Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PgG_9s_okDAOE4ivUhiODJRyTYM.roa
File: PgG_9s_okDAOE4ivUhiODJRyTYM.roa (raw, json)
Hash identifier: y9cMThXDeic3h4hcGeo0xlGjvWrM3jIMFMUCw3LqH2M=
Subject key identifier: 3E:01:BF:F6:CF:E8:90:30:0E:13:88:AF:52:18:8E:0C:94:72:4D:83
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188BB70B09C0CE1527ACA504568BE91959E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PgG_9s_okDAOE4ivUhiODJRyTYM.roa
Signing time: Wed 14 Jun 2023 19:45:04 +0000
ROA not before: Wed 14 Jun 2023 19:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 88.209.228.0/24 maxlen: 24
88.209.239.0/24 maxlen: 24
88.209.236.0/22 maxlen: 22
88.209.246.0/23 maxlen: 23
88.209.253.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.157.0/24 maxlen: 24
83.137.158.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.219.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
178.210.232.0/24 maxlen: 24
178.210.233.0/24 maxlen: 24
178.210.237.0/24 maxlen: 24
178.210.234.0/24 maxlen: 24
178.210.235.0/24 maxlen: 24
77.242.152.0/22 maxlen: 24
92.52.217.0/24 maxlen: 24
92.52.218.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bb:70:b0:9c:0c:e1:52:7a:ca:50:45:68:be:91:95:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 14 19:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e01bff6cfe890300e1388af52188e0c94724d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:be:aa:7b:5b:e3:8c:e0:6f:9b:96:2c:60:00:
33:ec:fa:17:29:e8:3e:34:55:68:87:03:59:cf:ae:
9b:d3:9c:0f:c3:50:e0:1d:93:03:73:b8:d5:c0:db:
db:4a:a8:1d:31:a2:b4:29:6b:a5:db:f4:97:b4:33:
57:e3:b1:28:9b:8b:19:d0:10:29:cb:05:2f:fe:62:
14:b1:31:28:8a:a6:e5:48:b3:ba:0b:52:d5:ee:3f:
b8:24:ea:58:45:fc:20:70:92:27:c4:46:9e:d3:bd:
13:5d:3f:59:c3:2d:d2:17:53:0e:2e:ff:58:79:7a:
49:3d:3a:60:dc:c9:73:59:3f:00:25:af:04:88:6f:
bd:d0:70:a6:3c:9c:63:c0:82:92:54:54:09:b0:f7:
f7:a9:b5:b3:c6:d4:63:04:b1:ed:f3:87:50:cd:39:
b5:46:d7:ff:6c:1e:8f:6f:35:f5:bd:46:52:b3:3c:
bd:2d:a1:c3:4f:61:77:5f:ff:f1:66:7a:be:d6:25:
c6:a5:f2:41:83:f8:91:b9:74:f3:0e:e9:98:d2:40:
12:28:b6:9f:1b:10:c1:85:72:c5:a1:0d:c8:de:a4:
b8:a8:31:cd:fe:22:54:c8:9e:00:44:20:e5:b0:18:
78:44:69:ea:93:f5:6a:c0:41:1a:1d:da:65:83:27:
9b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:01:BF:F6:CF:E8:90:30:0E:13:88:AF:52:18:8E:0C:94:72:4D:83
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PgG_9s_okDAOE4ivUhiODJRyTYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
77.242.152.0/22
83.137.153.0/24
83.137.156.0/22
