Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rapu-bJX0BGRsgMEj0JyPYLIxlY.roa
File: rapu-bJX0BGRsgMEj0JyPYLIxlY.roa (raw, json)
Hash identifier: L//+TKtb7SYA3Q3/BJodLcaN87tHJ3tFETfaYcCF4XE=
Subject key identifier: AD:AA:6E:F9:B2:57:D0:11:91:B2:03:04:8F:42:72:3D:82:C8:C6:56
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824A3BB56E65111DCA95AEB37392517DB3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rapu-bJX0BGRsgMEj0JyPYLIxlY.roa
Signing time: Fri 29 Jul 2022 13:53:23 +0000
ROA not before: Fri 29 Jul 2022 13:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.231.0/24 maxlen: 24
88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
83.137.159.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.151.60.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
92.52.219.0/24 maxlen: 24
92.52.215.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.213.0/24 maxlen: 24
92.52.212.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:3b:b5:6e:65:11:1d:ca:95:ae:b3:73:92:51:7d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 29 13:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adaa6ef9b257d01191b203048f42723d82c8c656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:5e:39:4b:7b:3e:ba:d4:54:3b:bd:76:47:
52:40:9f:5c:50:fc:37:37:e1:5b:8d:a3:52:93:bb:
a0:fd:26:73:0e:bb:58:85:e9:cc:2e:65:d6:5d:cb:
49:75:e0:e2:14:b2:33:cf:1e:1e:a9:bd:27:b5:48:
d8:f6:84:71:fc:4f:a6:c7:d7:0f:cd:32:56:27:1c:
b0:d9:88:dc:fd:ba:1a:9b:5d:e4:ef:45:14:c0:69:
b1:5d:d6:29:96:1c:be:1d:84:7d:10:76:7e:e2:3b:
59:93:68:d8:38:56:f7:ac:22:88:fa:d7:5e:3a:b0:
d6:9e:77:a8:61:db:f1:7f:78:9c:14:38:5a:4a:7a:
99:38:0e:d4:3e:2f:5d:72:a1:d5:7c:ba:17:46:6a:
57:45:d4:07:0a:a2:2e:ee:96:bf:e5:40:62:46:0e:
05:82:79:e7:04:db:f4:c3:de:13:61:e2:30:ea:34:
a8:04:c0:54:53:d4:fe:ff:6a:ef:ad:bc:7c:33:dd:
f9:67:15:a2:69:40:22:66:51:9a:48:53:79:38:9e:
e2:af:a5:23:a9:21:3d:66:30:4e:0f:77:5a:d2:96:
e7:46:6d:c7:7a:ce:89:15:a2:5d:67:43:eb:37:20:
a4:0d:3c:59:b2:34:3e:af:dc:4b:a8:89:bb:54:ad:
8d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AA:6E:F9:B2:57:D0:11:91:B2:03:04:8F:42:72:3D:82:C8:C6:56
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/rapu-bJX0BGRsgMEj0JyPYLIxlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0-45.14.10.255
77.242.144.0/20
83.137.159.0/24
88.151.60.0/22
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.231.0/24
88.209.240.0/22
92.52.208.0-92.52.213.255
92.52.215.0/24
92.52.219.0/24
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c3:da:a9:5f:40:9b:b7:8a:03:7e:75:fb:95:bf:3e:f8:56:
12:0b:41:9d:e4:3f:ba:eb:b5:56:e7:26:b3:53:d4:8a:11:fb:
b9:39:97:50:f6:a3:c8:ac:04:47:ba:56:f5:ad:b1:ea:f2:fa:
98:d8:89:50:6e:19:b0:71:1d:4d:b2:c5:83:7f:09:86:49:d2:
cc:45:fb:3a:03:1b:58:80:68:b8:94:26:e7:e8:13:82:b9:90:
43:88:5c:4d:cf:a8:ac:7d:98:56:49:23:fa:70:c6:c7:21:8d:
48:66:27:ae:2f:3e:76:a6:2b:ea:16:b7:5e:b6:23:82:20:da:
a9:37:b5:80:20:c7:09:a2:60:c7:f0:88:5f:a3:9d:d5:9d:65:
49:b9:be:da:f2:ff:ce:a5:68:d2:ee:76:25:9b:2c:3d:78:bc:
d8:be:23:af:56:a5:d9:aa:af:24:4c:55:9d:ad:4d:1f:51:2a:
6f:b7:88:15:9b:62:0d:ca:4b:12:8f:36:48:4d:2f:6e:6c:b3:
09:33:eb:4a:d5:b6:2c:01:07:dd:23:fa:d6:62:aa:a1:71:16:
59:af:99:11:6c:f6:c4:ea:c4:cd:7b:0e:7c:02:0d:85:86:c3:
3e:37:1b:cb:d6:b5:20:7f:83:18:71:1f:56:cc:3e:f4:b8:f8:
ac:f2:59:c0
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYJKO7VuZREdypWus3OSUX2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI5MTM1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFhNmVmOWIyNTdkMDExOTFiMjAzMDQ4ZjQyNzIzZDgyYzhjNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmpeOUt7PrrUVDu9dkdSQJ9cUPw3
N+FbjaNSk7ug/SZzDrtYhenMLmXWXctJdeDiFLIzzx4eqb0ntUjY9oRx/E+mx9cP
zTJWJxyw2Yjc/boam13k70UUwGmxXdYplhy+HYR9EHZ+4jtZk2jYOFb3rCKI+tde
OrDWnneoYdvxf3icFDhaSnqZOA7UPi9dcqHVfLoXRmpXRdQHCqIu7pa/5UBiRg4F
gnnnBNv0w94TYeIw6jSoBMBUU9T+/2rvrbx8M935ZxWiaUAiZlGaSFN5OJ7ir6Uj
qSE9ZjBOD3da0pbnRm3Hes6JFaJdZ0PrNyCkDTxZsjQ+r9xLqIm7VK2NZQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFK2qbvmyV9ARkbIDBI9Ccj2CyMZWMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvcmFwdS1iSlgwQkdSc2dNRWowSnlQWUxJeGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQALQmp
AwQCLQmoMAwDBAMtDggDBAAtDgoDBARN8pADBABTiZ8DBAJYlzwDBANY0cAwDAME
BFjR0AMEAljR4AMEAFjR5wMEAljR8DAMAwQEXDTQAwQBXDTUAwQAXDTXAwQAXDTb
AwQAstLsMA0GCSqGSIb3DQEBCwUAA4IBAQCow9qpX0Cbt4oDfnX7lb8++FYSC0Gd
5D+667VW5yazU9SKEfu5OZdQ9qPIrARHulb1rbHq8vqY2IlQbhmwcR1NssWDfwmG
SdLMRfs6AxtYgGi4lCbn6BOCuZBDiFxNz6isfZhWSSP6cMbHIY1IZieuLz52pivq
FrdetiOCINqpN7WAIMcJomDH8Ihfo53VnWVJub7a8v/OpWjS7nYlmyw9eLzYviOv
VqXZqq8kTFWdrU0fUSpvt4gVm2INyksSjzZITS9ubLMJM+tK1bYsAQfdI/rWYqqh
cRZZr5kRbPbE6sTNew58Ag2FhsM+NxvL1rUgf4MYcR9WzD70uPis8lnA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org