Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rVUqzZ9hK8MoLD07X0Rm47D6nV0.roa
File: rVUqzZ9hK8MoLD07X0Rm47D6nV0.roa (raw, json)
Hash identifier: lc5GZJICTJ9bsP5CQjSwvs5oyklFRUd4rNWa1xKmphY=
Subject key identifier: AD:55:2A:CD:9F:61:2B:C3:28:2C:3D:3B:5F:44:66:E3:B0:FA:9D:5D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01859B9B8702E4AC43B4E83223D9EAB5AB41
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rVUqzZ9hK8MoLD07X0Rm47D6nV0.roa
Signing time: Tue 10 Jan 2023 12:15:39 +0000
ROA not before: Tue 10 Jan 2023 12:15:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/21 maxlen: 21
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:9b:87:02:e4:ac:43:b4:e8:32:23:d9:ea:b5:ab:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 10 12:15:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad552acd9f612bc3282c3d3b5f4466e3b0fa9d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3d:59:45:d4:f9:c3:33:f4:59:7c:87:42:30:
7a:83:87:07:27:b4:5c:23:be:0d:ef:fc:cf:69:dd:
82:e8:42:78:55:09:b1:23:3f:e6:b3:bc:70:d0:b4:
76:5e:60:68:ea:cd:df:bd:5e:0f:7e:da:40:1c:de:
a4:61:7f:47:6a:84:6c:61:04:b8:e9:18:03:42:c6:
ca:b5:eb:97:a9:24:f2:22:50:a0:25:3c:47:53:f4:
60:10:96:6d:c1:c5:0f:47:5a:ca:7d:b1:2c:77:00:
cf:ee:b9:7f:52:ca:4c:c4:f8:6a:60:35:95:0d:27:
bf:25:ea:ae:c9:9a:55:b0:34:7a:23:aa:56:c0:f7:
a2:a1:7d:16:b7:be:6f:53:8e:9c:66:6d:24:e4:c0:
3b:4a:a1:c9:ad:2d:52:f4:e8:b1:25:1d:85:bf:fb:
09:95:d5:80:de:15:85:db:05:fa:e3:4d:46:52:63:
af:8d:43:85:65:da:8b:7e:bc:c3:52:d7:88:36:52:
da:4e:dc:57:14:83:03:d1:c8:28:ed:6d:0c:5e:94:
39:5b:03:3c:99:29:18:0f:8c:f7:af:c6:f4:c8:76:
2d:70:59:2e:76:66:34:16:2d:f8:2d:1e:5c:1e:f7:
ef:6e:59:f3:1d:b2:8b:e3:ca:44:04:0c:c6:5e:42:
4e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:55:2A:CD:9F:61:2B:C3:28:2C:3D:3B:5F:44:66:E3:B0:FA:9D:5D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rVUqzZ9hK8MoLD07X0Rm47D6nV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/20
88.209.192.0/21
88.209.208.0-88.209.225.255
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
79:db:10:3d:26:45:dc:15:92:57:fe:1a:6c:be:48:d6:48:8a:
66:e7:82:79:8c:97:09:d3:34:e2:57:17:07:fb:be:a5:b6:b0:
04:ad:48:4d:43:59:c2:08:c3:77:a9:ee:bf:69:2d:07:7d:b3:
c6:87:5b:2f:8e:a1:2c:25:05:28:23:14:bf:9f:f9:e6:19:d7:
9d:90:0e:33:8f:e8:7a:61:24:fa:f1:4f:ec:44:46:62:3e:b6:
e1:fe:04:cf:d2:c8:2f:be:4a:90:b5:9e:f8:5a:75:b5:09:74:
ec:76:94:e0:09:ed:d3:84:e5:fe:54:15:6a:a6:f9:30:fa:0f:
8a:71:55:d8:54:34:d6:c7:63:fa:6c:8c:42:24:29:e9:61:71:
88:f5:2c:85:24:48:d5:f8:58:50:cb:89:52:2a:67:5b:f9:34:
1b:d7:b4:b6:3e:ff:8b:29:e1:90:53:d7:4b:6d:86:95:67:aa:
b2:de:0b:eb:be:c9:e5:70:0e:a2:48:dc:cf:a4:2a:b2:b3:0f:
4e:88:d8:18:bb:9e:8c:78:3a:e4:44:39:89:46:b9:53:c0:bd:
8b:10:a4:ac:52:ba:79:64:8c:16:5f:ba:10:28:be:f5:6c:54:
77:78:1f:03:21:de:c8:b3:66:a2:e3:48:15:45:a6:cb:51:b2:
d3:89:d8:c8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYWbm4cC5KxDtOgyI9nqtatBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTEwMTIxNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDU1MmFjZDlmNjEyYmMzMjgyYzNkM2I1ZjQ0NjZlM2IwZmE5ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj1ZRdT5wzP0WXyHQjB6g4cHJ7Rc
I74N7/zPad2C6EJ4VQmxIz/ms7xw0LR2XmBo6s3fvV4PftpAHN6kYX9HaoRsYQS4
6RgDQsbKteuXqSTyIlCgJTxHU/RgEJZtwcUPR1rKfbEsdwDP7rl/UspMxPhqYDWV
DSe/JequyZpVsDR6I6pWwPeioX0Wt75vU46cZm0k5MA7SqHJrS1S9OixJR2Fv/sJ
ldWA3hWF2wX6401GUmOvjUOFZdqLfrzDUteINlLaTtxXFIMD0cgo7W0MXpQ5WwM8
mSkYD4z3r8b0yHYtcFkudmY0Fi34LR5cHvfvblnzHbKL48pEBAzGXkJOaQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFK1VKs2fYSvDKCw9O19EZuOw+p1dMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvclZVcXpaOWhLOE1vTEQwN1gwUm00N0Q2blYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBARN8pADBANY0cAwDAMEBFjR0AMEAVjR4AMEA1w0
0AMEAFw02wMEA7LS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkqhkiG9w0BAQsFAAOC
AQEAedsQPSZF3BWSV/4abL5I1kiKZueCeYyXCdM04lcXB/u+pbawBK1ITUNZwgjD
d6nuv2ktB32zxodbL46hLCUFKCMUv5/55hnXnZAOM4/oemEk+vFP7ERGYj624f4E
z9LIL75KkLWe+Fp1tQl07HaU4Ant04Tl/lQVaqb5MPoPinFV2FQ01sdj+myMQiQp
6WFxiPUshSRI1fhYUMuJUipnW/k0G9e0tj7/iynhkFPXS22GlWeqst4L677J5XAO
okjcz6QqsrMPTojYGLuejHg65EQ5iUa5U8C9ixCkrFK6eWSMFl+6ECi+9WxUd3gf
AyHeyLNmouNIFUWmy1Gy04nYyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org