Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMW1u6026HWi_EftQ-FBNkrMcMc.roa
File: nMW1u6026HWi_EftQ-FBNkrMcMc.roa (raw, json)
Hash identifier: v4bTDmoSdKGG7htfhzvP6gYchKLdN9q0e+9BErn3lpw=
Subject key identifier: 9C:C5:B5:BB:AD:36:E8:75:A2:FC:47:ED:43:E1:41:36:4A:CC:70:C7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018B90B225E7C971AD9AB3EBA9A5B4C79652
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMW1u6026HWi_EftQ-FBNkrMcMc.roa
Signing time: Thu 02 Nov 2023 15:41:16 +0000
ROA not before: Thu 02 Nov 2023 15:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 83.137.158.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:b2:25:e7:c9:71:ad:9a:b3:eb:a9:a5:b4:c7:96:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 2 15:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cc5b5bbad36e875a2fc47ed43e141364acc70c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:c1:9a:da:24:fe:ef:e2:a2:76:ff:f5:6a:
07:ea:c9:d7:20:6e:71:78:02:8c:d4:0b:00:64:ee:
95:46:05:89:46:13:b8:15:d8:54:1a:ab:43:54:e3:
2c:d0:77:fb:dc:9b:e1:25:e5:47:53:c2:6b:6b:be:
af:c6:f0:94:36:7b:0d:56:bf:98:19:e7:50:bc:24:
2e:35:c9:1a:7d:2b:c0:0e:9c:60:81:69:1d:34:c3:
79:ac:e2:96:92:99:47:fe:33:74:a8:ce:65:00:ad:
31:83:39:15:e9:03:6e:4f:17:e0:ab:fe:45:95:1a:
22:19:6a:c0:77:c9:e5:26:a6:43:dd:91:d8:32:1c:
b9:78:d9:20:3f:3e:59:00:67:97:b6:74:4f:0e:5d:
ee:28:26:65:48:17:89:1a:1c:0a:53:09:74:d7:e8:
1f:6d:28:e3:5f:1b:33:40:fd:d0:c9:4b:2d:c7:84:
1d:12:e3:c5:d7:11:fd:36:87:59:43:27:ab:e9:41:
b8:8e:7d:f2:66:0a:2a:5e:41:3b:a8:28:cb:d0:64:
35:13:44:22:f2:1d:ae:f0:d2:e6:1f:90:a9:67:86:
76:9e:3a:18:d5:78:83:7e:a3:8f:e4:db:ad:56:66:
12:3f:bc:4c:6f:6b:41:d0:e4:1a:7c:f5:bb:0d:14:
91:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:B5:BB:AD:36:E8:75:A2:FC:47:ED:43:E1:41:36:4A:CC:70:C7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/nMW1u6026HWi_EftQ-FBNkrMcMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.158.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/23
178.210.233.0/24
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
18:a8:96:bd:b0:fd:c6:4a:81:d6:84:22:4f:72:dd:9e:3b:62:
5c:a4:86:6b:e1:08:d1:ab:24:24:a9:6a:c1:a1:6d:d1:7f:22:
cb:a8:de:c8:c5:e4:01:c0:f7:66:a3:90:52:b3:4d:cf:4b:1b:
10:13:2d:66:69:b9:fd:dc:88:88:58:28:c4:46:cd:4f:dd:42:
e4:b1:43:9c:07:c8:30:51:ce:22:b4:9f:32:75:c3:24:22:fd:
e9:3e:fb:93:04:6b:d2:fc:04:a0:ee:cd:39:f3:d3:69:c0:93:
29:93:fd:99:ad:06:8c:28:a8:3b:a4:85:02:c1:2f:9c:63:78:
c1:28:73:64:ce:50:66:91:5d:b7:68:ee:ed:69:6e:bb:31:70:
3a:ce:14:ec:b4:66:61:3f:e2:79:54:5c:a3:40:89:90:f9:44:
f3:03:ed:c1:d0:89:ec:54:e7:1e:0b:41:01:5a:0b:96:79:3b:
37:11:ea:6a:86:39:bd:23:3d:3d:10:dc:08:34:90:16:b5:33:
34:18:d4:0a:3e:da:1c:2a:69:67:21:9b:b9:a9:83:17:56:a2:
b6:ea:7e:56:70:4d:fa:c8:13:29:c6:ae:ec:73:c1:49:f6:64:
26:d5:70:55:31:ad:b8:6f:48:96:83:96:29:16:ea:a0:05:75:
09:f6:64:f3
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYuQsiXnyXGtmrPrqaW0x5ZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMxMTAyMTU0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M1YjViYmFkMzZlODc1YTJmYzQ3ZWQ0M2UxNDEzNjRhY2M3MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMDBmtok/u/ionb/9WoH6snXIG5x
eAKM1AsAZO6VRgWJRhO4FdhUGqtDVOMs0Hf73JvhJeVHU8Jra76vxvCUNnsNVr+Y
GedQvCQuNckafSvADpxggWkdNMN5rOKWkplH/jN0qM5lAK0xgzkV6QNuTxfgq/5F
lRoiGWrAd8nlJqZD3ZHYMhy5eNkgPz5ZAGeXtnRPDl3uKCZlSBeJGhwKUwl01+gf
bSjjXxszQP3QyUstx4QdEuPF1xH9NodZQyer6UG4jn3yZgoqXkE7qCjL0GQ1E0Qi
8h2u8NLmH5CpZ4Z2njoY1XiDfqOP5NutVmYSP7xMb2tB0OQafPW7DRSRVwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFJzFtbutNuh1ovxH7UPhQTZKzHDHMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbk1XMXU2MDI2SFdpX0VmdFEtRkJOa3JNY01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2MAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFOJngME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEAbLS4AME
ALLS6QMEA7L4yAMEAMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOC
AQEAGKiWvbD9xkqB1oQiT3LdnjtiXKSGa+EI0askJKlqwaFt0X8iy6jeyMXkAcD3
ZqOQUrNNz0sbEBMtZmm5/dyIiFgoxEbNT91C5LFDnAfIMFHOIrSfMnXDJCL96T77
kwRr0vwEoO7NOfPTacCTKZP9ma0GjCioO6SFAsEvnGN4wShzZM5QZpFdt2ju7Wlu
uzFwOs4U7LRmYT/ieVRco0CJkPlE8wPtwdCJ7FTnHgtBAVoLlnk7NxHqaoY5vSM9
PRDcCDSQFrUzNBjUCj7aHCppZyGbuamDF1aitup+VnBN+sgTKcau7HPBSfZkJtVw
VTGtuG9IloOWKRbqoAV1CfZk8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org