Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-ImfBq2yiwT_qOPlo9-q33yFw24.roa
File: 1-ImfBq2yiwT_qOPlo9-q33yFw24.roa (raw, json)
Hash identifier: ZVPhjJIROK2gAO+eNPrpsIWBYqo2J8ezaXEMrOdHVo8=
Subject key identifier: F8:89:9F:06:AD:B2:8B:04:FF:A8:E3:E5:A3:DF:AA:DF:7C:85:C3:6E
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018678E0B3D5F66288A8D11C68B3B1259877
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-ImfBq2yiwT_qOPlo9-q33yFw24.roa
Signing time: Wed 22 Feb 2023 11:27:17 +0000
ROA not before: Wed 22 Feb 2023 11:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
194.5.93.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:e0:b3:d5:f6:62:88:a8:d1:1c:68:b3:b1:25:98:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 22 11:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8899f06adb28b04ffa8e3e5a3dfaadf7c85c36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a3:39:7c:b8:a9:c0:c9:3a:29:ba:34:8f:20:
43:8c:11:6b:ab:f5:c9:d2:4f:7f:0d:74:a9:d7:af:
27:16:42:a0:c5:a8:a2:8a:13:22:e8:3e:59:df:f9:
e5:4c:d7:08:ab:91:4f:c4:2c:51:43:4d:9f:df:a6:
45:42:53:66:ba:71:a8:51:45:78:92:38:e5:da:07:
64:a2:78:3d:50:91:9c:4d:36:c3:6e:83:82:04:bc:
c1:47:34:a1:11:c6:21:70:f6:16:fd:31:9d:ef:f9:
f4:10:54:37:9f:09:9d:a9:a6:5e:de:28:6d:db:84:
9f:b6:6d:a1:e3:e3:4d:b1:69:e0:da:d2:13:ca:4e:
9e:a7:2e:7f:53:9e:36:ca:0f:2c:dd:3c:3c:ef:fb:
b0:4b:63:1d:ae:82:dc:4e:c6:ef:3d:4c:36:53:1d:
6c:43:b0:6c:a9:72:fb:56:5c:ab:3a:09:d6:08:05:
40:5c:d5:8e:59:b0:aa:ff:44:ef:90:d4:d2:2a:95:
37:a8:ef:fe:4e:59:d6:bd:8f:1d:f2:4b:14:3d:5e:
ca:69:73:f9:f4:f1:6d:92:a5:a7:24:ed:52:9d:53:
3e:6a:4a:1d:1b:b8:99:ab:c5:7f:3e:78:f6:97:0c:
49:4d:91:46:8b:cf:e8:d0:af:13:1c:cd:0f:70:d0:
80:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:89:9F:06:AD:B2:8B:04:FF:A8:E3:E5:A3:DF:AA:DF:7C:85:C3:6E
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-ImfBq2yiwT_qOPlo9-q33yFw24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
185.166.196.0/23
194.5.93.0/24
Signature Algorithm: sha256WithRSAEncryption
56:9a:9d:51:ca:7c:8e:15:67:6c:5e:69:45:37:38:91:4b:35:
ce:c9:52:ef:05:98:b8:24:9e:59:18:84:05:ae:45:74:c8:0f:
3e:1c:f6:6a:89:b2:8f:b0:9e:2e:a4:36:4e:b9:bf:ce:56:bc:
dd:62:59:b7:64:eb:70:a8:e6:c6:c4:27:aa:ce:c6:b3:89:07:
4b:ee:42:fc:46:4c:7d:41:93:07:11:13:b1:2f:56:e5:21:91:
ec:b7:8a:59:e1:cd:cb:0c:3c:c9:0d:a0:ea:a0:2c:8a:80:e3:
6a:2a:e2:e6:13:18:4a:4e:4a:46:80:9d:59:8e:07:06:96:b7:
13:c0:68:3f:8f:68:27:57:e9:5e:ab:18:b0:b7:4f:1f:f6:91:
9a:b5:b2:01:af:96:b7:83:36:f3:85:e9:1c:2e:d1:e8:2f:10:
27:3c:e5:a1:c4:af:4d:ca:9e:64:9f:5e:ab:a2:0f:47:92:ed:
27:34:16:fa:2b:85:68:f9:9d:5c:71:ed:1b:06:ae:e8:91:9a:
08:73:87:b0:63:0d:98:13:a9:f7:5f:87:f9:98:c4:8a:99:c1:
88:1b:74:fb:2d:c7:53:0f:bb:13:52:8e:4b:37:ea:96:92:b1:
d8:ee:85:7c:d0:ce:91:c0:fc:cd:0b:6a:da:0e:69:72:82:4c:
49:9f:47:b9
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYZ44LPV9mKIqNEcaLOxJZh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjIyMTEyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODg5OWYwNmFkYjI4YjA0ZmZhOGUzZTVhM2RmYWFkZjdjODVjMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaM5fLipwMk6Kbo0jyBDjBFrq/XJ
0k9/DXSp168nFkKgxaiiihMi6D5Z3/nlTNcIq5FPxCxRQ02f36ZFQlNmunGoUUV4
kjjl2gdkong9UJGcTTbDboOCBLzBRzShEcYhcPYW/TGd7/n0EFQ3nwmdqaZe3iht
24Sftm2h4+NNsWng2tITyk6epy5/U542yg8s3Tw87/uwS2MdroLcTsbvPUw2Ux1s
Q7BsqXL7VlyrOgnWCAVAXNWOWbCq/0TvkNTSKpU3qO/+TlnWvY8d8ksUPV7KaXP5
9PFtkqWnJO1SnVM+akodG7iZq8V/Pnj2lwxJTZFGi8/o0K8THM0PcNCAiwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFPiJnwatsosE/6jj5aPfqt98hcNuMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMS1JbWZCcTJ5aXdUX3FPUGxvOS1xMzN5RncyNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgy
OC8xL0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBtAYIKwYBBQUHAQcBAf8EgaQwgaEwgZ4EAgABMIGXMAsD
AwAfgQMEAB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQALUJ1AwQALUJ3
MAwDBAAtUIEDBAItUIADBAAuEAwDBAEuEA4DBAIuE0AwDAMEBFHIkAMEAVHInDAM
AwQDXsbYAwQBXsbcMAwDBANt7DgDBABt7DowDAMEAI1i6QMEAI1i6gMEAbmmxAME
AMIFXTANBgkqhkiG9w0BAQsFAAOCAQEAVpqdUcp8jhVnbF5pRTc4kUs1zslS7wWY
uCSeWRiEBa5FdMgPPhz2aomyj7CeLqQ2Trm/zla83WJZt2TrcKjmxsQnqs7Gs4kH
S+5C/EZMfUGTBxETsS9W5SGR7LeKWeHNyww8yQ2g6qAsioDjairi5hMYSk5KRoCd
WY4HBpa3E8BoP49oJ1fpXqsYsLdPH/aRmrWyAa+Wt4M284XpHC7R6C8QJzzlocSv
TcqeZJ9eq6IPR5LtJzQW+iuFaPmdXHHtGwau6JGaCHOHsGMNmBOp91+H+ZjEipnB
iBt0+y3HUw+7E1KOSzfqlpKx2O6FfNDOkcD8zQtq2g5pcoJMSZ9HuQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org