Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zlRYVFTTkTUoCJJcjuRQXess4xU.roa
File: zlRYVFTTkTUoCJJcjuRQXess4xU.roa (raw, json)
Hash identifier: 0wzVc/Pm8GoJedovb0htmG8aOiERgxMWVt47OHszOQE=
Subject key identifier: CE:54:58:54:54:D3:91:35:28:08:92:5C:8E:E4:50:5D:EB:2C:E3:15
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018866AE15D708781BAE42E665C7543954BA
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zlRYVFTTkTUoCJJcjuRQXess4xU.roa
Signing time: Mon 29 May 2023 08:44:24 +0000
ROA not before: Mon 29 May 2023 08:44:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
178.210.231.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:ae:15:d7:08:78:1b:ae:42:e6:65:c7:54:39:54:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 29 08:44:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce54585454d391352808925c8ee4505deb2ce315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:23:b8:31:90:67:39:5e:f8:1f:e8:2b:08:ef:
ed:11:8a:50:14:50:21:59:1e:91:be:75:a5:08:98:
ce:d9:0c:21:18:63:6a:4e:f5:d3:d3:5b:e0:54:58:
7a:eb:97:84:34:9b:eb:a7:7b:25:e6:4b:68:4e:fd:
5d:02:e6:b8:6b:95:30:39:fe:e0:43:db:f3:a6:0b:
5b:b7:cf:78:e9:1b:7a:8f:bf:d2:5d:50:4e:92:4e:
53:eb:d5:98:03:e7:53:c4:cf:2e:0a:bc:34:35:62:
75:f5:b7:86:90:50:d8:8a:df:99:28:a4:bc:a9:ef:
44:02:7f:32:ef:89:48:67:a9:0f:3a:e9:10:39:d5:
6f:43:50:a3:19:6c:af:ed:c9:d9:5f:fc:13:6b:fa:
c8:31:13:4c:f8:ce:e2:e6:3f:ce:a0:c6:1f:df:ee:
60:9d:c3:64:90:55:3b:a7:d1:ca:5b:87:d0:64:88:
17:11:c0:c7:00:bb:43:31:02:8a:33:72:91:1b:77:
28:b4:a2:e5:bc:2d:7d:88:98:c2:7a:bc:04:43:ad:
18:5a:c5:42:40:c5:f5:7e:09:91:8b:1b:db:07:36:
4f:e3:ab:38:37:7e:25:ea:18:f4:8d:da:b6:f8:64:
1a:32:fa:09:37:7f:1e:52:a4:8b:a3:09:ad:7a:60:
fa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:54:58:54:54:D3:91:35:28:08:92:5C:8E:E4:50:5D:EB:2C:E3:15
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zlRYVFTTkTUoCJJcjuRQXess4xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
77.242.157.0-77.242.158.255
83.137.153.0/24
83.137.156.0/22
88.151.62.0/24
88.209.206.0/24
88.209.217.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
178.210.228.0/24
178.210.230.0-178.210.235.255
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
98:cd:bf:96:19:81:5d:28:76:c1:d9:9a:1a:fc:61:65:9b:1d:
58:5d:11:38:c5:ad:89:1e:6a:84:ee:e0:5f:d4:5a:4b:c1:fc:
6c:2a:7a:6d:ec:65:16:0f:dd:71:3f:77:59:7a:87:5c:47:1d:
75:4f:b0:22:4d:7a:9c:11:42:83:20:4a:47:15:d4:a0:69:9c:
0b:40:3d:ed:1c:ee:c1:23:39:74:91:73:d7:ba:21:be:fe:9f:
17:5a:48:b1:5e:3f:f6:07:31:f9:83:fb:f9:d8:1b:74:bb:a0:
8c:f7:c4:61:57:25:9e:25:2e:f0:4f:3f:d2:0a:a7:3a:f4:04:
27:66:c0:22:a2:b6:92:67:f7:52:d7:6d:82:7a:90:bd:d8:cd:
a1:bf:d1:f1:f7:ed:7f:16:76:45:13:29:df:fe:55:34:f9:7a:
88:2b:dd:c7:95:fd:87:8e:28:77:72:8e:16:16:fb:b9:14:6a:
28:63:5e:b7:09:55:65:2a:05:79:5d:59:8f:25:58:c2:29:58:
ca:5f:f1:2f:f7:16:25:a7:d1:ea:84:72:58:7f:b1:d0:b0:49:
04:84:f4:3e:b4:2b:ae:ea:82:58:b7:46:c6:21:c3:be:9e:64:
06:a1:fa:3c:33:f7:1b:c9:4a:aa:12:d3:20:f9:b4:33:5a:90:
aa:9d:0c:d1
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYhmrhXXCHgbrkLmZcdUOVS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTI5MDg0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU0NTg1NDU0ZDM5MTM1MjgwODkyNWM4ZWU0NTA1ZGViMmNlMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSO4MZBnOV74H+grCO/tEYpQFFAh
WR6RvnWlCJjO2QwhGGNqTvXT01vgVFh665eENJvrp3sl5ktoTv1dAua4a5UwOf7g
Q9vzpgtbt8946Rt6j7/SXVBOkk5T69WYA+dTxM8uCrw0NWJ19beGkFDYit+ZKKS8
qe9EAn8y74lIZ6kPOukQOdVvQ1CjGWyv7cnZX/wTa/rIMRNM+M7i5j/OoMYf3+5g
ncNkkFU7p9HKW4fQZIgXEcDHALtDMQKKM3KRG3cotKLlvC19iJjCerwEQ60YWsVC
QMX1fgmRixvbBzZP46s4N34l6hj0jdq2+GQaMvoJN38eUqSLowmtemD6dQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFM5UWFRU05E1KAiSXI7kUF3rLOMVMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvemxSWVZGVFRrVFVvQ0pKY2p1UlFYZXNzNHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
tnADBAAFtnMDBAAtCagDBAJN8pgwDAMEAE3ynQMEAE3yngMEAFOJmQMEAlOJnAME
AFiXPgMEAFjRzgMEAFjR2QMEAFjR2wMEAFjR5AMEAljR7AMEAVjR9jAMAwQAWNH9
AwQAWNH+MAwDBABcNNkDBABcNNoDBACy0uQwDAMEAbLS5gMEArLS6AMEALLS7QME
AMIpLzANBgkqhkiG9w0BAQsFAAOCAQEAmM2/lhmBXSh2wdmaGvxhZZsdWF0ROMWt
iR5qhO7gX9RaS8H8bCp6bexlFg/dcT93WXqHXEcddU+wIk16nBFCgyBKRxXUoGmc
C0A97RzuwSM5dJFz17ohvv6fF1pIsV4/9gcx+YP7+dgbdLugjPfEYVclniUu8E8/
0gqnOvQEJ2bAIqK2kmf3UtdtgnqQvdjNob/R8fftfxZ2RRMp3/5VNPl6iCvdx5X9
h44od3KOFhb7uRRqKGNetwlVZSoFeV1ZjyVYwilYyl/xL/cWJafR6oRyWH+x0LBJ
BIT0PrQrruqCWLdGxiHDvp5kBqH6PDP3G8lKqhLTIPm0M1qQqp0M0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org