Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uqp9_bXBJQ-F_dQCsUJh6tyO71M.roa
File: uqp9_bXBJQ-F_dQCsUJh6tyO71M.roa (raw, json)
Hash identifier: rgZhzzPstk4BaSJ0Wx2Xh54QdXl9FJKvZB5p1PsPFMU=
Subject key identifier: BA:AA:7D:FD:B5:C1:25:0F:85:FD:D4:02:B1:42:61:EA:DC:8E:EF:53
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018AB2F1FCD092C40E4FA55367F4ABF5773D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uqp9_bXBJQ-F_dQCsUJh6tyO71M.roa
Signing time: Wed 20 Sep 2023 14:15:17 +0000
ROA not before: Wed 20 Sep 2023 14:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.228.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.63.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:f1:fc:d0:92:c4:0e:4f:a5:53:67:f4:ab:f5:77:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 20 14:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baaa7dfdb5c1250f85fdd402b14261eadc8eef53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:33:91:75:38:8c:5b:0d:c4:dd:88:b4:b6:e8:
57:10:27:99:05:06:72:c5:b2:ae:5e:32:72:c5:fa:
46:12:b5:5b:8b:88:5a:00:77:ec:4e:5e:f3:e2:f8:
39:ab:05:7d:5d:94:de:3a:ee:5e:cb:66:c8:4d:16:
17:e1:a0:d3:9b:5a:c3:97:b7:a1:f2:7b:da:a8:63:
5d:f5:2b:da:2e:20:ba:e7:25:76:95:89:cc:04:60:
3f:20:1b:f7:08:7b:1d:c4:cd:cc:18:35:5c:cf:a0:
df:22:69:6b:cf:23:a5:63:03:b9:91:dd:13:79:aa:
12:05:40:ed:e9:42:5f:a5:9e:28:a2:29:a6:68:de:
21:e8:a1:a5:07:c2:cb:1e:29:59:9d:da:8e:1e:ea:
53:6d:0b:03:5f:9c:78:bf:b0:8f:b1:8a:7f:a5:63:
9b:03:30:a9:78:58:17:75:fa:65:40:e6:e2:3d:6d:
ab:72:9f:09:16:b3:9a:25:fe:f3:71:2e:db:b6:cf:
f0:f3:e3:46:ae:e7:d0:5f:a9:ff:f3:7b:b7:14:04:
e8:b2:87:55:a2:25:10:58:36:92:7f:dc:cb:cd:8d:
3b:0a:a8:b2:82:de:a3:ee:a9:e6:89:8f:23:ff:a8:
7c:ab:f0:dd:e6:8f:87:0f:56:ad:ac:26:77:0a:a9:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AA:7D:FD:B5:C1:25:0F:85:FD:D4:02:B1:42:61:EA:DC:8E:EF:53
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uqp9_bXBJQ-F_dQCsUJh6tyO71M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.169.0/24
77.242.150.0/24
77.242.158.0/24
88.151.56.0/23
88.151.63.0/24
88.209.211.0/24
88.209.217.0/24
178.210.228.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a5:ae:9c:eb:8e:a3:d3:3c:99:05:1a:07:04:c0:d3:19:61:
de:c7:5f:c1:58:44:a3:b9:5d:57:e8:a5:cb:94:6c:4f:54:f2:
d0:bb:b8:30:ba:e7:30:7d:22:c7:b9:94:b8:da:3f:1a:cc:ce:
86:e1:c2:18:6f:a0:8c:53:53:ac:d8:25:bd:ec:5c:e0:b9:67:
87:cf:ea:2f:ab:05:02:04:f4:a2:fc:a7:9f:29:0f:29:47:07:
22:f0:db:21:6e:29:1a:0b:bc:55:19:4e:25:f5:13:4c:e4:04:
4a:42:04:c3:a1:2d:c3:a0:39:bf:1b:cb:a0:97:bb:e4:9a:1f:
37:76:20:79:d2:42:ab:3a:4c:bb:31:60:3a:dd:19:dc:0b:6b:
12:2c:8f:d7:58:e7:d5:c3:37:67:4d:e8:c6:9b:3a:f7:cb:b5:
74:c4:f0:f3:d6:4a:fd:3c:df:4d:93:d0:26:32:98:5e:5f:bf:
cd:14:a0:b2:33:c6:00:39:2c:e9:8a:56:22:f5:1c:78:1f:6e:
8b:8a:50:c2:ee:71:f8:fc:b0:0b:2d:05:7f:9b:c0:70:a4:84:
0e:88:8e:80:8e:a6:f4:c3:47:03:0c:63:ad:ae:c6:7c:04:8f:
f7:8b:1c:5d:66:3f:79:f6:1b:8a:fb:b0:d7:22:85:33:a4:23:
e7:9c:43:ea
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYqy8fzQksQOT6VTZ/Sr9Xc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwOTIwMTQxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFhN2RmZGI1YzEyNTBmODVmZGQ0MDJiMTQyNjFlYWRjOGVlZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzORdTiMWw3E3Yi0tuhXECeZBQZy
xbKuXjJyxfpGErVbi4haAHfsTl7z4vg5qwV9XZTeOu5ey2bITRYX4aDTm1rDl7eh
8nvaqGNd9SvaLiC65yV2lYnMBGA/IBv3CHsdxM3MGDVcz6DfImlrzyOlYwO5kd0T
eaoSBUDt6UJfpZ4ooimmaN4h6KGlB8LLHilZndqOHupTbQsDX5x4v7CPsYp/pWOb
AzCpeFgXdfplQObiPW2rcp8JFrOaJf7zcS7bts/w8+NGrufQX6n/83u3FATosodV
oiUQWDaSf9zLzY07Cqiygt6j7qnmiY8j/6h8q/Dd5o+HD1atrCZ3CqnTkQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLqqff21wSUPhf3UArFCYercju9TMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdXFwOV9iWEJKUS1GX2RRQ3NVSmg2dHlPNzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjqpAwQA
TfKWAwQATfKeAwQBWJc4AwQAWJc/AwQAWNHTAwQAWNHZAwQAstLkAwQAstL6MA0G
CSqGSIb3DQEBCwUAA4IBAQB6pa6c646j0zyZBRoHBMDTGWHex1/BWESjuV1X6KXL
lGxPVPLQu7gwuucwfSLHuZS42j8azM6G4cIYb6CMU1Os2CW97FzguWeHz+ovqwUC
BPSi/KefKQ8pRwci8NshbikaC7xVGU4l9RNM5ARKQgTDoS3DoDm/G8ugl7vkmh83
diB50kKrOky7MWA63RncC2sSLI/XWOfVwzdnTejGmzr3y7V0xPDz1kr9PN9Nk9Am
MpheX7/NFKCyM8YAOSzpilYi9Rx4H26LilDC7nH4/LALLQV/m8BwpIQOiI6Ajqb0
w0cDDGOtrsZ8BI/3ixxdZj959huK+7DXIoUzpCPnnEPq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org