Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vMviUuLmjw2LklhsyjbbrV5lG4g.roa
File: vMviUuLmjw2LklhsyjbbrV5lG4g.roa (raw, json)
Hash identifier: X+Elgu9Da3KKgv8/LiVgPK989UQIxfQgXqF17CAwkdY=
Subject key identifier: BC:CB:E2:52:E2:E6:8F:0D:8B:92:58:6C:CA:36:DB:AD:5E:65:1B:88
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0425DEAC
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vMviUuLmjw2LklhsyjbbrV5lG4g.roa
Signing time: Thu 30 Jun 2022 07:46:02 +0000
ROA not before: Thu 30 Jun 2022 07:46:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.236.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.224.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69590700 (0x425deac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 30 07:46:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bccbe252e2e68f0d8b92586cca36dbad5e651b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f6:54:c2:d9:f9:3a:71:36:7c:60:d9:bc:da:
76:2f:96:0c:b2:5b:e9:71:99:26:03:fe:03:d4:ec:
99:e5:f6:e6:8e:5e:99:d1:91:14:64:d8:45:63:44:
7f:73:35:17:8d:ed:74:18:cb:da:54:7c:99:79:13:
6c:87:93:36:2b:37:23:31:ef:69:c4:25:58:6f:38:
da:e3:28:51:d2:7e:d9:36:68:31:a5:ef:35:c8:aa:
0d:52:b8:02:79:92:f1:ea:57:21:0e:cc:60:c0:07:
59:fc:00:c0:d5:83:37:19:6e:29:51:f4:6c:fc:0c:
bb:2d:6f:7d:10:62:29:23:9e:22:23:bb:f9:6a:d3:
8c:5b:b0:e4:55:23:18:12:bd:bf:bf:6f:9d:8f:86:
8c:e5:12:94:af:7b:88:6d:0f:40:b1:21:36:4c:53:
b1:cf:99:d6:82:93:d5:33:7e:45:e5:c8:d0:b5:f5:
24:03:6f:d1:db:99:6b:ca:cc:d1:09:d9:24:e1:9d:
3a:1e:66:31:f2:be:11:5d:73:76:e9:cd:36:68:f9:
ca:b5:ea:48:22:1a:af:93:e3:54:10:3a:c7:57:e4:
aa:96:1a:3a:f5:c7:dd:cb:92:c8:79:be:46:c2:8b:
22:f2:5c:bb:e2:44:08:76:1e:40:1f:0a:25:0d:3b:
9a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CB:E2:52:E2:E6:8F:0D:8B:92:58:6C:CA:36:DB:AD:5E:65:1B:88
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/vMviUuLmjw2LklhsyjbbrV5lG4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.192.0/21
88.209.208.0-88.209.231.255
178.210.236.0/24
Signature Algorithm: sha256WithRSAEncryption
10:dc:dd:9e:5d:a9:f6:c5:46:a8:1a:5f:7f:29:95:c5:3e:37:
64:10:8a:cd:8a:8a:91:71:3c:f7:59:89:7d:0f:f8:dc:cc:e5:
6d:a9:34:99:03:56:4e:65:4f:17:ff:49:d3:42:a8:68:f0:6e:
02:b3:60:46:b6:40:99:a6:7e:50:db:c6:ba:bc:5f:66:f9:c3:
60:a6:d3:92:e4:40:81:13:2d:82:85:59:e9:5a:cf:ff:24:28:
d8:d5:6a:a2:0e:f9:09:be:9f:6e:1a:c9:62:07:26:02:72:1d:
8b:ac:fe:e7:78:a4:b5:2d:35:f5:ff:ee:57:c9:53:af:71:e7:
d2:f6:8f:16:0b:e1:53:65:bc:28:56:e7:42:fe:0e:0e:a4:64:
5a:98:e0:b4:d6:04:ec:da:ee:eb:77:b6:25:5c:3e:d3:8a:e1:
65:37:c7:cc:07:d6:2e:ad:1c:e8:25:f2:be:7f:1b:7e:94:7d:
48:ee:60:c0:09:04:1b:18:e6:8b:58:d6:9c:22:ef:56:9c:e3:
69:b1:dd:01:65:ed:b3:4a:d9:e5:8f:b2:1c:78:bb:83:9d:97:
44:41:80:bd:1b:e0:64:f5:98:03:73:0b:ad:de:ba:b2:7c:d0:
70:da:b9:c8:71:b4:96:69:72:f1:7a:74:d4:8e:56:28:31:8c:
96:13:d6:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBCXerDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGFhYTBlMDgyMzYwMzYwYWNkYTM0NzY2NGViODMxNGViMTFkYTEwMB4XDTIyMDYz
MDA3NDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNjYmUyNTJlMmU2
OGYwZDhiOTI1ODZjY2EzNmRiYWQ1ZTY1MWI4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML2VMLZ+TpxNnxg2bzadi+WDLJb6XGZJgP+A9TsmeX25o5e
mdGRFGTYRWNEf3M1F43tdBjL2lR8mXkTbIeTNis3IzHvacQlWG842uMoUdJ+2TZo
MaXvNciqDVK4AnmS8epXIQ7MYMAHWfwAwNWDNxluKVH0bPwMuy1vfRBiKSOeIiO7
+WrTjFuw5FUjGBK9v79vnY+GjOUSlK97iG0PQLEhNkxTsc+Z1oKT1TN+ReXI0LX1
JANv0duZa8rM0QnZJOGdOh5mMfK+EV1zdunNNmj5yrXqSCIar5PjVBA6x1fkqpYa
OvXH3cuSyHm+RsKLIvJcu+JECHYeQB8KJQ07mmMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBS8y+JS4uaPDYuSWGzKNtutXmUbiDAfBgNVHSMEGDAWgBTNqqDggjYDYKza
NHZk64MU6xHaEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3phcWc0SUkyQTJDczJqUjJaT3VERk9zUjJoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNTg5MTI3LTEwOTYtNGM5MS05NmNjLTdlNGQ2ZjZmNmU2Ni8x
L3ZNdmlVdUxtancyTGtsaHN5amJiclY1bEc0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NTg5MTI3LTEwOTYtNGM5MS05NmNjLTdlNGQ2ZjZmNmU2Ni8xL3phcWc0SUkyQTJD
czJqUjJaT3VERk9zUjJoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEA1jRwDAMAwQEWNHQAwQDWNHgAwQA
stLsMA0GCSqGSIb3DQEBCwUAA4IBAQAQ3N2eXan2xUaoGl9/KZXFPjdkEIrNioqR
cTz3WYl9D/jczOVtqTSZA1ZOZU8X/0nTQqho8G4Cs2BGtkCZpn5Q28a6vF9m+cNg
ptOS5ECBEy2ChVnpWs//JCjY1WqiDvkJvp9uGsliByYCch2LrP7neKS1LTX1/+5X
yVOvcefS9o8WC+FTZbwoVudC/g4OpGRamOC01gTs2u7rd7YlXD7TiuFlN8fMB9Yu
rRzoJfK+fxt+lH1I7mDACQQbGOaLWNacIu9WnONpsd0BZe2zStnlj7IceLuDnZdE
QYC9G+Bk9ZgDcwut3rqyfNBw2rnIcbSWaXLxenTUjlYoMYyWE9ZK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org