Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zOLIm9ee3Gb94O74cRkPMDMrtFI.roa
File: zOLIm9ee3Gb94O74cRkPMDMrtFI.roa (raw, json)
Hash identifier: AY5UCqS0e8Nhly3jvfCPtoG7BUgLw2HRUDppX8AV/Bw=
Subject key identifier: CC:E2:C8:9B:D7:9E:DC:66:FD:E0:EE:F8:71:19:0F:30:33:2B:B4:52
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186546F6885688DC8B56FDA66EA7B2C2EE6
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zOLIm9ee3Gb94O74cRkPMDMrtFI.roa
Signing time: Wed 15 Feb 2023 09:37:12 +0000
ROA not before: Wed 15 Feb 2023 09:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.192.0/21 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.145.0/24 maxlen: 24
77.242.144.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
77.242.149.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.147.0/24 maxlen: 24
77.242.146.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:6f:68:85:68:8d:c8:b5:6f:da:66:ea:7b:2c:2e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 15 09:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cce2c89bd79edc66fde0eef871190f30332bb452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:c0:d4:a5:2a:5d:a4:7f:58:6a:1c:b6:e7:
44:4f:fa:9c:b4:bb:0e:c3:e7:fc:00:64:98:f3:8d:
a8:b2:35:f8:41:a4:c4:8a:e2:d0:00:38:1a:9d:43:
14:3c:98:88:e7:15:67:c2:46:38:eb:9c:8d:99:ab:
16:c4:b6:ce:7a:c3:26:f4:bb:d5:7c:bf:0b:e1:85:
fb:36:99:28:ab:cd:8b:09:f9:33:ae:01:8a:77:c7:
c5:61:b2:34:a9:7b:bc:13:35:76:ce:ca:6b:54:89:
e0:25:7a:c1:6e:29:0f:d1:f1:53:34:14:91:5b:31:
1d:84:95:28:a2:28:10:2d:6b:9f:51:1e:ed:b5:54:
5f:b6:ed:a4:19:4b:da:85:d5:d4:0a:a5:37:56:bf:
aa:f7:40:b7:10:44:f1:37:46:bb:ef:6a:f3:ba:f3:
80:76:4a:7b:3d:30:7e:99:3e:d2:c6:28:63:d0:a6:
03:84:bd:ae:5b:ce:81:28:e9:79:15:8b:f1:da:c5:
1c:01:83:69:8b:41:a6:be:13:89:ce:b8:a0:04:3f:
a9:11:72:91:29:0f:65:ef:6b:eb:ed:c7:75:dd:3e:
09:e0:4c:d3:ea:bb:85:7c:da:31:93:32:05:4d:03:
b8:18:20:f5:bb:a5:19:8a:28:6b:c3:3a:0c:95:67:
fe:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E2:C8:9B:D7:9E:DC:66:FD:E0:EE:F8:71:19:0F:30:33:2B:B4:52
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zOLIm9ee3Gb94O74cRkPMDMrtFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/21
77.242.156.0/22
88.209.192.0/21
88.209.224.0/23
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:bc:ba:c8:3a:da:30:2e:eb:05:06:da:ed:f7:61:d7:74:cc:
7e:b4:af:93:85:4e:20:69:f3:fa:e3:72:39:e7:3d:8d:a7:6c:
0d:63:ab:cd:e3:c1:db:af:c9:7b:d1:6d:7f:f3:9c:bc:0d:c6:
62:14:4a:f8:f8:22:ef:d8:fe:3f:ed:a2:2d:e3:52:04:e7:59:
7f:23:78:01:8f:43:21:94:bc:0a:e1:9f:0f:ed:b4:83:a9:eb:
3e:04:16:e7:a0:5f:6a:d1:70:e4:d6:19:2c:66:9c:1b:af:d3:
89:0d:a7:c0:95:fd:26:93:8d:af:08:b3:71:54:fa:cd:0e:e3:
da:12:ea:d1:46:f7:6f:81:be:eb:34:75:e1:bb:84:e0:76:07:
a7:58:ac:a4:b4:1d:a3:9d:b9:8e:a7:7d:1a:c8:28:5f:6c:d1:
f4:f1:60:a8:39:d2:1f:8c:7f:5b:99:63:8e:6c:10:7b:fe:21:
03:c2:0f:1d:7d:ff:12:b6:f6:a3:d2:ed:96:ca:54:c7:28:f4:
c8:68:2d:a2:99:84:d1:2a:2f:13:db:cf:de:98:fc:c6:b6:50:
ac:ab:82:27:c6:e7:6e:1e:20:a8:98:6a:66:7d:87:38:79:86:
6e:03:a8:76:8d:f5:16:c2:f8:07:e4:a9:32:53:68:e9:3c:30:
91:61:50:b1
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYZUb2iFaI3ItW/aZup7LC7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjE1MDkzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2UyYzg5YmQ3OWVkYzY2ZmRlMGVlZjg3MTE5MGYzMDMzMmJiNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql7A1KUqXaR/WGoctudET/qctLsO
w+f8AGSY842osjX4QaTEiuLQADganUMUPJiI5xVnwkY465yNmasWxLbOesMm9LvV
fL8L4YX7Npkoq82LCfkzrgGKd8fFYbI0qXu8EzV2zsprVIngJXrBbikP0fFTNBSR
WzEdhJUooigQLWufUR7ttVRftu2kGUvahdXUCqU3Vr+q90C3EETxN0a772rzuvOA
dkp7PTB+mT7Sxihj0KYDhL2uW86BKOl5FYvx2sUcAYNpi0GmvhOJzrigBD+pEXKR
KQ9l72vr7cd13T4J4EzT6ruFfNoxkzIFTQO4GCD1u6UZiihrwzoMlWf+BwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMziyJvXntxm/eDu+HEZDzAzK7RSMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvek9MSW05ZWUzR2I5NE83NGNSa1BNRE1ydEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBANN8pADBAJN8pwDBANY0cADBAFY0eADBANcNNAD
BABcNNsDBAKy0uADBACy0uwDBAOy+MgDBADBin0wDQYJKoZIhvcNAQELBQADggEB
AL+8usg62jAu6wUG2u33Ydd0zH60r5OFTiBp8/rjcjnnPY2nbA1jq83jwduvyXvR
bX/znLwNxmIUSvj4Iu/Y/j/toi3jUgTnWX8jeAGPQyGUvArhnw/ttIOp6z4EFueg
X2rRcOTWGSxmnBuv04kNp8CV/SaTja8Is3FU+s0O49oS6tFG92+Bvus0deG7hOB2
B6dYrKS0HaOduY6nfRrIKF9s0fTxYKg50h+Mf1uZY45sEHv+IQPCDx19/xK29qPS
7ZbKVMco9MhoLaKZhNEqLxPbz96Y/Ma2UKyrgifG524eIKiYamZ9hzh5hm4DqHaN
9RbC+AfkqTJTaOk8MJFhULE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:01 2025 by rpki-client