Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xHwG4RCxss7uz-ExCCtXpIe08Ng.roa
File: xHwG4RCxss7uz-ExCCtXpIe08Ng.roa (raw, json)
Hash identifier: McO2StKs10eP1v2jVnpvzfqkpyaifirfCh+dig54CLs=
Subject key identifier: C4:7C:06:E1:10:B1:B2:CE:EE:CF:E1:31:08:2B:57:A4:87:B4:F0:D8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0184C3D18D11FC8E8896E0777B1FDEDB2BAA
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xHwG4RCxss7uz-ExCCtXpIe08Ng.roa
Signing time: Tue 29 Nov 2022 14:36:41 +0000
ROA not before: Tue 29 Nov 2022 14:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 88.209.227.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
5.182.114.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:d1:8d:11:fc:8e:88:96:e0:77:7b:1f:de:db:2b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 29 14:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c47c06e110b1b2ceeecfe131082b57a487b4f0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a0:07:49:1a:29:d4:d1:49:ca:b2:01:86:5a:
fd:e7:4b:65:d0:e0:14:f2:a9:2c:3b:2c:a6:e2:cf:
77:65:18:69:99:db:2a:9e:e8:ec:29:50:5f:f9:3e:
80:35:84:7c:ee:6c:4a:91:1e:5c:8b:13:d8:6a:8d:
36:43:31:59:9c:40:c7:e2:dd:30:27:49:14:6e:f3:
49:7e:47:ef:9f:b2:21:5a:77:33:e4:80:90:bf:c9:
21:9c:2b:31:fb:9c:51:cb:13:e9:1f:50:3d:6c:c4:
69:09:1c:42:14:bb:b4:16:38:ae:76:09:2d:57:cd:
6c:25:44:95:b8:e9:3a:c8:9b:f4:84:7d:21:79:50:
44:66:91:e2:47:41:e2:e0:f2:ab:a7:a2:55:20:4f:
e9:dd:96:16:9c:07:67:e2:ed:58:2b:de:71:49:ed:
7b:97:3a:c6:9f:8f:a1:fa:58:86:be:a7:e8:9a:93:
76:04:29:62:0e:22:68:65:6f:ef:64:5b:cd:87:b9:
73:25:75:80:0c:8f:10:15:aa:3a:7c:e1:0e:f3:30:
98:4c:09:73:89:94:63:99:4f:b7:c6:25:e6:1f:fe:
5e:f6:f5:97:20:ae:21:05:e4:b4:84:b2:7e:fb:59:
b8:8c:f2:73:60:a5:a5:3b:d4:2a:2e:37:d3:ce:0b:
19:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7C:06:E1:10:B1:B2:CE:EE:CF:E1:31:08:2B:57:A4:87:B4:F0:D8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xHwG4RCxss7uz-ExCCtXpIe08Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
88.151.63.0/24
88.209.227.0/24
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:84:69:23:5d:58:21:49:fb:f3:dc:6f:85:ea:8f:9a:36:c2:
30:76:13:91:e6:71:e8:1a:8e:43:eb:4d:6b:6d:12:ce:73:2c:
88:1b:c2:f0:0d:04:d0:eb:7c:e6:4b:68:93:06:5d:9d:c8:99:
21:2f:b6:f6:1e:5a:21:5d:58:b5:85:e7:9c:7d:d9:44:d3:0d:
f6:9c:a4:8b:a5:47:f6:7b:c3:5c:2a:63:75:d0:5b:88:60:0d:
ee:2e:47:a9:76:fa:8d:0c:d4:d8:70:81:ac:6e:c9:3b:9d:39:
88:94:56:e6:ba:19:47:cb:dd:0c:8b:c2:f8:e2:63:c3:12:6a:
9a:b7:20:3b:60:9a:83:b2:1c:b7:94:e9:ff:bc:f9:c7:64:ca:
eb:2e:40:be:1a:97:48:6d:37:a2:83:8c:df:28:0c:c5:23:46:
03:4a:43:20:48:a4:53:11:e6:a8:b2:54:60:76:0a:cc:9e:55:
8b:50:50:15:f1:b5:d7:c7:11:f0:14:25:19:e8:94:2f:08:77:
64:0b:39:bc:c4:ff:c2:ff:b4:90:38:8f:c0:5f:d5:8d:d1:e4:
d0:c9:b0:f0:ee:1e:79:e4:6d:d9:9d:a0:d0:13:0f:fb:5d:ec:
8d:31:83:96:e9:25:37:d0:40:51:7a:ea:b3:09:8b:25:54:4d:
46:6c:45:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTD0Y0R/I6IluB3ex/e2yuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMTI5MTQzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdjMDZlMTEwYjFiMmNlZWVjZmUxMzEwODJiNTdhNDg3YjRmMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqAHSRop1NFJyrIBhlr950tl0OAU
8qksOyym4s93ZRhpmdsqnujsKVBf+T6ANYR87mxKkR5cixPYao02QzFZnEDH4t0w
J0kUbvNJfkfvn7IhWncz5ICQv8khnCsx+5xRyxPpH1A9bMRpCRxCFLu0Fjiudgkt
V81sJUSVuOk6yJv0hH0heVBEZpHiR0Hi4PKrp6JVIE/p3ZYWnAdn4u1YK95xSe17
lzrGn4+h+liGvqfompN2BCliDiJoZW/vZFvNh7lzJXWADI8QFao6fOEO8zCYTAlz
iZRjmU+3xiXmH/5e9vWXIK4hBeS0hLJ++1m4jPJzYKWlO9QqLjfTzgsZvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMR8BuEQsbLO7s/hMQgrV6SHtPDYMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveEh3RzRSQ3hzczd1ei1FeENDdFhwSWUwOE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbZyAwQA
WJc/AwQAWNHjAwQAstL6MA0GCSqGSIb3DQEBCwUAA4IBAQCphGkjXVghSfvz3G+F
6o+aNsIwdhOR5nHoGo5D601rbRLOcyyIG8LwDQTQ63zmS2iTBl2dyJkhL7b2Hloh
XVi1heecfdlE0w32nKSLpUf2e8NcKmN10FuIYA3uLkepdvqNDNTYcIGsbsk7nTmI
lFbmuhlHy90Mi8L44mPDEmqatyA7YJqDshy3lOn/vPnHZMrrLkC+GpdIbTeig4zf
KAzFI0YDSkMgSKRTEeaoslRgdgrMnlWLUFAV8bXXxxHwFCUZ6JQvCHdkCzm8xP/C
/7SQOI/AX9WN0eTQybDw7h555G3ZnaDQEw/7XeyNMYOW6SU30EBReuqzCYslVE1G
bEWJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org