Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/otU78FaMjjiP8436-m1zQu8uL9Q.roa
File: otU78FaMjjiP8436-m1zQu8uL9Q.roa (raw, json)
Hash identifier: 9eIgK93wzPq4/1TJdBnz8vRPQ0SEYhgzGOnAOXKrgwM=
Subject key identifier: A2:D5:3B:F0:56:8C:8E:38:8F:F3:8D:FA:FA:6D:73:42:EF:2E:2F:D4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0187F008CE61EDCFC640C5ADAF934F38F26B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/otU78FaMjjiP8436-m1zQu8uL9Q.roa
Signing time: Sat 06 May 2023 07:48:41 +0000
ROA not before: Sat 06 May 2023 07:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.209.248.0/24 maxlen: 24
88.209.249.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:08:ce:61:ed:cf:c6:40:c5:ad:af:93:4f:38:f2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 6 07:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d53bf0568c8e388ff38dfafa6d7342ef2e2fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:64:bd:90:73:32:93:54:52:59:00:2a:5f:87:
c9:64:4e:70:e1:97:00:1d:9d:f4:28:cb:cf:d9:b9:
33:9a:27:0c:26:37:bc:a9:e7:dd:0b:f0:73:55:4f:
7a:58:d6:08:08:4a:3b:aa:49:7b:2e:a1:ba:d2:52:
7f:69:54:9e:65:1c:11:1a:76:e5:53:fd:39:80:1b:
b7:e3:e9:0f:9a:f4:34:35:e6:0e:9d:92:b4:e9:07:
1d:01:d9:1e:fe:97:e6:9c:36:47:bd:c8:80:42:66:
c0:59:82:b9:36:8e:a7:d4:64:fc:4b:dc:f7:68:c9:
ee:7e:a8:c6:91:c0:df:ca:24:c9:ce:1f:61:76:62:
e7:59:40:ef:df:7f:0a:68:47:bc:65:a4:33:85:3c:
70:c9:7f:18:bc:93:e0:99:2e:ce:ce:14:bc:2f:36:
ec:9f:ff:4b:0d:7f:1d:e0:2c:c5:1f:60:8c:d6:d9:
41:40:65:bc:c2:b1:1b:fa:93:38:d9:87:8f:78:9d:
fd:86:58:35:8b:bf:3e:a8:fa:75:43:65:4a:99:ca:
49:b1:9d:42:8d:68:0f:ec:cb:0f:dc:bc:48:11:78:
4c:ff:4a:b1:dc:cf:93:00:12:10:c2:89:be:cf:44:
85:2b:e3:93:2a:1e:03:64:66:38:0e:ee:1b:43:84:
ab:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D5:3B:F0:56:8C:8E:38:8F:F3:8D:FA:FA:6D:73:42:EF:2E:2F:D4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/otU78FaMjjiP8436-m1zQu8uL9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.56.0/24
88.151.61.0/24
88.209.195.0/24
88.209.209.0/24
88.209.216.0/24
88.209.221.0/24
88.209.225.0/24
88.209.248.0/23
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
19:42:c6:84:5a:9a:59:80:39:66:83:fc:ee:9f:df:b5:eb:4f:
2f:70:f9:c9:2c:9d:d8:38:8a:11:b8:24:21:cd:ab:8d:c6:b9:
8f:35:63:20:2e:45:c4:9b:8c:e1:8c:24:23:6e:9a:46:da:9c:
4a:8c:16:99:19:29:56:4f:45:f4:16:99:d8:51:87:78:d1:a5:
a3:18:2b:0a:5e:0b:70:df:f2:d9:c8:18:4b:42:38:52:60:e3:
af:0c:a8:21:01:c5:73:f9:3e:4e:64:fd:bb:58:97:f0:60:60:
7f:20:b1:1d:3d:24:de:06:65:63:b7:3b:af:f5:af:8a:ed:73:
49:85:fa:a4:86:1e:a0:75:ad:e5:5b:e9:73:92:77:17:68:c2:
1a:5f:be:e4:2c:62:96:26:35:49:34:b3:22:1b:e4:4e:b3:d5:
8b:bb:d3:45:27:94:5c:59:36:c5:58:3d:37:d0:9c:01:e2:36:
5c:ec:74:f8:60:5e:0d:ab:d2:f8:25:bf:9a:5c:48:f3:bb:22:
98:25:24:7b:81:58:9e:dd:60:50:65:c0:59:26:bf:be:08:d2:
d7:3f:54:87:a8:6c:47:91:9f:0e:e7:1b:91:7d:6e:a6:7c:c4:
0d:b7:1d:f4:3a:ec:29:4e:0e:a2:f8:cb:54:5f:8a:13:d1:5c:
66:eb:68:96
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYfwCM5h7c/GQMWtr5NPOPJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTA2MDc0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ1M2JmMDU2OGM4ZTM4OGZmMzhkZmFmYTZkNzM0MmVmMmUyZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGS9kHMyk1RSWQAqX4fJZE5w4ZcA
HZ30KMvP2bkzmicMJje8qefdC/BzVU96WNYICEo7qkl7LqG60lJ/aVSeZRwRGnbl
U/05gBu34+kPmvQ0NeYOnZK06QcdAdke/pfmnDZHvciAQmbAWYK5No6n1GT8S9z3
aMnufqjGkcDfyiTJzh9hdmLnWUDv338KaEe8ZaQzhTxwyX8YvJPgmS7OzhS8Lzbs
n/9LDX8d4CzFH2CM1tlBQGW8wrEb+pM42YePeJ39hlg1i78+qPp1Q2VKmcpJsZ1C
jWgP7MsP3LxIEXhM/0qx3M+TABIQwom+z0SFK+OTKh4DZGY4Du4bQ4Sr0QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKLVO/BWjI44j/ON+vptc0LvLi/UMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvb3RVNzhGYU1qamlQODQzNi1tMXpRdTh1TDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABbZxAwQA
WJc4AwQAWJc9AwQAWNHDAwQAWNHRAwQAWNHYAwQAWNHdAwQAWNHhAwQBWNH4AwQA
stLsMA0GCSqGSIb3DQEBCwUAA4IBAQAZQsaEWppZgDlmg/zun9+1608vcPnJLJ3Y
OIoRuCQhzauNxrmPNWMgLkXEm4zhjCQjbppG2pxKjBaZGSlWT0X0FpnYUYd40aWj
GCsKXgtw3/LZyBhLQjhSYOOvDKghAcVz+T5OZP27WJfwYGB/ILEdPSTeBmVjtzuv
9a+K7XNJhfqkhh6gda3lW+lzkncXaMIaX77kLGKWJjVJNLMiG+ROs9WLu9NFJ5Rc
WTbFWD030JwB4jZc7HT4YF4Nq9L4Jb+aXEjzuyKYJSR7gVie3WBQZcBZJr++CNLX
P1SHqGxHkZ8O5xuRfW6mfMQNtx30OuwpTg6i+MtUX4oT0Vxm62iW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org