88.209.206.0/24
88.209.217.0/24
88.209.219.0/24
88.209.228.0/24
88.209.236.0/22
88.209.246.0/23
88.209.253.0-88.209.254.255
92.52.217.0-92.52.218.255
178.210.232.0/22
178.210.237.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
82:65:dc:37:32:4c:9b:0b:ee:78:62:65:6a:f4:be:b7:12:85:
0a:fe:20:c7:eb:9f:8d:5b:5f:d7:8d:ef:5f:b7:b4:7d:09:e2:
94:01:d3:3f:62:8d:8c:8d:85:04:2b:ed:88:5b:0c:25:8d:30:
f8:2f:46:fb:84:a5:f6:d0:53:bd:38:77:66:5f:2a:20:a5:93:
3b:2f:f6:cb:2c:d1:00:ef:33:72:5e:33:52:1e:b3:07:43:fd:
f1:47:63:02:cd:9c:67:93:f4:57:7c:f2:3e:6e:d2:c0:f6:03:
f8:1a:04:74:8a:60:d9:0e:d6:9e:57:db:ed:ef:57:9f:e4:25:
ec:04:15:d7:66:20:a6:2c:51:59:f0:69:82:d5:6b:60:6a:2c:
90:8e:3c:61:40:06:a1:8a:fb:6c:47:7b:78:1c:bf:5c:39:92:
8c:a0:e7:49:d7:00:07:09:b9:54:4a:1f:91:b0:c1:b0:5b:0d:
5a:d0:8d:35:3a:91:13:59:e9:05:96:d5:a5:85:bd:6f:3a:4d:
20:f1:9e:00:c5:34:9a:54:8a:48:09:4c:7c:08:36:08:ef:fa:
16:ad:3a:22:b1:42:d8:cc:da:9f:bb:5f:43:0b:27:ce:6e:ef:
a5:a9:fd:93:bc:f5:22:f1:84:55:e2:5a:05:65:02:65:06:1c:
86:da:d9:d4
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYi7cLCcDOFSespQRWi+kZWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjE0MTk0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAxYmZmNmNmZTg5MDMwMGUxMzg4YWY1MjE4OGUwYzk0NzI0ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL6qe1vjjOBvm5YsYAAz7PoXKeg+
NFVohwNZz66b05wPw1DgHZMDc7jVwNvbSqgdMaK0KWul2/SXtDNX47Eom4sZ0BAp
ywUv/mIUsTEoiqblSLO6C1LV7j+4JOpYRfwgcJInxEae070TXT9Zwy3SF1MOLv9Y
eXpJPTpg3MlzWT8AJa8EiG+90HCmPJxjwIKSVFQJsPf3qbWzxtRjBLHt84dQzTm1
Rtf/bB6PbzX1vUZSszy9LaHDT2F3X//xZnq+1iXGpfJBg/iRuXTzDumY0kASKLaf
GxDBhXLFoQ3I3qS4qDHN/iJUyJ4ARCDlsBh4RGnqk/VqwEEaHdplgyeb5wIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFD4Bv/bP6JAwDhOIr1IYjgyUck2DMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUGdHXzlzX29rREFPRTRpdlVoaU9ESlJ5VFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFtnAD
BAAFtnMDBAAtCagDBAJN8pgDBABTiZkDBAJTiZwDBABY0c4DBABY0dkDBABY0dsD
BABY0eQDBAJY0ewDBAFY0fYwDAMEAFjR/QMEAFjR/jAMAwQAXDTZAwQAXDTaAwQC
stLoAwQAstLtAwQAwikvMA0GCSqGSIb3DQEBCwUAA4IBAQCCZdw3MkybC+54YmVq
9L63EoUK/iDH65+NW1/Xje9ft7R9CeKUAdM/Yo2MjYUEK+2IWwwljTD4L0b7hKX2
0FO9OHdmXyogpZM7L/bLLNEA7zNyXjNSHrMHQ/3xR2MCzZxnk/RXfPI+btLA9gP4
GgR0imDZDtaeV9vt71ef5CXsBBXXZiCmLFFZ8GmC1WtgaiyQjjxhQAahivtsR3t4
HL9cOZKMoOdJ1wAHCblUSh+RsMGwWw1a0I01OpETWekFltWlhb1vOk0g8Z4AxTSa
VIpICUx8CDYI7/oWrToisULYzNqfu19DCyfObu+lqf2TvPUi8YRV4loFZQJlBhyG
2tnU
-----END CERTIFICATE-----
Generated at Sun May 11 21:20:47 2025 by rpki-client