97:e4:49:e5:af:d7:04:15:f2:8e:3b:c0:7b:4d:0c:0a:
83:18:9e:11:ad:37:02:f4:dd:db:7b:c4:cd:af:a9:86:ce:8c:
b3:e6:ff:54:e7:3d:67:d0:86:55:e3:41:e8:39:50:78:2d:99:
df:75:70:bd:a5:f9:98:05:90:3c:b5:a0:1f:6c:99:71:d4:eb:
d1:f4:7a:41
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYnjUsIMlPihmtENQeeYCradMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODExMDYzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzBiNzk1YTZhMTc3ZTczNmZmMzgwYjhmYTM2YmNlZTY2YmVkNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd1WwZ5Vlfm8QSr3kkqG0Yrm/Hbd
yQur70dKGeDEin/P2qdnlllWwj6Jxe98CJwsBA3gtFwaSOZ4MB4/M8VsTki2CaP6
/OH4dBDg01eBYCBap+4mf0q3pOV2YDLpbsO77fNpQrZKLzMszAQuJhDWg2EaK/79
kvdQYRWfnT5vA0p6QmtvLLwNP+lNPKicpeH9jGc2O9+iHnBci7xtk4kv7Hhv+Hb1
8veXMAzXI7fAZi7deTDuHlcrmkEkl/Adzb6/SoDB8VWHKY4cp9rXmRw42NW5dDUz
n9wvZY76VH2XcaemSHo55DkwM9KqWnu+Yg6urDJP5D8rXdVZcDQrcd9IfQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHcLeVpqF35zb/OAuPo2vO5mvtcJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZHd0NVdtb1hmbk52ODRDNC1qYTg3bWEtMXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABN8p0D
BABN8p4DBABYlz4DBABY0f0DBACy0uQwDQYJKoZIhvcNAQELBQADggEBAL0dMkOd
Vsii3UEQvOGbwxth+1c5LM46a2yPH19JN8s3ZByzqkiDKSOo6JyDURZJF7maek5x
xF14ZKUWZXMetkpmeWMQ3AP0z7twmlwtiLzRB5N9CD4JRCO4c3s7njWzhX/czYLd
NTDSHfhEF2mU2sCBLY/BxG9q+zo9g83CKkiZKvgMnUvENaC62izwmKr8Kj9Qlyep
s0sc46/iKGASeTLwNLadurOs+PGX9n1ZkmRCzqSi+iyvl+RJ5a/XBBXyjjvAe00M
CoMYnhGtNwL03dt7xM2vqYbOjLPm/1TnPWfQhlXjQeg5UHgtmd91cL2l+ZgFkDy1
oB9smXHU69H0ekE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org