Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wMeQJ5A4z_dQd6GJjIvG6HSHAUA.roa
File: wMeQJ5A4z_dQd6GJjIvG6HSHAUA.roa (raw, json)
Hash identifier: sYm9XgkLvw3kNGPUV36UitcvdoTnCDQTlAvzu31Ey+4=
Subject key identifier: C0:C7:90:27:90:38:CF:F7:50:77:A1:89:8C:8B:C6:E8:74:87:01:40
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018764D3ED04287596D025F780062EE35A42
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wMeQJ5A4z_dQd6GJjIvG6HSHAUA.roa
Signing time: Sun 09 Apr 2023 07:03:42 +0000
ROA not before: Sun 09 Apr 2023 07:03:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:64:d3:ed:04:28:75:96:d0:25:f7:80:06:2e:e3:5a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 9 07:03:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0c790279038cff75077a1898c8bc6e874870140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4f:9e:6d:8a:ee:2e:5f:ea:85:d5:3e:e8:25:
b9:2d:cc:8b:a9:74:fc:18:25:1e:4e:ee:52:52:a5:
5f:94:1e:23:d1:e3:73:b3:c9:fd:44:43:2d:be:d2:
63:8d:45:66:0f:c8:72:26:f0:d6:b8:6d:ef:fa:55:
93:d2:5f:fd:66:82:c6:9a:5d:8d:ab:88:4c:ca:53:
2f:28:ce:ab:ec:d1:d5:85:6e:c5:b7:45:ed:af:74:
ec:b9:2d:cd:d2:30:07:59:85:4e:4e:57:2b:d0:c6:
e7:eb:b0:6f:90:9e:b2:32:38:7c:19:b2:af:91:51:
f7:53:ed:f4:9b:86:99:0b:5d:f3:fa:20:5b:65:e3:
70:ae:22:3f:d6:81:0b:db:05:8a:30:6f:ff:8b:1c:
70:5d:7d:aa:f0:aa:27:3d:fa:df:02:13:12:05:8a:
7d:4c:34:3f:45:53:d2:30:4f:f2:f5:9a:d0:bf:93:
a9:82:07:72:eb:93:b6:ef:20:73:52:db:b7:d1:b4:
bc:47:ce:41:9d:7e:f8:81:50:e2:f8:f5:ba:50:ca:
ab:02:a2:7f:81:78:2a:0d:35:41:92:58:27:31:fe:
fc:b7:c4:2e:26:3d:e5:27:74:2d:47:ff:4a:16:0e:
d2:0b:ca:1c:f8:bc:4d:c6:ed:7d:be:41:ea:f1:dc:
80:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C7:90:27:90:38:CF:F7:50:77:A1:89:8C:8B:C6:E8:74:87:01:40
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/wMeQJ5A4z_dQd6GJjIvG6HSHAUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0-77.242.158.255
88.209.196.0/24
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:1c:fc:ea:e7:44:4d:45:e6:38:5a:e5:bb:5a:30:48:33:05:
95:84:a5:50:82:f8:ab:2b:0f:8a:69:dd:0e:fd:44:f4:dd:d7:
dd:da:8a:3d:4f:6f:9f:a0:60:ee:3e:c8:fc:c1:a7:44:fc:ef:
be:80:c4:5a:d5:e2:ed:2e:f2:a1:78:0a:77:b2:b9:0a:3f:59:
f2:2f:24:27:08:f0:1f:26:15:73:65:9b:b0:ca:9e:81:ee:7f:
40:f3:ee:e0:93:31:73:d7:3e:66:fd:10:8e:56:78:f3:1f:a3:
8c:de:4a:89:9e:c6:b7:ae:10:dd:91:ce:91:45:67:7f:18:63:
6c:44:55:26:00:a0:6d:f0:e3:73:a5:9e:a5:ab:79:c0:97:41:
de:87:3f:e8:ef:66:0a:a1:86:34:34:88:49:cb:6d:31:9d:7e:
21:a6:a6:70:fd:e3:7c:c4:98:a2:0d:cf:b0:7e:31:4c:aa:9b:
41:e2:3a:78:6f:81:7b:54:35:3f:70:32:65:f8:72:d6:08:4d:
ba:c5:88:2f:33:59:36:ac:c9:33:bd:5f:64:48:ff:53:5e:f4:
1f:b3:b8:41:5e:87:42:7e:c7:3e:1f:69:a3:1d:0f:3e:7b:c3:
3e:9b:e0:cf:ef:2a:8e:39:0f:f8:68:a6:af:6e:db:4f:23:1b:
6e:7b:47:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYdk0+0EKHWW0CX3gAYu41pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNDA5MDcwMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGM3OTAyNzkwMzhjZmY3NTA3N2ExODk4YzhiYzZlODc0ODcwMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU+ebYruLl/qhdU+6CW5LcyLqXT8
GCUeTu5SUqVflB4j0eNzs8n9REMtvtJjjUVmD8hyJvDWuG3v+lWT0l/9ZoLGml2N
q4hMylMvKM6r7NHVhW7Ft0Xtr3TsuS3N0jAHWYVOTlcr0Mbn67BvkJ6yMjh8GbKv
kVH3U+30m4aZC13z+iBbZeNwriI/1oEL2wWKMG//ixxwXX2q8KonPfrfAhMSBYp9
TDQ/RVPSME/y9ZrQv5Opggdy65O27yBzUtu30bS8R85BnX74gVDi+PW6UMqrAqJ/
gXgqDTVBklgnMf78t8QuJj3lJ3QtR/9KFg7SC8oc+LxNxu19vkHq8dyA/QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMDHkCeQOM/3UHehiYyLxuh0hwFAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvd01lUUo1QTR6X2RRZDZHSmpJdkc2SFNIQVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmMAwDBAAtCakD
BAItCagDBAAtDggDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylzAMAwQC
TfKcAwQATfKeAwQAWNHEAwQDXDTQAwQAXDTbAwQCstLgAwQDsvjIAwQAwYp9MA0G
CSqGSIb3DQEBCwUAA4IBAQAqHPzq50RNReY4WuW7WjBIMwWVhKVQgvirKw+Kad0O
/UT03dfd2oo9T2+foGDuPsj8wadE/O++gMRa1eLtLvKheAp3srkKP1nyLyQnCPAf
JhVzZZuwyp6B7n9A8+7gkzFz1z5m/RCOVnjzH6OM3kqJnsa3rhDdkc6RRWd/GGNs
RFUmAKBt8ONzpZ6lq3nAl0Hehz/o72YKoYY0NIhJy20xnX4hpqZw/eN8xJiiDc+w
fjFMqptB4jp4b4F7VDU/cDJl+HLWCE26xYgvM1k2rMkzvV9kSP9TXvQfs7hBXodC
fsc+H2mjHQ8+e8M+m+DP7yqOOQ/4aKavbttPIxtue0dZ
-----END CERTIFICATE-----
Generated at Fri May 2 06:15:02 2025 by rpki-client