Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tv0W9viu0MgBLO7c0DJprvfPOI8.roa
File: tv0W9viu0MgBLO7c0DJprvfPOI8.roa (raw, json)
Hash identifier: 686EvZ1MmaSxvWVBjIVEao/WNfF/sVw+kycdabv8CKg=
Subject key identifier: B6:FD:16:F6:F8:AE:D0:C8:01:2C:EE:DC:D0:32:69:AE:F7:CF:38:8F
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0182D8D4A0A169B9883D516A3EE6E2E29B66
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tv0W9viu0MgBLO7c0DJprvfPOI8.roa
Signing time: Fri 26 Aug 2022 06:26:29 +0000
ROA not before: Fri 26 Aug 2022 06:26:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.227.0/24 maxlen: 24
88.209.240.0/22 maxlen: 22
178.210.224.0/21 maxlen: 21
83.137.159.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.9.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:d4:a0:a1:69:b9:88:3d:51:6a:3e:e6:e2:e2:9b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 26 06:26:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6fd16f6f8aed0c8012ceedcd03269aef7cf388f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:0e:b1:b0:9b:58:79:04:d4:7d:a6:18:43:
09:02:7d:b2:9b:a8:40:2e:70:4f:a2:c3:4a:10:45:
f2:53:22:2f:41:fa:93:c8:a1:9b:2f:8e:f9:41:92:
2e:78:1a:49:6f:37:f6:8a:e6:1d:b1:68:ca:2f:ac:
a5:bc:73:c4:ed:cb:9e:9d:5d:fa:e1:b6:4f:d9:96:
a8:a5:52:75:b5:d6:b8:a1:1a:85:6c:6b:26:99:08:
43:51:f4:8c:e9:1b:80:17:f8:a0:f8:6b:de:d3:eb:
b0:69:b7:8a:18:60:95:5e:f0:67:e5:78:1c:a9:41:
aa:71:f8:d9:ff:83:28:95:6b:a5:b5:98:1e:7c:64:
2c:9b:a7:6c:68:67:55:c8:e3:22:0c:9c:69:3e:55:
31:57:af:2b:1d:21:4f:2a:00:00:b8:f5:65:b8:e2:
c8:f7:62:60:a3:c6:dc:c6:d9:fb:70:a9:6b:81:d5:
27:33:65:df:1f:78:3c:07:4f:95:5e:d2:81:aa:dd:
7f:c9:f1:a6:2b:c7:db:46:97:a1:8e:c4:62:ac:d4:
3f:9d:d6:1e:d9:b6:90:ad:fe:42:83:5a:b3:d1:5e:
10:f3:69:d2:31:75:45:17:91:ba:6b:da:9e:fb:19:
26:b8:86:26:eb:40:29:cd:da:39:f1:c8:6b:fb:70:
0f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FD:16:F6:F8:AE:D0:C8:01:2C:EE:DC:D0:32:69:AE:F7:CF:38:8F
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tv0W9viu0MgBLO7c0DJprvfPOI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0-45.14.10.255
77.242.144.0/20
83.137.159.0/24
88.209.192.0/21
88.209.208.0-88.209.227.255
88.209.240.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:b6:bf:85:2c:3e:67:31:50:e1:d4:77:ae:c6:1c:5c:65:cd:
bd:6c:be:ed:75:fd:3d:2b:8a:82:07:15:e9:f9:b2:77:82:28:
ac:e0:a1:b3:b6:fd:4a:95:1b:bd:7a:6f:a5:9a:c0:2d:7f:bc:
29:1c:96:28:fa:d9:a5:2f:dd:59:ae:ba:27:ef:5c:69:05:65:
34:40:40:c7:06:b0:d0:ef:66:af:f9:0d:03:87:c3:4a:db:3e:
f1:a8:e5:7f:5e:ab:2a:c2:cc:63:0e:a8:8c:c2:97:e5:d1:e3:
0e:9f:b8:ad:ef:ca:1e:5e:42:f4:b1:3e:2d:61:0c:85:44:d0:
6a:a7:50:b6:1f:79:b2:4a:41:64:56:0d:15:94:fe:bb:ea:ec:
87:ba:0b:f3:c2:a4:7a:37:5e:3b:dd:b2:e2:a6:6e:9b:b8:54:
c7:75:87:a8:bb:34:8b:ef:2c:cd:3e:7d:ea:05:a3:a9:0c:b5:
a1:e4:68:95:14:29:d4:09:20:0f:79:42:b9:d5:b1:50:81:64:
f1:49:1c:7a:e4:98:50:01:c5:34:d6:70:fe:7b:f9:94:1b:e1:
22:85:29:f8:fe:8f:3c:c2:f3:3f:32:ca:66:29:02:74:6c:a6:
8f:10:76:d6:c6:e6:4d:4b:b8:0c:1c:1f:c5:76:61:94:77:4a:
dd:ea:06:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYLY1KChabmIPVFqPubi4ptmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwODI2MDYyNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmZkMTZmNmY4YWVkMGM4MDEyY2VlZGNkMDMyNjlhZWY3Y2YzODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp90OsbCbWHkE1H2mGEMJAn2ym6hA
LnBPosNKEEXyUyIvQfqTyKGbL475QZIueBpJbzf2iuYdsWjKL6ylvHPE7cuenV36
4bZP2ZaopVJ1tda4oRqFbGsmmQhDUfSM6RuAF/ig+Gve0+uwabeKGGCVXvBn5Xgc
qUGqcfjZ/4MolWultZgefGQsm6dsaGdVyOMiDJxpPlUxV68rHSFPKgAAuPVluOLI
92Jgo8bcxtn7cKlrgdUnM2XfH3g8B0+VXtKBqt1/yfGmK8fbRpehjsRirNQ/ndYe
2baQrf5Cg1qz0V4Q82nSMXVFF5G6a9qe+xkmuIYm60Apzdo58chr+3APcQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFLb9Fvb4rtDIASzu3NAyaa73zziPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdHYwVzl2aXUwTWdCTE83YzBESnBydmZQT0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagwDAMEAy0OCAMEAC0OCgMEBE3ykAMEAFOJnwMEA1jRwDAMAwQEWNHQAwQC
WNHgAwQCWNHwAwQDXDTQAwQAXDTbAwQDstLgAwQAstLsAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQArtr+FLD5nMVDh1HeuxhxcZc29bL7tdf09K4qCBxXp
+bJ3giis4KGztv1KlRu9em+lmsAtf7wpHJYo+tmlL91Zrron71xpBWU0QEDHBrDQ
72av+Q0Dh8NK2z7xqOV/XqsqwsxjDqiMwpfl0eMOn7it78oeXkL0sT4tYQyFRNBq
p1C2H3mySkFkVg0VlP676uyHugvzwqR6N1473bLipm6buFTHdYeouzSL7yzNPn3q
BaOpDLWh5GiVFCnUCSAPeUK51bFQgWTxSRx65JhQAcU01nD+e/mUG+EihSn4/o88
wvM/MspmKQJ0bKaPEHbWxuZNS7gMHB/FdmGUd0rd6gbo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org