Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lLuPazYTmeXt5mfcOgDPSiZviAM.roa
File: lLuPazYTmeXt5mfcOgDPSiZviAM.roa (raw, json)
Hash identifier: miby8Gem7GZdWVpQTsZx16iLv/RBN4u3YFe0xk22c3I=
Subject key identifier: 94:BB:8F:6B:36:13:99:E5:ED:E6:67:DC:3A:00:CF:4A:26:6F:88:03
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0183A372157ED15456FDFA82A21C92727FA9
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lLuPazYTmeXt5mfcOgDPSiZviAM.roa
Signing time: Tue 04 Oct 2022 14:41:46 +0000
ROA not before: Tue 04 Oct 2022 14:41:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.229.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.237.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
77.242.152.0/22 maxlen: 22
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:72:15:7e:d1:54:56:fd:fa:82:a2:1c:92:72:7f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 4 14:41:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94bb8f6b361399e5ede667dc3a00cf4a266f8803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f1:29:34:a4:3c:83:cf:dc:96:20:d2:60:4b:
aa:7d:51:da:f1:15:0a:b1:70:3d:c2:71:56:c9:ba:
a8:9e:88:1b:47:41:15:98:c9:b7:f2:15:81:3e:cd:
5a:af:79:64:57:90:6a:cd:98:c6:06:23:bd:ea:e9:
f9:29:8d:31:62:b6:8c:2f:42:af:c8:14:38:25:62:
67:89:1d:b6:48:f5:f4:7b:54:fc:85:7e:3e:d3:f0:
93:5b:68:fb:11:4c:27:71:37:4f:20:71:29:b6:4c:
78:f2:f6:bd:2c:0b:5e:30:37:ef:fa:6e:dd:0c:50:
7c:11:93:c3:a3:c6:d3:58:26:4e:00:55:98:ac:e4:
4b:57:b1:30:54:d5:ac:30:2e:02:af:d9:6d:50:8f:
74:3b:2a:4b:3b:92:a4:5c:f4:2d:86:da:c6:1f:14:
01:54:0f:32:6c:83:aa:3c:f9:08:e7:f8:da:ef:76:
32:b7:d5:30:c1:a6:1f:30:c2:f8:2e:62:41:30:94:
ca:d4:61:be:b5:5a:3a:3b:8b:31:fc:d1:f4:e5:ab:
1a:20:38:40:1f:96:ce:e2:de:5b:95:f5:ca:fa:31:
38:31:67:88:49:5b:be:50:5e:85:c3:81:31:5c:58:
6a:50:5a:a4:75:4e:68:1d:f2:a3:49:cd:6b:9b:f6:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:BB:8F:6B:36:13:99:E5:ED:E6:67:DC:3A:00:CF:4A:26:6F:88:03
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lLuPazYTmeXt5mfcOgDPSiZviAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
45.14.9.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/23
88.151.62.0/24
88.209.228.0/23
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.218.0/24
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:33:e3:3c:d5:fd:19:24:c6:e1:62:44:7c:64:d1:7d:7b:39:
03:50:d9:a7:be:59:64:14:ca:e7:cb:a9:e9:d2:73:00:1b:6d:
be:f4:3c:8a:0c:e4:44:19:0b:48:2d:f2:db:1c:71:a6:31:d8:
57:2d:03:99:3d:53:3b:ce:ce:b3:9b:1e:a3:1b:22:87:87:8a:
ba:07:b5:45:32:8c:8f:25:e0:96:84:64:7c:c6:70:7c:e1:08:
5b:06:1f:f0:a6:42:03:de:87:dd:92:4f:0f:f7:f4:87:c7:a8:
c0:a1:5e:1a:65:b5:f5:36:e3:f0:87:32:b0:32:5f:b8:3b:db:
ad:07:c2:69:ea:0b:03:b0:b8:b3:c9:db:54:c5:2e:7b:22:80:
62:71:f2:50:f4:77:00:08:9c:4d:d2:23:a9:19:0d:2b:bc:f6:
ae:67:e2:42:0a:55:2a:be:9c:e2:86:e2:76:36:7a:60:cc:04:
62:c8:d9:04:7f:99:47:db:94:f7:dd:ae:30:04:de:00:fd:c7:
12:fa:7e:ce:0b:80:f6:f6:b2:7d:28:29:a6:bb:0b:fa:e0:d6:
7e:26:19:a9:35:9c:cd:b8:ed:4b:3b:82:c3:0a:64:41:e8:27:
e4:16:bd:4e:71:5c:75:c0:e1:16:f9:55:8a:03:28:4f:f1:64:
d4:82:bc:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYOjchV+0VRW/fqCohyScn+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMDA0MTQ0MTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGJiOGY2YjM2MTM5OWU1ZWRlNjY3ZGMzYTAwY2Y0YTI2NmY4ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/EpNKQ8g8/cliDSYEuqfVHa8RUK
sXA9wnFWybqonogbR0EVmMm38hWBPs1ar3lkV5BqzZjGBiO96un5KY0xYraML0Kv
yBQ4JWJniR22SPX0e1T8hX4+0/CTW2j7EUwncTdPIHEptkx48va9LAteMDfv+m7d
DFB8EZPDo8bTWCZOAFWYrORLV7EwVNWsMC4Cr9ltUI90OypLO5KkXPQthtrGHxQB
VA8ybIOqPPkI5/ja73Yyt9UwwaYfMML4LmJBMJTK1GG+tVo6O4sx/NH05asaIDhA
H5bO4t5blfXK+jE4MWeISVu+UF6Fw4ExXFhqUFqkdU5oHfKjSc1rm/bSiQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJS7j2s2E5nl7eZn3DoAz0omb4gDMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbEx1UGF6WVRtZVh0NW1mY09nRFBTaVp2aUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAAW2cAME
AAW2cwMEAC0JqAMEAC0OCQMEAk3ymAMEAFOJmQMEAVOJnAMEAFiXPgMEAVjR5AME
AljR7AMEAVjR9jAMAwQAWNH9AwQAWNH+AwQAXDTaAwQCstLoAwQAstLtAwQAwikv
MA0GCSqGSIb3DQEBCwUAA4IBAQBfM+M81f0ZJMbhYkR8ZNF9ezkDUNmnvllkFMrn
y6np0nMAG22+9DyKDOREGQtILfLbHHGmMdhXLQOZPVM7zs6zmx6jGyKHh4q6B7VF
MoyPJeCWhGR8xnB84QhbBh/wpkID3ofdkk8P9/SHx6jAoV4aZbX1NuPwhzKwMl+4
O9utB8Jp6gsDsLizydtUxS57IoBicfJQ9HcACJxN0iOpGQ0rvPauZ+JCClUqvpzi
huJ2NnpgzARiyNkEf5lH25T33a4wBN4A/ccS+n7OC4D29rJ9KCmmuwv64NZ+Jhmp
NZzNuO1LO4LDCmRB6CfkFr1OcVx1wOEW+VWKAyhP8WTUgrwb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org