Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgc2ZfUAbFPNbc28XDADIci8hUY.roa
File: tgc2ZfUAbFPNbc28XDADIci8hUY.roa (raw, json)
Hash identifier: F6mf1mjiBOl03+LL0X/oWHxPn0L+23R4qfAgw0El5dI=
Subject key identifier: B6:07:36:65:F5:00:6C:53:CD:6D:CD:BC:5C:30:03:21:C8:BC:85:46
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018682E6E38D3B694B60D9AE0F861E34D379
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgc2ZfUAbFPNbc28XDADIci8hUY.roa
Signing time: Fri 24 Feb 2023 10:10:14 +0000
ROA not before: Fri 24 Feb 2023 10:10:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:e6:e3:8d:3b:69:4b:60:d9:ae:0f:86:1e:34:d3:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 24 10:10:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6073665f5006c53cd6dcdbc5c300321c8bc8546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:40:9c:87:a3:4a:c6:cc:3b:2b:d0:6a:74:
af:42:b3:1c:af:46:9a:8c:da:3a:76:47:1d:d0:67:
af:32:7d:97:73:8d:c3:f4:8a:d6:76:93:ff:4e:54:
23:1b:58:fd:f0:f8:45:a6:a5:34:af:ad:52:ff:75:
fc:2a:79:70:2c:5b:ab:6d:c7:75:c5:13:c0:c5:81:
05:0a:55:24:99:e9:a5:a8:53:1f:30:d0:7f:93:df:
73:7f:5e:c2:67:66:e8:5b:a6:2a:2b:65:c2:13:f8:
4d:6d:3d:83:ab:da:ec:41:34:9a:e9:4e:c3:d3:48:
d9:06:60:fb:e6:7f:b0:c0:b3:18:97:ea:68:1a:a4:
15:da:65:63:fe:18:15:87:01:2f:c6:44:29:04:d0:
5e:93:75:26:f5:73:55:5b:7e:20:05:16:9d:2a:6f:
c3:b8:82:b6:5c:22:46:5b:3f:da:5f:bd:1d:48:c9:
ae:d8:06:f9:ec:70:76:6b:fe:b8:e5:bd:cc:00:f9:
a6:8d:0c:9f:45:f9:3c:3f:75:ca:6d:07:d9:8b:8d:
f8:dd:6d:15:dc:3e:34:f5:93:2c:8a:e2:12:09:6e:
7a:f9:18:a8:45:b9:e2:aa:55:6f:1a:d5:23:ca:c6:
68:a3:37:26:c6:2c:78:e1:d3:f0:bd:ae:2a:90:4e:
37:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:07:36:65:F5:00:6C:53:CD:6D:CD:BC:5C:30:03:21:C8:BC:85:46
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgc2ZfUAbFPNbc28XDADIci8hUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/22
88.209.192.0/21
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:86:a6:29:d5:33:01:c1:c6:2e:a4:10:ff:03:c5:59:fb:e4:
6e:02:dd:28:ac:71:69:de:19:09:1f:9c:bc:d0:f5:08:9e:dc:
5b:8a:98:da:1e:2b:d3:f2:4c:74:a5:a9:28:0a:11:a1:14:ab:
1a:ec:ed:17:95:dd:8d:75:c1:78:de:cc:71:01:8c:fe:29:ce:
3d:73:a2:41:68:74:00:6f:8c:1f:a5:86:43:57:20:c2:f0:62:
f5:7d:d6:8c:5c:67:c1:ed:d3:a6:6a:94:0c:da:af:e6:2f:fe:
85:93:0d:24:43:3a:43:12:46:e4:38:3d:cb:ed:f7:e4:3f:fe:
d2:3a:ce:cd:9d:00:9a:1b:5c:46:2d:68:0a:e3:a1:42:9b:47:
05:c0:b7:9b:a5:3a:cc:51:48:a8:05:ac:3d:51:c5:df:53:e3:
22:63:c6:20:73:c7:e8:74:12:f0:62:3d:18:ad:c5:28:38:a1:
76:48:00:99:7a:13:d2:58:7e:ba:54:4e:29:f7:a0:67:c2:e0:
5c:97:ae:be:05:50:5b:9d:8a:18:03:ae:bf:d4:9d:a2:26:af:
7b:e8:ad:e1:d0:fd:c5:01:93:16:4e:8f:1d:f9:71:a8:bb:1d:
e3:7e:11:a7:51:a8:ba:1f:ff:b2:f9:40:d9:6e:58:02:7a:65:
24:38:68:25
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYaC5uONO2lLYNmuD4YeNNN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjI0MTAxMDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA3MzY2NWY1MDA2YzUzY2Q2ZGNkYmM1YzMwMDMyMWM4YmM4NTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnspAnIejSsbMOyvQanSvQrMcr0aa
jNo6dkcd0GevMn2Xc43D9IrWdpP/TlQjG1j98PhFpqU0r61S/3X8KnlwLFurbcd1
xRPAxYEFClUkmemlqFMfMNB/k99zf17CZ2boW6YqK2XCE/hNbT2Dq9rsQTSa6U7D
00jZBmD75n+wwLMYl+poGqQV2mVj/hgVhwEvxkQpBNBek3Um9XNVW34gBRadKm/D
uIK2XCJGWz/aX70dSMmu2Ab57HB2a/645b3MAPmmjQyfRfk8P3XKbQfZi4343W0V
3D409ZMsiuISCW56+RioRbniqlVvGtUjysZoozcmxix44dPwva4qkE43zwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFLYHNmX1AGxTzW3NvFwwAyHIvIVGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdGdjMlpmVUFiRlBOYmMyOFhEQURJY2k4aFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAk3y
nAMEA1jRwAMEA1w00AMEAFw02wMEArLS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkq
hkiG9w0BAQsFAAOCAQEAwYamKdUzAcHGLqQQ/wPFWfvkbgLdKKxxad4ZCR+cvND1
CJ7cW4qY2h4r0/JMdKWpKAoRoRSrGuztF5XdjXXBeN7McQGM/inOPXOiQWh0AG+M
H6WGQ1cgwvBi9X3WjFxnwe3TpmqUDNqv5i/+hZMNJEM6QxJG5Dg9y+335D/+0jrO
zZ0AmhtcRi1oCuOhQptHBcC3m6U6zFFIqAWsPVHF31PjImPGIHPH6HQS8GI9GK3F
KDihdkgAmXoT0lh+ulROKfegZ8LgXJeuvgVQW52KGAOuv9Sdoiave+it4dD9xQGT
Fk6PHflxqLsd434Rp1Gouh//svlA2W5YAnplJDhoJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org