Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lexGUxaGe5bNb1y0xowj41A6ZYY.roa
File: lexGUxaGe5bNb1y0xowj41A6ZYY.roa (raw, json)
Hash identifier: 1Cp0VeXbOO3d8rTFwJ75kVBJvhRWUKthmPPOMfVnMsM=
Subject key identifier: 95:EC:46:53:16:86:7B:96:CD:6F:5C:B4:C6:8C:23:E3:50:3A:65:86
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018BA5234D247B2C5813011C42F897FA0B3F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lexGUxaGe5bNb1y0xowj41A6ZYY.roa
Signing time: Mon 06 Nov 2023 14:57:15 +0000
ROA not before: Mon 06 Nov 2023 14:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 83.137.158.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:23:4d:24:7b:2c:58:13:01:1c:42:f8:97:fa:0b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 6 14:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95ec465316867b96cd6f5cb4c68c23e3503a6586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5b:b0:66:b7:1d:e8:7d:3d:e4:cb:e5:bd:ee:
76:67:15:8a:9f:b8:12:8e:06:44:c7:33:57:0a:0f:
bb:ec:c6:d7:cd:61:a2:ae:d0:12:86:4e:e6:a8:41:
e4:90:4a:93:4f:33:5f:c9:ea:34:43:23:5e:1f:58:
42:df:03:83:f3:90:95:db:16:c1:6e:ca:80:dc:5a:
44:eb:1c:90:00:56:c1:00:7f:ab:a5:1b:c7:af:50:
c9:29:37:bd:c2:fa:ca:f6:09:69:58:40:a7:69:51:
b8:87:15:78:f5:93:23:1d:73:c0:a0:37:40:f1:36:
25:72:08:9d:8c:25:59:e4:cf:56:77:ee:14:49:f9:
45:c4:e1:ca:b4:41:a2:71:d5:d9:a9:52:e4:f7:1b:
69:83:b3:9d:52:53:e6:b2:6d:b7:8f:8b:81:6a:f2:
ed:ad:2f:57:3d:23:48:85:9e:5a:3c:d7:64:ed:d1:
5c:6a:e6:54:7d:2c:a9:b2:d6:3d:7b:c7:4a:dd:57:
3c:d8:2a:cc:e2:8d:fd:36:bd:eb:7a:46:3d:47:7a:
aa:8b:01:72:e7:69:a9:9d:90:88:4f:7f:b1:cf:eb:
27:9c:e5:dc:bb:41:35:a2:ac:f2:8f:aa:68:36:ae:
98:ec:6b:bb:60:6a:cd:d8:81:1b:5b:99:15:04:d2:
73:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EC:46:53:16:86:7B:96:CD:6F:5C:B4:C6:8C:23:E3:50:3A:65:86
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/lexGUxaGe5bNb1y0xowj41A6ZYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.210.248.0/22
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
36:19:60:eb:1f:c5:97:18:8f:af:88:a7:3c:08:0f:83:84:49:
4d:9b:4e:c5:83:f7:16:0f:39:a8:7c:0c:28:d5:1d:61:6b:8c:
37:13:d4:9c:f8:61:fd:40:5c:93:56:60:22:49:60:46:8f:5c:
d4:cd:83:42:75:29:73:54:32:0d:02:94:78:25:01:ec:aa:35:
8e:40:2b:94:be:f5:67:56:9d:b2:49:02:d1:c9:07:fa:74:1b:
e3:cc:15:d2:69:3a:8f:61:20:ca:94:5b:a6:32:c0:3f:02:fc:
7d:4c:ef:e2:0f:ce:6f:1f:92:2e:58:be:f5:6d:b9:9e:8d:f8:
fa:97:3d:1d:f4:71:89:73:04:15:1f:ab:d9:0a:7d:0a:f4:34:
ee:78:a3:a6:ba:28:9d:4d:47:bb:5b:dc:c8:28:ac:6a:71:c9:
b0:10:7a:5d:da:60:46:ac:82:31:54:ad:71:2f:c6:7c:25:42:
9c:5e:91:24:03:0f:42:0c:81:9a:ce:35:f2:72:f5:dc:9a:a2:
bf:d2:36:8a:3b:6f:86:e8:bf:12:c3:7e:35:72:94:b4:7b:93:
b2:85:20:89:ba:0d:ed:9c:87:6e:d5:b3:dc:3d:a3:f5:0d:f9:
a8:a6:25:2a:96:ba:5c:2c:e0:c6:b9:b9:dc:9e:a2:93:b6:49:
b7:f0:a1:f0
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYulI00keyxYEwEcQviX+gs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTA2MTQ1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWVjNDY1MzE2ODY3Yjk2Y2Q2ZjVjYjRjNjhjMjNlMzUwM2E2NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1uwZrcd6H095Mvlve52ZxWKn7gS
jgZExzNXCg+77MbXzWGirtAShk7mqEHkkEqTTzNfyeo0QyNeH1hC3wOD85CV2xbB
bsqA3FpE6xyQAFbBAH+rpRvHr1DJKTe9wvrK9glpWECnaVG4hxV49ZMjHXPAoDdA
8TYlcgidjCVZ5M9Wd+4USflFxOHKtEGicdXZqVLk9xtpg7OdUlPmsm23j4uBavLt
rS9XPSNIhZ5aPNdk7dFcauZUfSypstY9e8dK3Vc82CrM4o39Nr3rekY9R3qqiwFy
52mpnZCIT3+xz+snnOXcu0E1oqzyj6poNq6Y7Gu7YGrN2IEbW5kVBNJzzwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFJXsRlMWhnuWzW9ctMaMI+NQOmWGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbGV4R1V4YUdlNWJOYjF5MHhvd2o0MUE2WllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFOJngME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEAbLS4AME
ArLS+AMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOC
AQEANhlg6x/FlxiPr4inPAgPg4RJTZtOxYP3Fg85qHwMKNUdYWuMNxPUnPhh/UBc
k1ZgIklgRo9c1M2DQnUpc1QyDQKUeCUB7Ko1jkArlL71Z1adskkC0ckH+nQb48wV
0mk6j2EgypRbpjLAPwL8fUzv4g/Obx+SLli+9W25no34+pc9HfRxiXMEFR+r2Qp9
CvQ07nijproonU1Hu1vcyCisanHJsBB6XdpgRqyCMVStcS/GfCVCnF6RJAMPQgyB
ms418nL13Jqiv9I2ijtvhui/EsN+NXKUtHuTsoUgiboN7ZyHbtWz3D2j9Q35qKYl
Kpa6XCzgxrm53J6ik7ZJt/Ch8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org