Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zvxrYuLwyJdrAtxSFLO4vuGQyoM.roa
File: zvxrYuLwyJdrAtxSFLO4vuGQyoM.roa (raw, json)
Hash identifier: yopaWNcA60dElcXqpEZ6fsl3fZj/oa4yvtpUbRSmwk4=
Subject key identifier: CE:FC:6B:62:E2:F0:C8:97:6B:02:DC:52:14:B3:B8:BE:E1:90:CA:83
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CF3514ED3A63212E65C4B62BF7CDCDAE0
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zvxrYuLwyJdrAtxSFLO4vuGQyoM.roa
Signing time: Wed 10 Jan 2024 12:20:41 +0000
ROA not before: Wed 10 Jan 2024 12:20:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 88.209.232.0/22 maxlen: 24
178.210.231.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
178.210.230.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:51:4e:d3:a6:32:12:e6:5c:4b:62:bf:7c:dc:da:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 10 12:20:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cefc6b62e2f0c8976b02dc5214b3b8bee190ca83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:41:95:c6:2d:91:29:9f:49:89:ab:7c:ec:b2:
62:90:7b:80:fe:5d:e4:6a:83:ea:54:58:20:a7:ae:
1d:b6:cf:31:51:d7:27:7f:70:10:1b:05:f5:a8:de:
79:28:7a:d6:3a:1c:0a:6a:e8:6f:76:b3:2c:46:d1:
3a:ea:30:55:59:be:43:72:42:e8:5f:93:cd:21:d8:
90:f9:09:99:57:78:09:9f:dc:b9:29:48:3f:27:a8:
11:7f:9c:07:e3:2f:29:9b:44:a3:dd:23:8c:6a:5d:
1f:e6:be:e4:30:a9:95:e1:1d:2a:19:c4:1b:31:97:
74:4d:ea:7a:97:d0:46:be:5c:c2:35:a9:13:5d:fe:
2c:f8:22:50:29:82:51:6a:34:4f:bf:00:59:84:ba:
99:80:73:0c:f0:81:17:fc:12:34:d1:bd:4f:07:f6:
49:46:d1:71:51:81:bf:4d:0a:d1:05:5d:26:47:bf:
84:a2:98:9e:08:c6:4c:88:4a:c9:b6:1f:b1:55:cd:
7c:91:24:3e:99:2a:82:52:a7:a3:7d:26:a3:81:75:
9e:e5:4f:0c:9d:31:70:03:32:77:e2:92:22:ae:f6:
c2:14:1b:72:c3:30:74:eb:ab:0b:34:69:01:e1:ab:
0d:e8:c3:cd:7d:ef:11:e2:8e:a6:2b:f0:cc:66:70:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FC:6B:62:E2:F0:C8:97:6B:02:DC:52:14:B3:B8:BE:E1:90:CA:83
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zvxrYuLwyJdrAtxSFLO4vuGQyoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.56.0/23
88.209.211.0/24
88.209.232.0/22
178.210.228.0/24
178.210.230.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:73:6f:7d:b4:58:ba:3c:61:ee:a1:4f:80:67:24:4f:cd:98:
4a:96:a4:63:18:07:0f:85:3b:ef:ff:51:d6:91:64:39:7d:0b:
04:91:bb:65:98:f6:4c:18:2e:4e:bc:61:1b:bd:63:ac:b4:a0:
f3:0e:48:d1:f8:e7:44:bc:d9:84:7d:f9:43:b5:fb:2a:58:2f:
b5:e8:13:92:85:51:1d:d8:ab:01:74:92:2f:90:63:66:69:f5:
2b:9d:df:a9:c8:19:7e:b7:ed:37:33:1a:1c:71:2a:cb:b4:3c:
67:f2:8e:2b:98:1c:d6:87:64:c3:00:94:fd:50:a0:37:4d:26:
32:c8:34:27:75:e6:19:61:6b:07:cc:45:7d:bd:75:5c:03:fd:
65:db:c6:05:47:75:52:50:b5:fb:f6:2f:16:6c:8d:27:fa:57:
cd:ed:b1:71:d0:d2:48:74:2a:fe:8e:c5:8d:93:7b:21:80:ed:
81:ec:c0:51:c6:68:15:b0:e7:6e:67:05:7c:b4:73:50:53:37:
0a:91:5a:66:32:7b:23:83:27:04:62:3d:86:b2:c4:f6:37:fc:
0b:24:ff:3d:9d:fa:01:ed:1c:44:59:a8:37:38:b3:ac:c7:51:
f6:ca:0f:c9:c0:4e:35:87:cd:b5:d7:c6:fd:31:88:8a:84:6f:
7a:06:91:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzzUU7TpjIS5lxLYr983NrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTEwMTIyMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWZjNmI2MmUyZjBjODk3NmIwMmRjNTIxNGIzYjhiZWUxOTBjYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEGVxi2RKZ9Jiat87LJikHuA/l3k
aoPqVFggp64dts8xUdcnf3AQGwX1qN55KHrWOhwKauhvdrMsRtE66jBVWb5DckLo
X5PNIdiQ+QmZV3gJn9y5KUg/J6gRf5wH4y8pm0Sj3SOMal0f5r7kMKmV4R0qGcQb
MZd0Tep6l9BGvlzCNakTXf4s+CJQKYJRajRPvwBZhLqZgHMM8IEX/BI00b1PB/ZJ
RtFxUYG/TQrRBV0mR7+EopieCMZMiErJth+xVc18kSQ+mSqCUqejfSajgXWe5U8M
nTFwAzJ34pIirvbCFBtywzB066sLNGkB4asN6MPNfe8R4o6mK/DMZnBALwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM78a2Li8MiXawLcUhSzuL7hkMqDMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvenZ4cll1THd5SmRyQXR4U0ZMTzR2dUdReW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBWJc4AwQA
WNHTAwQCWNHoAwQAstLkAwQBstLmMA0GCSqGSIb3DQEBCwUAA4IBAQAKc299tFi6
PGHuoU+AZyRPzZhKlqRjGAcPhTvv/1HWkWQ5fQsEkbtlmPZMGC5OvGEbvWOstKDz
DkjR+OdEvNmEfflDtfsqWC+16BOShVEd2KsBdJIvkGNmafUrnd+pyBl+t+03Mxoc
cSrLtDxn8o4rmBzWh2TDAJT9UKA3TSYyyDQndeYZYWsHzEV9vXVcA/1l28YFR3VS
ULX79i8WbI0n+lfN7bFx0NJIdCr+jsWNk3shgO2B7MBRxmgVsOduZwV8tHNQUzcK
kVpmMnsjgycEYj2GssT2N/wLJP89nfoB7RxEWag3OLOsx1H2yg/JwE41h82118b9
MYiKhG96BpGJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org