Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j4GjUUtnjQD2rDNmiNymfO_fq6Y.roa
File: j4GjUUtnjQD2rDNmiNymfO_fq6Y.roa (raw, json)
Hash identifier: 0o3cskGJGwU0pb1cRA/XNAPGndKWbZfjKl1+Dkoq/iY=
Subject key identifier: 8F:81:A3:51:4B:67:8D:00:F6:AC:33:66:88:DC:A6:7C:EF:DF:AB:A6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188BB6C180D67FDEF7781F66A18D11E24CB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j4GjUUtnjQD2rDNmiNymfO_fq6Y.roa
Signing time: Wed 14 Jun 2023 19:40:03 +0000
ROA not before: Wed 14 Jun 2023 19:40:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.231.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.230.0/23 maxlen: 24
178.210.250.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:6c:18:0d:67:fd:ef:77:81:f6:6a:18:d1:1e:24:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 14 19:40:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f81a3514b678d00f6ac336688dca67cefdfaba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:49:ea:2f:2b:3a:ae:2d:14:f3:44:a3:56:9e:
d1:2c:8c:d8:5c:82:c5:c3:46:6e:45:86:05:a1:39:
64:13:bd:30:c6:64:ba:07:0e:1b:e2:0d:5b:2d:07:
48:e4:26:39:1d:d9:7a:c8:27:70:6c:03:4f:78:60:
94:7c:73:62:b4:a1:b3:41:db:15:12:74:ac:93:56:
5a:14:0a:4b:60:5c:6b:b4:d6:cd:ef:2c:1e:ac:41:
e9:21:99:56:ea:ae:d8:40:08:14:f1:9f:29:9d:84:
99:68:07:eb:1a:30:0c:68:f5:3b:99:8f:e4:99:0b:
9b:4d:c8:4f:98:82:3c:ee:9f:0f:e8:1f:f2:75:95:
79:b4:e0:ae:62:47:4a:9e:ff:d4:c8:56:bc:1a:73:
cc:96:80:af:f2:69:7a:35:df:bb:a7:2b:a4:cf:62:
85:33:33:15:97:92:3c:ce:99:b2:89:65:2f:48:5a:
76:cb:e4:8a:12:f6:c8:f2:54:c0:3a:b6:b5:cb:7f:
b8:67:55:28:2a:12:f1:9b:bb:e3:44:9a:a3:16:d0:
7c:33:14:05:e5:57:07:05:0e:a5:25:1a:32:64:b1:
97:1c:ad:38:f4:43:d9:ce:5c:10:06:91:03:19:b5:
0e:45:b0:35:05:71:4d:2c:99:d9:70:fd:4b:d2:72:
d0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:81:A3:51:4B:67:8D:00:F6:AC:33:66:88:DC:A6:7C:EF:DF:AB:A6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/j4GjUUtnjQD2rDNmiNymfO_fq6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.9.0/24
77.242.157.0-77.242.159.255
88.151.56.0/23
88.209.211.0/24
178.210.228.0/24
178.210.230.0/23
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:9a:7d:1e:17:96:1c:03:60:41:5b:18:97:f9:f8:4d:e0:38:
11:93:4c:3b:be:75:e5:3f:16:d3:6f:c4:23:ab:42:15:94:c0:
04:53:41:51:d6:ea:92:86:4a:be:b5:c3:57:97:af:24:72:2b:
90:87:21:49:a7:2e:92:17:45:49:89:08:b8:53:c6:08:a5:99:
57:89:04:73:bd:e9:e9:9c:d1:83:c5:a8:95:08:8c:2b:19:c2:
6e:e7:aa:f3:89:eb:39:0a:30:f3:d3:d2:fb:3d:95:0e:fe:c1:
0c:49:cc:66:a3:d8:fe:f9:3e:b1:93:17:9f:af:38:70:4c:e2:
0c:a5:f1:a1:22:d5:e0:2e:fe:27:6a:3d:1d:ed:86:0d:a3:dd:
d3:05:14:f6:fc:42:0e:2d:4f:ed:1d:94:13:51:46:12:38:d7:
77:e4:a3:98:34:74:9a:24:ba:00:be:45:aa:10:74:34:25:6e:
d4:9b:92:41:72:e0:8a:62:77:e8:ea:f0:19:40:11:25:71:c4:
67:96:b2:01:1d:fc:65:d9:36:cc:4d:c7:5f:e9:8b:d7:14:b0:
7f:c8:d8:5c:46:b3:fe:1e:14:8f:e3:2a:0f:4b:34:bc:01:bd:
fc:54:44:cc:9f:1c:4b:53:d6:68:02:63:99:1d:44:20:e4:db:
7c:9f:cb:98
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYi7bBgNZ/3vd4H2ahjRHiTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE0MTk0MDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjgxYTM1MTRiNjc4ZDAwZjZhYzMzNjY4OGRjYTY3Y2VmZGZhYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0nqLys6ri0U80SjVp7RLIzYXILF
w0ZuRYYFoTlkE70wxmS6Bw4b4g1bLQdI5CY5Hdl6yCdwbANPeGCUfHNitKGzQdsV
EnSsk1ZaFApLYFxrtNbN7ywerEHpIZlW6q7YQAgU8Z8pnYSZaAfrGjAMaPU7mY/k
mQubTchPmII87p8P6B/ydZV5tOCuYkdKnv/UyFa8GnPMloCv8ml6Nd+7pyukz2KF
MzMVl5I8zpmyiWUvSFp2y+SKEvbI8lTAOra1y3+4Z1UoKhLxm7vjRJqjFtB8MxQF
5VcHBQ6lJRoyZLGXHK049EPZzlwQBpEDGbUORbA1BXFNLJnZcP1L0nLQxwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFI+Bo1FLZ40A9qwzZojcpnzv36umMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvajRHalVVdG5qUUQyckRObWlOeW1mT19mcTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQ4JMAwD
BABN8p0DBAVN8oADBAFYlzgDBABY0dMDBACy0uQDBAGy0uYDBACy0vowDQYJKoZI
hvcNAQELBQADggEBACuafR4XlhwDYEFbGJf5+E3gOBGTTDu+deU/FtNvxCOrQhWU
wARTQVHW6pKGSr61w1eXryRyK5CHIUmnLpIXRUmJCLhTxgilmVeJBHO96emc0YPF
qJUIjCsZwm7nqvOJ6zkKMPPT0vs9lQ7+wQxJzGaj2P75PrGTF5+vOHBM4gyl8aEi
1eAu/idqPR3thg2j3dMFFPb8Qg4tT+0dlBNRRhI413fko5g0dJokugC+RaoQdDQl
btSbkkFy4Ipid+jq8BlAESVxxGeWsgEd/GXZNsxNx1/pi9cUsH/I2FxGs/4eFI/j
Kg9LNLwBvfxURMyfHEtT1mgCY5kdRCDk23yfy5g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:16:45 2025 by rpki-client