Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qVNVmGSq5AImw128ldMowtQAB8E.roa
File: qVNVmGSq5AImw128ldMowtQAB8E.roa (raw, json)
Hash identifier: +ToUdjfe0JViUWCsFLvmwAx07JjKMajjq3WG0cUVit0=
Subject key identifier: A9:53:55:98:64:AA:E4:02:26:C3:5D:BC:95:D3:28:C2:D4:00:07:C1
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018894A43F6C79560165AA56663C1B887A5C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qVNVmGSq5AImw128ldMowtQAB8E.roa
Signing time: Wed 07 Jun 2023 06:56:12 +0000
ROA not before: Wed 07 Jun 2023 06:56:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 88.209.244.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.59.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
2.58.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:a4:3f:6c:79:56:01:65:aa:56:66:3c:1b:88:7a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 7 06:56:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a953559864aae40226c35dbc95d328c2d40007c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:2b:e4:18:92:07:08:1a:68:94:1c:77:8a:
cb:8c:69:26:84:3d:99:2f:e2:f7:a5:da:a5:93:4c:
fa:c9:68:52:59:e6:b5:c1:18:76:d6:b4:46:27:42:
65:de:7f:11:31:df:57:30:3a:3d:2a:51:74:5a:19:
c4:b5:63:6d:ba:54:6b:59:ad:04:79:fa:c6:00:81:
2a:98:76:02:07:a1:0b:ab:03:e1:20:a7:8a:4f:ff:
55:eb:7d:39:80:69:f5:16:15:8e:f0:c6:e2:e7:1c:
15:63:cb:ff:4e:b5:92:ba:7d:85:10:70:30:de:81:
da:b6:05:cd:fb:ae:28:18:c9:c7:6e:7a:76:0e:b0:
7a:c0:e5:38:87:85:4a:22:53:a0:ab:f9:f5:e7:21:
09:ef:02:5b:dc:10:e4:82:d2:b2:ce:93:8a:da:79:
66:b0:1b:1b:2b:cd:cf:20:73:c6:f4:9d:31:d8:f9:
1f:cf:8b:06:b2:34:c3:c8:9a:3b:83:7a:89:6b:4b:
af:7c:ee:0c:35:45:ad:42:46:85:f0:23:7c:7c:c2:
c7:64:fd:d4:48:b6:92:c1:f2:78:9e:dd:39:4c:22:
94:06:a0:90:ae:dc:45:4a:92:5c:9e:e7:df:64:14:
2a:23:ec:e3:cb:30:de:1f:1d:5d:23:4b:c5:72:61:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:55:98:64:AA:E4:02:26:C3:5D:BC:95:D3:28:C2:D4:00:07:C1
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/qVNVmGSq5AImw128ldMowtQAB8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.58.0/23
88.151.61.0/24
88.209.192.0/24
88.209.194.0/24
88.209.207.0/24
88.209.209.0/24
88.209.221.0-88.209.222.255
88.209.224.0/23
88.209.244.0/24
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:3f:dc:e1:0f:e2:ac:ea:4b:fd:1e:d0:cc:93:15:16:3b:a3:
b7:d9:aa:a8:86:75:b0:5c:d2:fd:3e:88:64:c3:8f:8a:ee:12:
46:d6:6d:13:01:96:ed:1a:c2:bc:65:53:ea:c1:8c:79:4f:9f:
b8:61:75:c1:b3:31:51:a5:64:a0:77:57:05:e7:b5:68:e1:4c:
06:e0:fc:ca:4a:98:8d:a8:7c:ce:f7:89:0e:a8:fa:12:76:49:
00:e6:7a:7b:be:ed:c8:0f:d7:e4:12:c6:65:53:76:3c:d7:a5:
4e:15:dc:da:ac:ad:86:07:f5:0d:f8:1c:49:90:9e:62:d7:b9:
cb:90:9a:99:52:8e:12:08:3e:76:cf:7f:22:30:6f:ce:54:01:
94:9d:01:8a:fd:58:65:e9:dc:68:83:9a:1c:23:c9:af:e0:d7:
f3:68:05:9e:47:f1:9b:82:ad:69:8c:0c:8b:8b:fc:ac:16:ef:
ba:b6:ad:fd:02:59:89:8f:1e:cd:32:67:36:4b:a3:70:0d:71:
ba:da:fe:dc:02:c7:28:aa:b3:22:71:08:94:95:5b:41:0b:6f:
05:53:b6:e3:63:2a:bb:fb:68:4b:2a:4f:b6:62:d1:3a:cc:08:
15:46:e7:15:07:28:f1:17:72:74:4d:9b:bc:c9:b0:b1:c9:5b:
5f:03:d7:98
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYiUpD9seVYBZapWZjwbiHpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjA3MDY1NjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUzNTU5ODY0YWFlNDAyMjZjMzVkYmM5NWQzMjhjMmQ0MDAwN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6kr5BiSBwgaaJQcd4rLjGkmhD2Z
L+L3pdqlk0z6yWhSWea1wRh21rRGJ0Jl3n8RMd9XMDo9KlF0WhnEtWNtulRrWa0E
efrGAIEqmHYCB6ELqwPhIKeKT/9V6305gGn1FhWO8Mbi5xwVY8v/TrWSun2FEHAw
3oHatgXN+64oGMnHbnp2DrB6wOU4h4VKIlOgq/n15yEJ7wJb3BDkgtKyzpOK2nlm
sBsbK83PIHPG9J0x2Pkfz4sGsjTDyJo7g3qJa0uvfO4MNUWtQkaF8CN8fMLHZP3U
SLaSwfJ4nt05TCKUBqCQrtxFSpJcnuffZBQqI+zjyzDeHx1dI0vFcmFDNwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFKlTVZhkquQCJsNdvJXTKMLUAAfBMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcVZOVm1HU3E1QUltdzEyOGxkTW93dFFBQjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjqrAwQB
WJc6AwQAWJc9AwQAWNHAAwQAWNHCAwQAWNHPAwQAWNHRMAwDBABY0d0DBABY0d4D
BAFY0eADBABY0fQDBACy0uwwDQYJKoZIhvcNAQELBQADggEBAA4/3OEP4qzqS/0e
0MyTFRY7o7fZqqiGdbBc0v0+iGTDj4ruEkbWbRMBlu0awrxlU+rBjHlPn7hhdcGz
MVGlZKB3VwXntWjhTAbg/MpKmI2ofM73iQ6o+hJ2SQDmenu+7cgP1+QSxmVTdjzX
pU4V3NqsrYYH9Q34HEmQnmLXucuQmplSjhIIPnbPfyIwb85UAZSdAYr9WGXp3GiD
mhwjya/g1/NoBZ5H8ZuCrWmMDIuL/KwW77q2rf0CWYmPHs0yZzZLo3ANcbra/twC
xyiqsyJxCJSVW0ELbwVTtuNjKrv7aEsqT7Zi0TrMCBVG5xUHKPEXcnRNm7zJsLHJ
W18D15g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org