Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/__QP4t_WKbQs8lCv6YU1tiM8Yks.roa
File: __QP4t_WKbQs8lCv6YU1tiM8Yks.roa (raw, json)
Hash identifier: IwDqiHlCoyapiU82H5kymiG1g9wyJibutGZtye5rNc4=
Subject key identifier: FF:F4:0F:E2:DF:D6:29:B4:2C:F2:50:AF:E9:85:35:B6:23:3C:62:4B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0188E9AE5615019A706116CC97FDE71A4009
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/__QP4t_WKbQs8lCv6YU1tiM8Yks.roa
Signing time: Fri 23 Jun 2023 19:14:56 +0000
ROA not before: Fri 23 Jun 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.245.0/24 maxlen: 24
88.209.253.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
178.210.228.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/24 maxlen: 24
88.151.56.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e9:ae:56:15:01:9a:70:61:16:cc:97:fd:e7:1a:40:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 23 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fff40fe2dfd629b42cf250afe98535b6233c624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:49:07:a5:26:32:0e:8c:1b:26:34:11:e6:d9:
5a:c2:e2:bf:58:ff:d5:60:d1:b2:53:3e:fc:c1:34:
3d:53:fd:60:f4:a3:90:72:e5:38:09:85:8e:6f:1c:
9c:f9:5d:23:14:81:fc:2e:05:8a:70:d0:76:44:a8:
69:a2:3d:bf:01:1e:c6:e7:70:b0:3f:30:50:9f:68:
b7:2f:7c:c7:71:5a:60:8d:1c:e6:c9:44:c5:9d:c4:
df:7e:02:c5:66:96:eb:26:5e:71:bd:83:04:56:12:
3e:e1:86:d0:90:d2:78:34:06:9b:88:04:f9:12:ee:
b5:7a:cc:d5:17:91:93:a9:63:7d:6f:3b:fd:36:cb:
37:31:2c:94:ff:f6:99:8e:e4:5e:73:2e:0d:ea:7d:
8f:b8:43:7f:46:ad:66:67:91:23:77:bd:22:bb:df:
89:be:6e:45:c5:98:b2:90:7f:c0:4d:be:ca:fb:e5:
ab:4b:05:8b:73:0c:79:c4:d7:01:ce:97:29:98:94:
9b:d7:3b:57:53:fa:7b:e3:6c:46:ed:17:da:73:cb:
e8:19:e5:95:47:8d:50:f2:70:75:38:82:13:07:10:
31:ec:6c:e6:9f:e8:3e:c0:3f:42:f4:db:76:fa:6f:
7b:6e:f8:6e:da:4d:2f:45:12:13:9d:c4:fc:9b:1d:
4a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F4:0F:E2:DF:D6:29:B4:2C:F2:50:AF:E9:85:35:B6:23:3C:62:4B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/__QP4t_WKbQs8lCv6YU1tiM8Yks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
77.242.157.0-77.242.158.255
88.151.56.0/24
88.151.62.0/24
88.209.226.0/24
88.209.230.0/24
88.209.245.0/24
88.209.253.0/24
88.209.255.0/24
92.52.214.0/24
178.210.228.0/24
178.210.248.0/23
178.210.251.0-178.210.252.255
Signature Algorithm: sha256WithRSAEncryption
4f:8a:85:47:1c:47:9a:14:a5:b0:a6:76:4d:d9:09:f8:8f:b4:
43:5b:81:4e:c5:58:a5:9c:9b:cc:16:18:4a:b6:1c:e7:76:2e:
1e:78:6c:30:17:44:62:13:ec:70:b4:75:ac:7e:b7:8c:09:6d:
12:7f:18:69:71:4d:6d:3c:94:50:2d:82:74:30:87:68:d3:ec:
c9:3b:63:a7:e5:49:d7:ae:2d:74:4d:a0:f0:2c:e2:49:b1:26:
7b:bf:4f:60:09:24:1e:8a:81:6c:a2:9f:5e:bb:77:d3:50:bc:
00:3c:3e:11:6c:90:68:0a:c3:be:d6:56:c7:05:b1:33:59:53:
27:69:31:63:46:84:88:c6:d1:e8:6a:9b:8e:ee:e6:ef:04:10:
65:d6:5a:cd:56:e0:05:a9:50:b7:b2:95:d2:46:f7:f5:89:45:
4e:62:ac:4c:6b:fc:9b:88:7c:c4:d1:19:2a:a1:e5:9f:d2:6a:
67:da:97:29:8f:2e:bc:1c:d1:3e:fe:51:18:ec:86:36:b9:c8:
b4:62:44:40:11:e7:a2:23:51:f0:29:7e:fa:39:1c:0d:d6:71:
87:62:35:21:e8:3b:4a:fa:bf:0e:9b:b6:4c:12:b9:11:14:32:
4e:6d:e7:f6:c4:50:0a:18:65:78:a9:33:6a:32:43:e9:2b:4e:
03:2d:ae:0f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYjprlYVAZpwYRbMl/3nGkAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjIzMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY0MGZlMmRmZDYyOWI0MmNmMjUwYWZlOTg1MzViNjIzM2M2MjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0kHpSYyDowbJjQR5tlawuK/WP/V
YNGyUz78wTQ9U/1g9KOQcuU4CYWObxyc+V0jFIH8LgWKcNB2RKhpoj2/AR7G53Cw
PzBQn2i3L3zHcVpgjRzmyUTFncTffgLFZpbrJl5xvYMEVhI+4YbQkNJ4NAabiAT5
Eu61eszVF5GTqWN9bzv9Nss3MSyU//aZjuRecy4N6n2PuEN/Rq1mZ5Ejd70iu9+J
vm5FxZiykH/ATb7K++WrSwWLcwx5xNcBzpcpmJSb1ztXU/p742xG7Rfac8voGeWV
R41Q8nB1OIITBxAx7Gzmn+g+wD9C9Nt2+m97bvhu2k0vRRITncT8mx1KGwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFP/0D+Lf1im0LPJQr+mFNbYjPGJLMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvX19RUDR0X1dLYlFzOGxDdjZZVTF0aU04WWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAAjqqMAwD
BABN8p0DBABN8p4DBABYlzgDBABYlz4DBABY0eIDBABY0eYDBABY0fUDBABY0f0D
BABY0f8DBABcNNYDBACy0uQDBAGy0vgwDAMEALLS+wMEALLS/DANBgkqhkiG9w0B
AQsFAAOCAQEAT4qFRxxHmhSlsKZ2TdkJ+I+0Q1uBTsVYpZybzBYYSrYc53YuHnhs
MBdEYhPscLR1rH63jAltEn8YaXFNbTyUUC2CdDCHaNPsyTtjp+VJ164tdE2g8Czi
SbEme79PYAkkHoqBbKKfXrt301C8ADw+EWyQaArDvtZWxwWxM1lTJ2kxY0aEiMbR
6Gqbju7m7wQQZdZazVbgBalQt7KV0kb39YlFTmKsTGv8m4h8xNEZKqHln9JqZ9qX
KY8uvBzRPv5RGOyGNrnItGJEQBHnoiNR8Cl++jkcDdZxh2I1Ieg7Svq/Dpu2TBK5
ERQyTm3n9sRQChhleKkzajJD6StOAy2uDw==
-----END CERTIFICATE-----
Generated at Sun May 11 23:25:00 2025 by rpki-client