Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iSmOsUtVBzQ-lSo9JAYtZexHqk8.roa
File: iSmOsUtVBzQ-lSo9JAYtZexHqk8.roa (raw, json)
Hash identifier: wZICgYh2DG1AgtvOXxP6S05zzsXiZHXbBSM++pnEGoo=
Subject key identifier: 89:29:8E:B1:4B:55:07:34:3E:95:2A:3D:24:06:2D:65:EC:47:AA:4F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824F068452D4976A4391966747D96D415D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iSmOsUtVBzQ-lSo9JAYtZexHqk8.roa
Signing time: Sat 30 Jul 2022 12:13:23 +0000
ROA not before: Sat 30 Jul 2022 12:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
178.210.224.0/21 maxlen: 21
83.137.159.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4f:06:84:52:d4:97:6a:43:91:96:67:47:d9:6d:41:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 30 12:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89298eb14b5507343e952a3d24062d65ec47aa4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:ea:50:52:23:44:eb:e0:5d:e2:e0:7c:e1:
ce:4e:fd:1c:a8:00:f8:cd:4c:38:48:33:0a:72:ac:
ea:96:d3:cf:d2:16:bf:8e:f2:c4:26:ee:d5:2a:f4:
41:ad:29:44:59:49:87:bb:02:76:70:25:f4:2b:1c:
4a:ab:1d:7b:ba:3f:2c:af:61:61:7f:19:a0:96:59:
fe:3f:99:d2:49:57:b2:72:aa:7b:ba:da:00:05:c1:
f9:61:27:e0:96:53:aa:bb:a5:66:ca:15:20:74:f2:
90:42:e8:3e:62:0a:22:ea:48:83:e0:db:58:85:56:
ec:07:f8:ed:e8:b1:ee:37:8e:22:5c:5f:cd:ce:80:
b7:97:70:cf:74:dc:ae:11:57:99:28:37:59:f4:f7:
97:b8:40:78:8d:01:02:59:08:f7:0c:38:fb:2d:21:
57:f9:32:0d:38:41:f9:4a:42:67:d9:30:cf:c4:fb:
f9:ac:b0:f1:21:ce:32:0e:b7:df:c1:63:0e:2e:d7:
b7:e0:88:0e:fa:ec:51:ee:07:a8:6f:da:8a:dc:a0:
40:00:27:b0:e1:fb:2a:09:a1:9d:51:a0:27:e8:96:
68:f6:a2:b9:1f:eb:ff:bd:94:d6:09:54:45:46:2d:
b4:ef:db:0c:46:2f:83:75:76:a4:38:23:57:78:99:
c8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:29:8E:B1:4B:55:07:34:3E:95:2A:3D:24:06:2D:65:EC:47:AA:4F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iSmOsUtVBzQ-lSo9JAYtZexHqk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0-45.14.10.255
77.242.144.0/20
83.137.159.0/24
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.240.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:37:08:2e:9d:84:81:e4:a6:56:a8:86:44:6b:57:8c:ca:dc:
eb:3a:d6:42:7d:44:00:2b:7b:08:74:8b:b9:4a:ad:5c:bc:64:
c5:60:6d:40:c3:f2:b0:b2:b0:b9:94:ca:1f:58:2b:69:04:ce:
d3:4c:e0:03:e1:d2:39:91:c6:1d:b4:2e:3b:d4:b4:8a:1e:5e:
5b:9d:37:5a:a6:77:e4:8f:89:51:d8:64:fb:ce:10:ed:0c:e7:
96:e5:96:5b:04:e4:91:73:60:bd:3a:d1:b5:5f:ac:31:7f:f6:
e1:bc:c8:dc:d7:21:10:4a:1a:e2:47:2a:06:93:4d:97:84:cf:
93:77:81:98:43:6b:34:26:52:d5:d9:6a:bc:76:22:d7:c0:5d:
ac:f4:a5:50:9c:05:a0:5d:16:d6:d8:85:7b:0e:16:0b:f7:1e:
25:f9:ed:b1:b8:81:30:46:2d:64:4b:7a:e0:3b:87:fc:f9:8b:
09:b4:c4:8f:b1:c2:1d:84:1a:2f:0a:c8:8a:af:f0:04:86:0c:
42:ee:78:ca:ce:84:ad:04:6a:cc:45:ed:e8:c8:6f:91:75:29:
64:12:cf:8e:fd:60:28:fd:71:ec:0f:8b:51:7f:d8:76:63:9d:
53:39:a1:c8:da:b1:32:72:b2:22:b2:6d:88:a7:b6:57:ae:33:
56:af:cb:13
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYJPBoRS1JdqQ5GWZ0fZbUFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzMwMTIxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI5OGViMTRiNTUwNzM0M2U5NTJhM2QyNDA2MmQ2NWVjNDdhYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXrqUFIjROvgXeLgfOHOTv0cqAD4
zUw4SDMKcqzqltPP0ha/jvLEJu7VKvRBrSlEWUmHuwJ2cCX0KxxKqx17uj8sr2Fh
fxmglln+P5nSSVeycqp7utoABcH5YSfgllOqu6VmyhUgdPKQQug+Ygoi6kiD4NtY
hVbsB/jt6LHuN44iXF/NzoC3l3DPdNyuEVeZKDdZ9PeXuEB4jQECWQj3DDj7LSFX
+TINOEH5SkJn2TDPxPv5rLDxIc4yDrffwWMOLte34IgO+uxR7geob9qK3KBAACew
4fsqCaGdUaAn6JZo9qK5H+v/vZTWCVRFRi2079sMRi+DdXakOCNXeJnIBQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIkpjrFLVQc0PpUqPSQGLWXsR6pPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaVNtT3NVdFZCelEtbFNvOUpBWXRaZXhIcWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagwDAMEAy0OCAMEAC0OCgMEBE3ykAMEAFOJnwMEA1jRwDAMAwQEWNHQAwQC
WNHgAwQCWNHwAwQDXDTQAwQAXDTbAwQDstLgAwQAstLsAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQCONwgunYSB5KZWqIZEa1eMytzrOtZCfUQAK3sIdIu5
Sq1cvGTFYG1Aw/KwsrC5lMofWCtpBM7TTOAD4dI5kcYdtC471LSKHl5bnTdapnfk
j4lR2GT7zhDtDOeW5ZZbBOSRc2C9OtG1X6wxf/bhvMjc1yEQShriRyoGk02XhM+T
d4GYQ2s0JlLV2Wq8diLXwF2s9KVQnAWgXRbW2IV7DhYL9x4l+e2xuIEwRi1kS3rg
O4f8+YsJtMSPscIdhBovCsiKr/AEhgxC7njKzoStBGrMRe3oyG+RdSlkEs+O/WAo
/XHsD4tRf9h2Y51TOaHI2rEycrIism2Ip7ZXrjNWr8sT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org