Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWD-TnatHT4Ebut7bP8FG7r_FXs.roa
File: zWD-TnatHT4Ebut7bP8FG7r_FXs.roa (raw, json)
Hash identifier: 1TI3SKfLLr8hW8LPTdzOgXvOXmo/8DYNRFiWOa5pQ8U=
Subject key identifier: CD:60:FE:4E:76:AD:1D:3E:04:6E:EB:7B:6C:FF:05:1B:BA:FF:15:7B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0189D3F3D36D8BEDEE5CA23FE34594C56A7C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWD-TnatHT4Ebut7bP8FG7r_FXs.roa
Signing time: Tue 08 Aug 2023 07:01:59 +0000
ROA not before: Tue 08 Aug 2023 07:01:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 178.210.250.0/24 maxlen: 24
77.242.150.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
2.58.168.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d3:f3:d3:6d:8b:ed:ee:5c:a2:3f:e3:45:94:c5:6a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 8 07:01:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd60fe4e76ad1d3e046eeb7b6cff051bbaff157b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:db:86:45:17:00:68:c1:de:0d:50:6a:ec:
73:44:be:29:ff:5c:85:6f:a1:5c:16:9e:5b:df:70:
a4:f6:b8:b6:08:26:96:c4:dd:13:3a:09:bc:63:9b:
8e:87:3e:27:67:50:91:25:9b:62:df:e3:cf:3a:a9:
c7:8a:a1:ff:4d:66:bc:06:7a:9e:24:dd:08:f1:b7:
3a:d5:e2:31:21:42:95:90:a1:82:12:93:b2:a2:d9:
f4:c4:c0:c6:d3:22:0a:69:43:1f:11:95:86:15:88:
47:39:35:e9:ba:a7:1a:b9:91:6e:b0:29:24:50:c7:
f3:56:c3:c8:9b:2f:d2:ff:c8:d0:53:21:e4:b7:2b:
50:1f:02:c7:6b:20:9a:09:ad:b5:46:fc:52:67:47:
36:4a:91:d6:04:14:43:96:0c:35:ad:2b:16:e9:98:
dc:3c:71:4f:61:fb:3e:a6:81:dc:a7:5f:ba:85:bd:
0d:35:98:11:dc:0d:93:c6:c3:69:5d:e4:d5:a6:df:
74:01:b7:a4:11:e5:84:78:36:43:08:cc:a2:01:57:
34:1f:2a:f9:44:19:65:17:9b:0b:51:09:0f:8a:b8:
a3:7e:55:60:ff:d8:5c:a0:59:38:ef:bd:cf:43:ee:
e9:20:d3:62:b0:ee:b2:7f:fa:f5:cb:26:03:25:9a:
aa:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:60:FE:4E:76:AD:1D:3E:04:6E:EB:7B:6C:FF:05:1B:BA:FF:15:7B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zWD-TnatHT4Ebut7bP8FG7r_FXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0/24
2.58.170.0/24
77.242.150.0/24
77.242.156.0/24
77.242.159.0/24
88.151.56.0-88.151.58.255
88.209.195.0/24
88.209.211.0/24
88.209.216.0/23
178.210.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:cb:73:cc:03:8a:52:fd:71:2c:2c:4d:2a:7b:3f:ba:7c:3c:
d2:a3:90:b0:60:b9:ef:56:82:c3:05:69:25:b3:63:1f:20:a0:
b1:56:66:c5:98:cd:61:5d:8f:0a:c3:2c:67:45:e1:23:a4:49:
08:12:d5:22:ed:39:49:f3:c9:f0:a2:89:2f:6c:3d:26:74:fd:
72:2a:a7:a2:94:86:27:5f:20:bc:ba:9b:12:ab:de:5d:8a:55:
f7:3a:c4:56:57:fd:a4:95:78:32:dd:8d:a1:b7:c0:60:c1:f0:
e6:13:73:a6:52:55:f9:b2:ad:6b:c4:4d:ac:50:cb:32:34:0f:
06:bf:a7:ba:b8:9a:89:23:f9:c4:65:0c:18:aa:f9:c4:2e:87:
79:65:7b:da:df:e0:39:ef:7d:ea:1c:48:98:56:b4:32:81:1a:
e8:5f:19:b8:af:ea:36:53:ba:d3:8e:64:2f:b1:33:f0:fe:d6:
aa:21:4b:48:f6:53:66:57:af:d9:ba:e7:e5:fd:61:f6:33:b5:
b1:73:b2:bc:4a:6e:4d:07:8f:48:03:0f:3c:77:64:90:3a:59:
52:24:69:79:39:22:87:1a:c7:40:1b:78:d9:4a:11:48:af:11:
0f:fd:af:16:98:1c:79:09:71:23:a1:58:77:d0:92:d3:31:4f:
5c:54:80:3c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYnT89Nti+3uXKI/40WUxWp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwODA4MDcwMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDYwZmU0ZTc2YWQxZDNlMDQ2ZWViN2I2Y2ZmMDUxYmJhZmYxNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIHbhkUXAGjB3g1QauxzRL4p/1yF
b6FcFp5b33Ck9ri2CCaWxN0TOgm8Y5uOhz4nZ1CRJZti3+PPOqnHiqH/TWa8Bnqe
JN0I8bc61eIxIUKVkKGCEpOyotn0xMDG0yIKaUMfEZWGFYhHOTXpuqcauZFusCkk
UMfzVsPImy/S/8jQUyHktytQHwLHayCaCa21RvxSZ0c2SpHWBBRDlgw1rSsW6Zjc
PHFPYfs+poHcp1+6hb0NNZgR3A2TxsNpXeTVpt90AbekEeWEeDZDCMyiAVc0Hyr5
RBllF5sLUQkPirijflVg/9hcoFk4773PQ+7pINNisO6yf/r1yyYDJZqq5QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFM1g/k52rR0+BG7re2z/BRu6/xV7MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveldELVRuYXRIVDRFYnV0N2JQOEZHN3JfRlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAjqoAwQA
AjqqAwQATfKWAwQATfKcAwQATfKfMAwDBANYlzgDBABYlzoDBABY0cMDBABY0dMD
BAFY0dgDBACy0vowDQYJKoZIhvcNAQELBQADggEBAE7Lc8wDilL9cSwsTSp7P7p8
PNKjkLBgue9WgsMFaSWzYx8goLFWZsWYzWFdjwrDLGdF4SOkSQgS1SLtOUnzyfCi
iS9sPSZ0/XIqp6KUhidfILy6mxKr3l2KVfc6xFZX/aSVeDLdjaG3wGDB8OYTc6ZS
VfmyrWvETaxQyzI0Dwa/p7q4mokj+cRlDBiq+cQuh3lle9rf4DnvfeocSJhWtDKB
GuhfGbiv6jZTutOOZC+xM/D+1qohS0j2U2ZXr9m65+X9YfYztbFzsrxKbk0Hj0gD
Dzx3ZJA6WVIkaXk5Iocax0AbeNlKEUivEQ/9rxaYHHkJcSOhWHfQktMxT1xUgDw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:57 2024 by rpki-client on console-ams.rpki-client.org