Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/me9hT1BgQdPunBb7mGoeIpfVDlA.roa
File: me9hT1BgQdPunBb7mGoeIpfVDlA.roa (raw, json)
Hash identifier: 9xM6oPDVUOPM6DND2BGLzJoUSA5Xq3ebXE3GQiBrIsQ=
Subject key identifier: 99:EF:61:4F:50:60:41:D3:EE:9C:16:FB:98:6A:1E:22:97:D5:0E:50
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E1E6BE0D61CE9F92E060E382F3FBB53B7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/me9hT1BgQdPunBb7mGoeIpfVDlA.roa
Signing time: Fri 08 Mar 2024 14:16:10 +0000
ROA not before: Fri 08 Mar 2024 14:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 5.182.112.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.238.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:6b:e0:d6:1c:e9:f9:2e:06:0e:38:2f:3f:bb:53:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 8 14:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99ef614f506041d3ee9c16fb986a1e2297d50e50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7d:7e:c6:3e:cf:58:a4:66:49:92:9d:e0:f0:
64:e5:67:d0:12:f7:58:31:67:78:49:3f:ce:67:27:
04:2f:46:c0:0d:66:f7:bf:f0:ad:80:a0:87:91:62:
0b:c8:35:8d:da:65:f5:ea:de:8b:02:bc:90:92:cc:
21:3e:77:e8:73:05:2b:56:57:ec:2c:11:6a:39:88:
4c:6e:c8:78:db:eb:53:96:9d:b5:1d:ba:25:b5:63:
61:82:6b:e1:2d:25:bd:e5:7b:f5:b6:11:38:cd:17:
2d:cf:f8:6f:bc:a1:43:9b:c5:8f:16:12:44:38:19:
77:fe:a3:fd:6f:53:3e:1b:01:1f:7f:de:8c:79:4a:
16:89:4f:0a:c8:f2:4b:16:c8:21:7d:41:d9:51:dd:
3a:dc:4e:85:56:05:49:b3:54:5e:2d:dd:3a:ce:40:
a9:b1:24:83:27:48:8c:aa:d5:b8:71:db:34:8a:0a:
84:c1:d5:27:13:f6:08:04:71:99:24:0b:cb:6e:2d:
b0:03:08:66:c0:d1:e8:79:a8:e7:c1:d3:93:ce:6d:
d8:f0:c1:91:3a:41:3f:4c:49:7e:5c:a3:b2:75:62:
ce:b7:75:54:09:4c:8d:49:c7:98:1b:b0:01:bf:54:
87:80:ee:04:f5:2d:20:89:58:42:35:19:34:d7:bd:
35:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EF:61:4F:50:60:41:D3:EE:9C:16:FB:98:6A:1E:22:97:D5:0E:50
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/me9hT1BgQdPunBb7mGoeIpfVDlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.153.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.238.0/24
92.52.208.0/21
178.210.224.0/19
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:50:cb:3f:88:48:40:12:f8:13:a0:75:18:b9:88:fd:92:c9:
af:3f:87:76:5e:d7:d3:aa:1e:ba:38:5a:90:40:3e:1f:ff:a0:
f1:c3:e3:e2:17:8d:69:4c:5a:60:ec:9c:de:96:72:0f:82:0a:
99:e7:60:25:d7:fb:a4:c5:4c:6d:76:d0:54:12:d0:c2:be:6e:
6a:66:41:89:98:18:3a:a3:41:9b:e7:ba:ab:9a:f5:39:bd:38:
58:fa:6e:28:2d:b4:e0:49:00:63:c7:11:c4:ef:79:83:43:c2:
f9:03:ba:24:f2:24:8a:f1:c2:6e:23:81:58:4f:b6:da:11:28:
4f:53:7b:78:87:a4:ff:30:55:46:2c:f4:d0:6d:05:cb:b2:17:
25:c8:a8:db:b5:97:74:53:0c:3f:55:4d:ca:52:72:87:c6:05:
fe:a6:12:38:2c:0a:13:7f:77:d3:05:a7:d0:d4:85:03:1e:c8:
0d:ad:7d:db:7c:0d:65:d1:7c:cc:db:ed:6a:cc:e6:2c:90:00:
68:40:77:d6:12:94:18:4a:6a:f8:b0:86:90:f2:64:30:db:86:
8a:9b:22:d5:ab:ce:56:82:53:9a:43:8c:fc:b0:58:68:0b:97:
38:d9:7e:09:df:06:2f:f4:b2:e2:ec:ef:0d:23:ee:f6:62:f7:
d2:2e:72:32
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY4ea+DWHOn5LgYOOC8/u1O3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzA4MTQxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWVmNjE0ZjUwNjA0MWQzZWU5YzE2ZmI5ODZhMWUyMjk3ZDUwZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn1+xj7PWKRmSZKd4PBk5WfQEvdY
MWd4ST/OZycEL0bADWb3v/CtgKCHkWILyDWN2mX16t6LAryQkswhPnfocwUrVlfs
LBFqOYhMbsh42+tTlp21HboltWNhgmvhLSW95Xv1thE4zRctz/hvvKFDm8WPFhJE
OBl3/qP9b1M+GwEff96MeUoWiU8KyPJLFsghfUHZUd063E6FVgVJs1ReLd06zkCp
sSSDJ0iMqtW4cds0igqEwdUnE/YIBHGZJAvLbi2wAwhmwNHoeajnwdOTzm3Y8MGR
OkE/TEl+XKOydWLOt3VUCUyNSceYG7ABv1SHgO4E9S0giVhCNRk01701rQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFJnvYU9QYEHT7pwW+5hqHiKX1Q5QMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbWU5aFQxQmdRZFB1bkJiN21Hb2VJcGZWRGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQABbZw
MAwDBAAtCakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwME
AFOJmQMEAFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEAFjR7gMEA1w00AME
BbLS4AMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOC
AQEAG1DLP4hIQBL4E6B1GLmI/ZLJrz+Hdl7X06oeujhakEA+H/+g8cPj4heNaUxa
YOyc3pZyD4IKmedgJdf7pMVMbXbQVBLQwr5uamZBiZgYOqNBm+e6q5r1Ob04WPpu
KC204EkAY8cRxO95g0PC+QO6JPIkivHCbiOBWE+22hEoT1N7eIek/zBVRiz00G0F
y7IXJcio27WXdFMMP1VNylJyh8YF/qYSOCwKE3930wWn0NSFAx7IDa1923wNZdF8
zNvtaszmLJAAaEB31hKUGEpq+LCGkPJkMNuGipsi1avOVoJTmkOM/LBYaAuXONl+
Cd8GL/Sy4uzvDSPu9mL30i5yMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org