Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/itSyqIxad3fAf9Lqse8EF18_itA.roa
File: itSyqIxad3fAf9Lqse8EF18_itA.roa (raw, json)
Hash identifier: YKd9EuJpcfzIdtqqw70tJbbDYuB7AhMZQTjivdjqh3Y=
Subject key identifier: 8A:D4:B2:A8:8C:5A:77:77:C0:7F:D2:EA:B1:EF:04:17:5F:3F:8A:D0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018476561749406ACF0FCEDD001110A6A62C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/itSyqIxad3fAf9Lqse8EF18_itA.roa
Signing time: Mon 14 Nov 2022 13:31:04 +0000
ROA not before: Mon 14 Nov 2022 13:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:56:17:49:40:6a:cf:0f:ce:dd:00:11:10:a6:a6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 14 13:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ad4b2a88c5a7777c07fd2eab1ef04175f3f8ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:09:7c:6e:79:79:52:87:2b:5d:48:46:bb:fe:
ee:66:f1:c0:9e:ee:47:54:09:13:26:6a:89:2b:8c:
54:31:af:d5:2c:f3:43:c2:0b:c4:bc:d4:e7:ae:50:
06:60:6b:2c:a0:69:a8:4e:99:fe:59:63:9e:67:7f:
0f:08:8a:e9:88:52:6e:a1:73:58:9f:e1:26:47:31:
e5:1f:fc:64:60:e5:e1:f1:d7:9b:1b:c1:a2:83:2d:
5f:e4:21:40:b0:f3:ee:2c:c1:33:04:7d:d3:8b:ec:
d3:94:9f:63:79:c6:16:3b:b3:59:64:22:df:7c:91:
1e:93:de:14:ca:74:0b:a6:19:ef:7b:0c:51:25:e8:
23:54:78:63:a7:c6:ac:df:7b:93:62:43:6d:26:df:
57:05:ef:e4:ad:0d:42:fb:ea:d9:40:52:42:7b:2b:
ae:6f:aa:2e:16:63:ec:01:73:9c:a1:90:82:af:4e:
b1:c7:aa:b4:10:a4:5b:21:45:85:4c:9c:61:0f:aa:
7b:02:0f:b7:c8:da:9e:11:54:65:12:d4:a6:00:fb:
cb:10:0e:24:bb:59:d5:e5:08:c5:cc:23:2b:88:68:
6c:8f:43:9d:d1:dc:c9:01:ae:d9:e1:41:a7:d1:3b:
13:99:db:59:44:be:32:6c:2f:0f:5a:48:f4:af:64:
e8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D4:B2:A8:8C:5A:77:77:C0:7F:D2:EA:B1:EF:04:17:5F:3F:8A:D0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/itSyqIxad3fAf9Lqse8EF18_itA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.228.0/23
88.209.236.0/22
88.209.246.0/23
92.52.218.0/24
178.210.232.0/24
178.210.234.0/23
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
91:c2:12:d9:50:f8:d5:7a:b4:bd:58:7d:a7:e7:57:34:19:d6:
65:bb:70:f4:af:8c:0b:58:e3:4e:2e:80:83:cb:f8:9f:bd:7a:
7e:c0:e5:9b:2e:c7:1c:76:f0:9d:30:fe:da:63:c5:88:4e:74:
0f:c8:d2:d0:4a:33:4a:12:89:df:c0:64:64:ab:13:82:2d:15:
75:80:48:9d:c8:99:37:77:b4:2d:61:e2:75:4b:32:0c:97:bb:
00:20:63:93:32:e8:09:8f:71:1e:fe:a3:15:e0:04:a7:47:17:
d2:62:44:4a:20:55:3a:92:15:7d:68:52:bc:2e:85:d5:40:5b:
76:26:3f:40:b1:fc:75:60:60:38:8d:57:8a:5c:5f:8c:c9:c2:
3e:0c:80:0c:5e:b9:f0:21:e0:22:4b:0f:4d:b1:1b:2b:c0:90:
b3:72:a8:d1:34:1a:ae:52:04:64:d6:19:2f:91:fc:24:a5:1b:
3c:8e:71:1b:db:be:f8:04:1b:aa:1a:8a:f2:bc:8d:02:4d:b2:
4f:01:3c:4b:5e:1d:de:8d:33:74:d8:68:ec:ce:50:55:bf:43:
62:2c:86:88:79:bd:80:ee:a6:d3:98:cf:13:14:bd:48:fb:37:
a9:01:e3:46:5e:75:b0:51:33:dd:ee:2f:11:2b:53:97:eb:28:
0d:63:fd:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYR2VhdJQGrPD87dABEQpqYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMTE0MTMzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ0YjJhODhjNWE3Nzc3YzA3ZmQyZWFiMWVmMDQxNzVmM2Y4YWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAl8bnl5UocrXUhGu/7uZvHAnu5H
VAkTJmqJK4xUMa/VLPNDwgvEvNTnrlAGYGssoGmoTpn+WWOeZ38PCIrpiFJuoXNY
n+EmRzHlH/xkYOXh8debG8Gigy1f5CFAsPPuLMEzBH3Ti+zTlJ9jecYWO7NZZCLf
fJEek94UynQLphnvewxRJegjVHhjp8as33uTYkNtJt9XBe/krQ1C++rZQFJCeyuu
b6ouFmPsAXOcoZCCr06xx6q0EKRbIUWFTJxhD6p7Ag+3yNqeEVRlEtSmAPvLEA4k
u1nV5QjFzCMriGhsj0Od0dzJAa7Z4UGn0TsTmdtZRL4ybC8PWkj0r2To3QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIrUsqiMWnd3wH/S6rHvBBdfP4rQMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaXRTeXFJeGFkM2ZBZjlMcXNlOEVGMThfaXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZwAwQA
BbZzAwQALQmoAwQALQ4JAwQCTfKYAwQAU4mZAwQBU4mcAwQAU4mfAwQAWJc+AwQB
WNHkAwQCWNHsAwQBWNH2AwQAXDTaAwQAstLoAwQBstLqAwQAstLtAwQAwikvMA0G
CSqGSIb3DQEBCwUAA4IBAQCRwhLZUPjVerS9WH2n51c0GdZlu3D0r4wLWONOLoCD
y/ifvXp+wOWbLsccdvCdMP7aY8WITnQPyNLQSjNKEonfwGRkqxOCLRV1gEidyJk3
d7QtYeJ1SzIMl7sAIGOTMugJj3Ee/qMV4ASnRxfSYkRKIFU6khV9aFK8LoXVQFt2
Jj9Asfx1YGA4jVeKXF+MycI+DIAMXrnwIeAiSw9NsRsrwJCzcqjRNBquUgRk1hkv
kfwkpRs8jnEb2774BBuqGoryvI0CTbJPATxLXh3ejTN02GjszlBVv0NiLIaIeb2A
7qbTmM8TFL1I+zepAeNGXnWwUTPd7i8RK1OX6ygNY/1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org