Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uih2ahNlfeLbXxslmj9exdXMSM4.roa
File: uih2ahNlfeLbXxslmj9exdXMSM4.roa (raw, json)
Hash identifier: SM7cxwQDJd5Swg87929+9nsciN2O22yUOZDsGox9Wfs=
Subject key identifier: BA:28:76:6A:13:65:7D:E2:DB:5F:1B:25:9A:3F:5E:C5:D5:CC:48:CE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186545FD91EF1F2D7D3EEBC5A5A36ACC176
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uih2ahNlfeLbXxslmj9exdXMSM4.roa
Signing time: Wed 15 Feb 2023 09:20:12 +0000
ROA not before: Wed 15 Feb 2023 09:20:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/20 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
77.242.149.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:5f:d9:1e:f1:f2:d7:d3:ee:bc:5a:5a:36:ac:c1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 15 09:20:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba28766a13657de2db5f1b259a3f5ec5d5cc48ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:87:33:cd:66:c4:59:08:70:8e:e3:d5:ae:
3c:00:c9:75:2b:4d:8b:da:05:00:7a:41:75:7c:f5:
de:e5:1b:a9:ce:dd:0b:1f:75:9f:6e:40:50:5d:c7:
81:1e:63:1f:24:19:77:c8:3f:cd:1b:55:68:59:ce:
d8:89:b5:c5:21:fa:57:2d:2e:1f:76:bc:0b:51:c7:
a0:f1:be:ef:75:03:a6:0d:ba:47:f2:f8:bc:19:8c:
75:1a:7a:1c:7f:ae:1b:8c:00:65:87:15:90:f9:be:
3a:84:15:e6:59:5a:fa:ee:39:10:d7:de:00:81:6c:
8c:6e:76:76:f1:8f:38:23:f8:c3:ed:f9:6c:1a:99:
d7:6b:2c:3a:4f:01:f6:ca:78:cc:7d:ae:15:17:14:
b9:64:1b:a0:a4:3e:99:1d:29:f6:f3:23:ae:57:a7:
7e:56:a0:4a:25:9b:ca:56:54:db:ab:9b:e1:9c:e9:
f4:e1:f0:dc:17:71:73:cb:8e:e2:9b:25:23:2a:4d:
7c:a4:df:e8:62:c4:d9:84:db:99:9b:aa:1c:7f:43:
89:c3:2a:b0:04:00:4e:64:2b:41:23:bd:fd:04:c5:
b3:a2:03:39:67:30:ef:de:aa:32:28:d1:9b:24:f4:
a1:f1:fc:46:0e:01:b3:19:28:77:12:55:cc:2d:db:
2b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:28:76:6A:13:65:7D:E2:DB:5F:1B:25:9A:3F:5E:C5:D5:CC:48:CE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uih2ahNlfeLbXxslmj9exdXMSM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/20
88.209.192.0/21
88.209.224.0/23
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:7e:8b:07:3a:fc:44:ac:01:5a:aa:76:e2:40:a6:ec:4a:c0:
c5:62:27:91:de:bd:66:34:f0:91:e8:f2:c4:03:8c:c6:15:51:
17:e4:df:b7:79:ec:df:24:c3:7f:14:26:2a:5f:d6:e3:70:b8:
c4:6e:3e:f1:9b:c3:f3:f8:39:18:74:45:ba:bd:a4:7a:d0:52:
d6:cc:2a:92:1a:72:26:62:9c:ac:c0:77:74:6b:68:f6:3a:50:
88:99:58:ee:ef:4a:0f:9f:3d:6e:fa:0c:86:d9:af:36:30:41:
9e:b7:fa:ab:73:7a:d1:ea:7e:60:b5:d1:de:c9:38:b5:dc:96:
35:60:db:7a:bd:1a:55:27:0c:b5:3c:15:2b:31:b4:34:99:01:
18:42:3e:0c:37:46:b1:b7:e8:63:a3:71:f9:97:84:9b:57:1f:
c6:f0:50:9d:22:3d:6a:e7:53:ac:61:fe:d7:dc:8e:1b:6c:d6:
8c:01:b3:53:0a:6d:61:ef:9b:ae:4c:11:da:2b:15:d7:b1:1e:
3f:8b:fb:d7:11:36:a2:cf:f0:28:e0:c9:43:0c:ea:30:43:25:
2e:e1:23:ad:9c:13:6c:ee:7f:93:33:2f:9e:0b:e7:e6:47:c4:
31:20:59:62:b5:ea:12:b3:45:79:39:b6:63:23:ed:e8:5c:ee:
28:4c:c1:56
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYZUX9ke8fLX0+68Wlo2rMF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjE1MDkyMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTI4NzY2YTEzNjU3ZGUyZGI1ZjFiMjU5YTNmNWVjNWQ1Y2M0OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB6HM81mxFkIcI7j1a48AMl1K02L
2gUAekF1fPXe5Rupzt0LH3WfbkBQXceBHmMfJBl3yD/NG1VoWc7YibXFIfpXLS4f
drwLUceg8b7vdQOmDbpH8vi8GYx1Gnocf64bjABlhxWQ+b46hBXmWVr67jkQ194A
gWyMbnZ28Y84I/jD7flsGpnXayw6TwH2ynjMfa4VFxS5ZBugpD6ZHSn28yOuV6d+
VqBKJZvKVlTbq5vhnOn04fDcF3Fzy47imyUjKk18pN/oYsTZhNuZm6ocf0OJwyqw
BABOZCtBI739BMWzogM5ZzDv3qoyKNGbJPSh8fxGDgGzGSh3ElXMLdsrjQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLoodmoTZX3i218bJZo/XsXVzEjOMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdWloMmFoTmxmZUxiWHhzbG1qOWV4ZFhNU000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBARN8pADBANY0cADBAFY0eADBANcNNADBABcNNsD
BAKy0uADBACy0uwDBAOy+MgDBADBin0wDQYJKoZIhvcNAQELBQADggEBAGp+iwc6
/ESsAVqqduJApuxKwMViJ5HevWY08JHo8sQDjMYVURfk37d57N8kw38UJipf1uNw
uMRuPvGbw/P4ORh0Rbq9pHrQUtbMKpIaciZinKzAd3RraPY6UIiZWO7vSg+fPW76
DIbZrzYwQZ63+qtzetHqfmC10d7JOLXcljVg23q9GlUnDLU8FSsxtDSZARhCPgw3
RrG36GOjcfmXhJtXH8bwUJ0iPWrnU6xh/tfcjhts1owBs1MKbWHvm65MEdorFdex
Hj+L+9cRNqLP8CjgyUMM6jBDJS7hI62cE2zuf5MzL54L5+ZHxDEgWWK16hKzRXk5
tmMj7ehc7ihMwVY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org