Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/yvsRvLdY0H1jLUkkYYUxHQ65S88.roa
File: yvsRvLdY0H1jLUkkYYUxHQ65S88.roa (raw, json)
Hash identifier: 9qEqLpReOTpcW9shGzMxXRAeS9gYpncXZOovxCMp4gI=
Subject key identifier: CA:FB:11:BC:B7:58:D0:7D:63:2D:49:24:61:85:31:1D:0E:B9:4B:CF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E525BB3D9755F7117CF0F6902938B9660
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/yvsRvLdY0H1jLUkkYYUxHQ65S88.roa
Signing time: Mon 18 Mar 2024 16:18:45 +0000
ROA not before: Mon 18 Mar 2024 16:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:5b:b3:d9:75:5f:71:17:cf:0f:69:02:93:8b:96:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 18 16:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cafb11bcb758d07d632d49246185311d0eb94bcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:82:e0:8c:71:a8:a9:f9:12:0e:bb:b5:3e:
6d:7c:0c:65:e3:ab:b3:41:90:24:95:19:78:7c:45:
48:8f:44:41:d9:12:07:d5:ef:1d:f0:aa:aa:b9:6e:
b8:01:c2:65:27:5c:fc:b5:93:6a:ed:6c:0f:d2:be:
e0:ed:2a:d9:b1:67:25:05:86:17:9c:35:7f:f2:ed:
68:2b:5d:f8:53:13:9c:4c:fb:c5:8d:d6:cd:85:bd:
75:f2:d8:2d:87:e3:48:bf:9b:c3:51:f4:98:17:5a:
2e:6d:2a:4e:06:1c:47:17:8a:66:a8:28:83:e7:93:
42:b0:02:9d:c7:9d:4b:0d:05:31:2e:79:c4:32:c1:
68:b5:54:bd:47:cd:92:c4:89:92:08:0e:08:42:38:
c7:36:73:2e:5e:96:e8:cc:c9:b8:45:28:31:ca:47:
0a:b1:05:6f:95:eb:2e:c7:ee:f6:52:d1:46:df:ce:
b7:f8:12:f4:9e:86:da:5e:4f:e5:f2:42:ed:de:b6:
fa:54:5f:51:4d:8e:99:14:32:81:b4:c8:95:6b:4c:
f6:24:94:d9:85:27:d1:d0:58:ea:24:a7:5c:93:f9:
a5:35:cd:86:31:9c:21:93:e3:c1:45:14:81:b7:97:
be:b3:06:17:15:40:51:e3:95:a2:2b:3b:ef:c4:54:
40:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FB:11:BC:B7:58:D0:7D:63:2D:49:24:61:85:31:1D:0E:B9:4B:CF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/yvsRvLdY0H1jLUkkYYUxHQ65S88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
83.137.153.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
178.210.224.0/19
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
2f:dd:10:47:23:8c:fd:bc:e7:29:cd:27:db:28:4f:47:e3:07:
bf:b8:ae:52:8f:2c:8b:ab:2d:db:a8:f6:e3:2b:e7:6f:38:c6:
64:c9:6b:7d:f2:a7:f4:ac:d5:7d:75:53:42:af:25:e3:62:30:
6c:cf:3c:17:06:04:f8:5b:0c:0d:27:24:67:c5:68:dc:29:b8:
8e:f9:16:0b:12:49:b8:d8:29:72:48:f4:16:9b:be:4e:7b:b1:
d4:15:a2:03:5d:75:5a:81:82:d7:8d:49:56:28:c9:5b:2f:85:
50:eb:fd:44:27:e1:9a:dd:89:42:24:dc:11:0b:b9:59:c8:2e:
dc:80:15:09:df:8c:ca:b9:f4:cb:57:3b:38:83:92:a7:b6:53:
cd:9e:a6:7b:bc:49:4c:a4:2e:0c:06:ae:8e:54:bb:56:69:d9:
b9:e9:b5:e4:f3:99:f9:39:0e:f3:62:82:19:81:79:87:88:58:
c9:b0:3d:a9:c2:0a:ff:e9:ac:6f:a3:97:75:9e:fc:e9:83:50:
87:ef:ee:17:d3:7d:ae:45:48:f6:be:07:12:a6:2e:2d:1a:7d:
bb:58:8c:1a:36:7f:0c:19:13:cc:a7:e0:64:d1:cf:02:22:fe:
1b:b1:eb:99:e7:51:c5:fd:85:74:8f:43:57:ab:51:8e:eb:d0:
f1:cb:db:43
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY5SW7PZdV9xF88PaQKTi5ZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzE4MTYxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZiMTFiY2I3NThkMDdkNjMyZDQ5MjQ2MTg1MzExZDBlYjk0YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBuC4IxxqKn5Eg67tT5tfAxl46uz
QZAklRl4fEVIj0RB2RIH1e8d8KqquW64AcJlJ1z8tZNq7WwP0r7g7SrZsWclBYYX
nDV/8u1oK134UxOcTPvFjdbNhb118tgth+NIv5vDUfSYF1oubSpOBhxHF4pmqCiD
55NCsAKdx51LDQUxLnnEMsFotVS9R82SxImSCA4IQjjHNnMuXpbozMm4RSgxykcK
sQVvlesux+72UtFG3863+BL0nobaXk/l8kLt3rb6VF9RTY6ZFDKBtMiVa0z2JJTZ
hSfR0FjqJKdck/mlNc2GMZwhk+PBRRSBt5e+swYXFUBR45WiKzvvxFRALQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFMr7Eby3WNB9Yy1JJGGFMR0OuUvPMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveXZzUnZMZFkwSDFqTFVra1lZVXhIUTY1Uzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFOJmQME
AFjRwQMEAFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEBbLS4AMEA7L4yAME
AMGKfTANBAIAAjAHAwUDKgAfQDANBgkqhkiG9w0BAQsFAAOCAQEAL90QRyOM/bzn
Kc0n2yhPR+MHv7iuUo8si6st26j24yvnbzjGZMlrffKn9KzVfXVTQq8l42IwbM88
FwYE+FsMDSckZ8Vo3Cm4jvkWCxJJuNgpckj0Fpu+Tnux1BWiA111WoGC141JVijJ
Wy+FUOv9RCfhmt2JQiTcEQu5Wcgu3IAVCd+Myrn0y1c7OIOSp7ZTzZ6me7xJTKQu
DAaujlS7VmnZuem15POZ+TkO82KCGYF5h4hYybA9qcIK/+msb6OXdZ786YNQh+/u
F9N9rkVI9r4HEqYuLRp9u1iMGjZ/DBkTzKfgZNHPAiL+G7HrmedRxf2FdI9DV6tR
juvQ8cvbQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org