Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/m3qiuTTmzc7-LqexUGbceOevuIA.roa
File: m3qiuTTmzc7-LqexUGbceOevuIA.roa (raw, json)
Hash identifier: to4iu/MUFbl1FG6ECZWq9EQ1JXgDIcy3Uc3oMpabyWA=
Subject key identifier: 9B:7A:A2:B9:34:E6:CD:CE:FE:2E:A7:B1:50:66:DC:78:E7:AF:B8:80
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187E124441D0B5F4F804978133851765132
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/m3qiuTTmzc7-LqexUGbceOevuIA.roa
Signing time: Wed 03 May 2023 10:24:22 +0000
ROA not before: Wed 03 May 2023 10:24:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.228.0/22 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:24:44:1d:0b:5f:4f:80:49:78:13:38:51:76:51:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 3 10:24:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b7aa2b934e6cdcefe2ea7b15066dc78e7afb880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:de:34:3d:c7:d0:e9:7f:f1:14:20:a2:2c:89:
99:e3:9b:0f:d4:7b:01:0a:05:29:8f:9b:0f:da:95:
3a:09:aa:35:c0:82:e8:36:1c:16:57:8c:14:29:fe:
0f:20:cc:0f:34:be:26:f9:27:2b:aa:3a:f3:37:91:
d3:7d:7e:51:71:1a:95:c6:b4:ac:e9:a6:98:72:1f:
bb:a8:95:18:57:a2:47:9f:52:46:bb:89:eb:d3:d8:
56:b7:ae:e4:02:7f:8a:52:6b:64:bd:d9:93:47:2c:
1e:58:63:f9:3f:27:d8:e9:95:29:6e:fe:04:9b:6b:
76:13:26:6f:93:e0:c1:1c:7e:db:df:de:fc:de:5a:
fd:8b:51:18:a5:45:38:f7:4c:59:69:ae:70:21:d2:
d9:a2:0b:1e:86:f5:aa:37:d0:9f:bf:f1:1a:2f:5e:
79:74:cf:3b:5e:3c:4e:99:1c:8e:1e:e8:fe:cc:e2:
df:48:ad:f7:0d:93:de:e3:c5:04:9c:e0:b9:69:46:
46:56:7b:ca:07:07:94:05:69:d7:5d:64:58:6f:18:
1e:90:54:76:91:68:fd:62:55:4a:bb:39:f4:05:09:
76:fd:9d:c7:91:fe:ea:24:7d:44:df:54:30:0a:de:
b8:5c:0d:8e:5f:4c:2e:08:ea:8c:65:01:1f:62:de:
f2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7A:A2:B9:34:E6:CD:CE:FE:2E:A7:B1:50:66:DC:78:E7:AF:B8:80
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/m3qiuTTmzc7-LqexUGbceOevuIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/23
83.137.159.0/24
88.151.62.0/24
88.209.205.0-88.209.206.255
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.254.0/24
92.52.217.0-92.52.218.255
178.210.228.0-178.210.235.255
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
30:f1:b0:9b:c2:d8:fd:2c:f4:6b:83:49:e4:8b:c2:5e:cc:4b:
f8:5c:2a:83:62:a5:6d:32:17:4a:ef:39:ff:91:c7:c6:3b:16:
37:38:60:10:f9:17:2f:24:e4:86:68:1e:d8:b9:3c:87:b8:df:
63:56:a8:b0:88:dc:ba:4b:e7:9a:0d:f6:65:df:4c:76:c6:6d:
06:10:85:8d:bb:2e:df:1c:00:fc:20:57:73:11:53:a0:65:cf:
38:43:b0:01:0a:a2:bd:15:b8:08:5e:83:0d:3c:7e:df:85:d0:
c7:46:8b:10:52:ca:2d:82:fb:bc:c8:cb:94:bf:36:5b:49:9e:
45:54:f5:51:03:99:c8:a4:72:4e:87:12:30:12:54:21:59:a7:
fd:30:ea:eb:36:cd:cb:dd:8e:ba:be:7f:f5:bd:de:fc:03:f2:
91:ff:5a:a0:2a:a1:37:8e:4c:24:2b:ac:56:96:d6:7d:e3:df:
c1:8a:c7:f2:b9:4a:37:f7:97:c1:79:75:5e:df:69:58:89:1a:
4e:d9:5c:54:ec:91:13:d6:f8:f1:f3:85:89:5c:d5:6b:0b:0c:
cb:b9:b0:9f:e6:b5:09:96:34:1b:7f:65:5c:a5:5e:31:59:ea:
b5:c4:33:31:42:e8:86:ce:a9:67:68:10:05:66:59:f1:52:a8:
f9:49:60:50
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYfhJEQdC19PgEl4EzhRdlEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTAzMTAyNDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdhYTJiOTM0ZTZjZGNlZmUyZWE3YjE1MDY2ZGM3OGU3YWZiODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd40PcfQ6X/xFCCiLImZ45sP1HsB
CgUpj5sP2pU6Cao1wILoNhwWV4wUKf4PIMwPNL4m+ScrqjrzN5HTfX5RcRqVxrSs
6aaYch+7qJUYV6JHn1JGu4nr09hWt67kAn+KUmtkvdmTRyweWGP5PyfY6ZUpbv4E
m2t2EyZvk+DBHH7b39783lr9i1EYpUU490xZaa5wIdLZogsehvWqN9Cfv/EaL155
dM87XjxOmRyOHuj+zOLfSK33DZPe48UEnOC5aUZGVnvKBweUBWnXXWRYbxgekFR2
kWj9YlVKuzn0BQl2/Z3Hkf7qJH1E31QwCt64XA2OX0wuCOqMZQEfYt7ynQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFJt6ork05s3O/i6nsVBm3Hjnr7iAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbTNxaXVUVG16YzctTHFleFVHYmNlT2V2dUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAVOJnAME
AFOJnwMEAFiXPjAMAwQAWNHNAwQAWNHOAwQAWNHbAwQAWNHkAwQCWNHsAwQBWNH2
AwQAWNH+MAwDBABcNNkDBABcNNowDAMEArLS5AMEArLS6AMEALLS7QMEAMIpLzAN
BgkqhkiG9w0BAQsFAAOCAQEAMPGwm8LY/Sz0a4NJ5IvCXsxL+Fwqg2KlbTIXSu85
/5HHxjsWNzhgEPkXLyTkhmge2Lk8h7jfY1aosIjcukvnmg32Zd9MdsZtBhCFjbsu
3xwA/CBXcxFToGXPOEOwAQqivRW4CF6DDTx+34XQx0aLEFLKLYL7vMjLlL82W0me
RVT1UQOZyKRyTocSMBJUIVmn/TDq6zbNy92Our5/9b3e/APykf9aoCqhN45MJCus
VpbWfePfwYrH8rlKN/eXwXl1Xt9pWIkaTtlcVOyRE9b48fOFiVzVawsMy7mwn+a1
CZY0G39lXKVeMVnqtcQzMULohs6pZ2gQBWZZ8VKo+UlgUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org