Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h6tewn8y6b6gQoLzhQXSKPrwxCo.roa
File: h6tewn8y6b6gQoLzhQXSKPrwxCo.roa (raw, json)
Hash identifier: Tans19etHxoktHenWsX/9iP9tztO1/3CjOTpovjTa0M=
Subject key identifier: 87:AB:5E:C2:7F:32:E9:BE:A0:42:82:F3:85:05:D2:28:FA:F0:C4:2A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018A277BD1E24D85A36C5CACEF736870F9A7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h6tewn8y6b6gQoLzhQXSKPrwxCo.roa
Signing time: Thu 24 Aug 2023 12:19:00 +0000
ROA not before: Thu 24 Aug 2023 12:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.245.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
88.151.57.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.63.0/24 maxlen: 24
2.58.168.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:7b:d1:e2:4d:85:a3:6c:5c:ac:ef:73:68:70:f9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 24 12:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87ab5ec27f32e9bea04282f38505d228faf0c42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:de:09:ce:2d:4b:79:9b:dd:b2:34:f8:56:
95:79:fa:5b:6d:58:39:42:bd:24:22:d9:8e:14:b0:
cc:4f:9a:fc:e3:50:1a:6d:05:94:04:9a:31:eb:23:
f4:ba:6e:8e:00:ab:74:d0:ff:74:c5:bb:6d:f0:c2:
72:14:b5:40:65:3c:34:01:91:82:71:b0:18:db:ce:
1b:19:11:5b:e9:91:60:cf:8b:34:f4:49:79:6d:c4:
a2:1a:50:48:49:0f:82:16:fe:3a:14:a6:2d:f3:76:
a1:ef:c1:82:39:7e:4b:d7:9d:41:ba:59:7b:09:33:
07:db:3c:ed:91:70:18:fa:a4:ba:0c:92:18:dc:f1:
c2:e7:d4:e1:9d:bb:fd:12:35:ee:fd:58:8d:cc:80:
e0:a2:4d:23:c7:58:97:ba:9d:91:32:2a:01:a3:e1:
e9:07:21:10:dc:08:d4:21:b0:91:88:66:a1:b3:44:
45:f0:28:72:06:15:51:02:9d:6c:3e:f2:43:54:ad:
4d:56:23:2a:28:b0:29:05:37:6a:32:53:0b:e7:a2:
e6:92:ed:87:37:41:2a:1e:57:60:25:25:51:4a:de:
43:7f:4c:13:d8:d2:5f:ed:0e:5b:ac:e5:6d:50:58:
31:bd:f0:e9:f9:9e:58:ed:fd:d5:12:c5:ea:64:86:
7e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AB:5E:C2:7F:32:E9:BE:A0:42:82:F3:85:05:D2:28:FA:F0:C4:2A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/h6tewn8y6b6gQoLzhQXSKPrwxCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0/24
2.58.170.0/24
77.242.150.0/24
77.242.156.0/24
77.242.159.0/24
83.137.159.0/24
88.151.56.0-88.151.58.255
88.151.63.0/24
88.209.195.0/24
88.209.211.0/24
88.209.217.0/24
88.209.245.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
36:9e:53:cf:8b:e7:16:81:5f:18:9b:aa:8d:7d:66:c4:25:00:
16:52:00:bc:38:c4:fe:16:c4:01:d3:89:59:25:47:67:5b:10:
68:0a:eb:4f:ca:85:9e:fa:27:0d:69:1a:eb:d8:0d:16:10:41:
d6:b7:d1:df:a9:d1:6a:8e:5a:49:68:f7:1d:e4:55:ed:b7:e9:
f9:00:ca:5e:25:e8:2f:e3:70:08:20:44:64:e3:55:91:8b:65:
dc:10:05:dd:d7:56:99:25:31:22:4c:45:7d:03:a0:ca:51:82:
f6:1e:a2:0c:cd:22:29:40:1f:40:86:54:b4:39:02:66:07:8c:
fb:52:f1:29:51:e3:48:7c:40:99:e4:15:c6:bb:a3:0b:df:2f:
93:7c:74:21:42:56:60:3d:20:87:a8:5a:d1:f9:34:3f:bd:a6:
8e:c1:8c:2b:bb:7d:b0:e9:f1:64:fe:03:69:3f:8e:16:86:de:
44:70:d7:48:ee:22:69:b0:c9:20:0f:a2:04:ac:82:72:16:28:
d6:5c:a4:65:6f:84:87:21:22:6b:c7:31:18:85:cd:c0:d3:56:
5e:69:75:0a:7d:4d:03:c2:a7:b7:6e:9f:ed:a7:f0:37:11:56:
67:16:a0:6e:e2:62:97:a7:be:e0:c2:19:77:3d:f0:8c:30:c6:
e8:de:3e:f1
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYone9HiTYWjbFys73NocPmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODI0MTIxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2FiNWVjMjdmMzJlOWJlYTA0MjgyZjM4NTA1ZDIyOGZhZjBjNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfLeCc4tS3mb3bI0+FaVefpbbVg5
Qr0kItmOFLDMT5r841AabQWUBJox6yP0um6OAKt00P90xbtt8MJyFLVAZTw0AZGC
cbAY284bGRFb6ZFgz4s09El5bcSiGlBISQ+CFv46FKYt83ah78GCOX5L151Bull7
CTMH2zztkXAY+qS6DJIY3PHC59Thnbv9EjXu/ViNzIDgok0jx1iXup2RMioBo+Hp
ByEQ3AjUIbCRiGahs0RF8ChyBhVRAp1sPvJDVK1NViMqKLApBTdqMlML56Lmku2H
N0EqHldgJSVRSt5Df0wT2NJf7Q5brOVtUFgxvfDp+Z5Y7f3VEsXqZIZ+uQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIerXsJ/Mum+oEKC84UF0ij68MQqMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaDZ0ZXduOHk2YjZnUW9MemhRWFNLUHJ3eENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAAjqoAwQA
AjqqAwQATfKWAwQATfKcAwQATfKfAwQAU4mfMAwDBANYlzgDBABYlzoDBABYlz8D
BABY0cMDBABY0dMDBABY0dkDBABY0fUDBACy0vowDQYJKoZIhvcNAQELBQADggEB
ADaeU8+L5xaBXxibqo19ZsQlABZSALw4xP4WxAHTiVklR2dbEGgK60/KhZ76Jw1p
GuvYDRYQQda30d+p0WqOWklo9x3kVe236fkAyl4l6C/jcAggRGTjVZGLZdwQBd3X
VpklMSJMRX0DoMpRgvYeogzNIilAH0CGVLQ5AmYHjPtS8SlR40h8QJnkFca7owvf
L5N8dCFCVmA9IIeoWtH5ND+9po7BjCu7fbDp8WT+A2k/jhaG3kRw10juImmwySAP
ogSsgnIWKNZcpGVvhIchImvHMRiFzcDTVl5pdQp9TQPCp7dun+2n8DcRVmcWoG7i
YpenvuDCGXc98IwwxujePvE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org