Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/9X261Fo9hX8lodITNxucKE_0qQ8.roa
File: 9X261Fo9hX8lodITNxucKE_0qQ8.roa (raw, json)
Hash identifier: 6SrMIuL42fO/BGTevQamUDBej+1wEduaXW0nEXCGQYA=
Subject key identifier: F5:7D:BA:D4:5A:3D:85:7F:25:A1:D2:13:37:1B:9C:28:4F:F4:A9:0F
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186120A97FDFF0A57A0050272479C3CD55B
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/9X261Fo9hX8lodITNxucKE_0qQ8.roa
Signing time: Thu 02 Feb 2023 12:12:09 +0000
ROA not before: Thu 02 Feb 2023 12:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
91.107.116.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
194.5.93.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
45.129.187.0/24 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:0a:97:fd:ff:0a:57:a0:05:02:72:47:9c:3c:d5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 12:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f57dbad45a3d857f25a1d213371b9c284ff4a90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:91:6c:01:9d:be:62:71:0c:58:4e:cb:c6:ed:
48:4c:b6:7b:2e:6b:2a:a4:14:e8:0d:65:c0:04:4e:
3b:38:b2:89:dd:ca:88:6e:b0:4e:e7:eb:b8:96:b0:
17:67:be:46:92:50:76:30:1b:7a:36:8f:0a:dc:da:
4a:24:d8:20:ed:18:2b:9c:4f:24:9b:8a:64:27:ce:
9c:6f:96:a0:b7:69:33:f9:ff:17:eb:cb:08:52:06:
03:99:17:3d:bc:30:1b:15:95:fe:fa:1d:5a:42:f8:
b9:81:a3:c7:0c:9d:77:f9:e2:4d:9e:94:10:06:ef:
5d:ee:3b:f2:77:c5:d3:fa:83:52:ce:db:de:19:b7:
9e:5e:a3:20:93:06:eb:0b:09:08:3a:c2:42:e1:24:
31:e5:66:b0:5c:93:5f:6d:24:08:d8:36:43:7b:6f:
1c:5a:41:d9:64:c3:be:59:45:63:5b:f7:5e:19:41:
e5:97:3f:c6:dd:ce:00:04:e9:f7:e3:16:d8:7a:d0:
0c:dc:49:14:29:92:e3:07:a7:e2:9b:6a:e1:9c:9a:
bb:71:50:e4:82:9a:fa:21:ef:01:0c:b3:8f:78:f7:
43:8a:7c:75:48:c6:89:31:df:b1:8f:40:a9:3c:66:
07:47:8e:14:6a:bd:48:d9:7c:6f:b8:39:ea:b6:c0:
ed:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:7D:BA:D4:5A:3D:85:7F:25:A1:D2:13:37:1B:9C:28:4F:F4:A9:0F
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/9X261Fo9hX8lodITNxucKE_0qQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
31.129.0.0-31.129.21.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.187.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
91.107.116.0/24
94.198.216.0-94.198.221.255
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
185.166.196.0/23
194.5.93.0/24
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
80:e0:2c:08:28:91:58:c1:f3:b4:9e:63:5b:b4:23:a7:1b:e1:
01:f2:1b:44:aa:dc:a0:06:7c:bc:67:bc:5b:ea:96:e8:a9:97:
7a:93:5c:58:2d:79:3d:58:eb:39:56:a3:64:1a:e2:c3:ad:7b:
9e:50:0d:1a:0b:e1:54:83:66:67:2f:9c:73:6c:c2:07:b1:55:
78:47:0f:ea:e8:e8:f9:45:5e:52:c9:c0:5a:0b:9b:35:ce:60:
85:03:0c:8c:1e:15:39:44:26:af:43:86:18:f1:89:00:07:07:
35:1c:c4:e2:1e:99:33:29:5c:64:38:6c:70:1e:97:3f:d8:33:
10:7b:02:7d:a5:29:98:b6:80:29:a5:89:46:4a:94:64:49:9e:
ce:a8:07:61:42:5d:62:ab:1f:3e:7d:d7:76:0c:79:34:50:05:
5f:ab:cd:72:af:53:14:c9:34:59:a1:f8:21:10:44:28:80:58:
ff:7a:b0:3f:8d:85:bb:d9:00:4e:dc:2f:ec:ac:08:33:8c:c4:
30:6f:35:0b:cf:36:10:3c:40:b7:7a:9c:40:9e:65:1d:76:40:
d2:c8:eb:1b:e9:a7:90:13:89:0c:72:09:72:51:26:a0:cc:9c:
8e:b2:3b:11:77:dd:05:ff:22:34:2d:6e:8a:5c:43:f6:7d:07:
66:92:5b:3a
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYYSCpf9/wpXoAUCckecPNVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAyMTIxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTdkYmFkNDVhM2Q4NTdmMjVhMWQyMTMzNzFiOWMyODRmZjRhOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZFsAZ2+YnEMWE7Lxu1ITLZ7Lmsq
pBToDWXABE47OLKJ3cqIbrBO5+u4lrAXZ75GklB2MBt6No8K3NpKJNgg7RgrnE8k
m4pkJ86cb5agt2kz+f8X68sIUgYDmRc9vDAbFZX++h1aQvi5gaPHDJ13+eJNnpQQ
Bu9d7jvyd8XT+oNSztveGbeeXqMgkwbrCwkIOsJC4SQx5WawXJNfbSQI2DZDe28c
WkHZZMO+WUVjW/deGUHllz/G3c4ABOn34xbYetAM3EkUKZLjB6fim2rhnJq7cVDk
gpr6Ie8BDLOPePdDinx1SMaJMd+xj0CpPGYHR44Uar1I2XxvuDnqtsDtKQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFPV9utRaPYV/JaHSEzcbnChP9KkPMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvOVgyNjFGbzloWDhsb2RJVE54dWNLRV8wcVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBtgQCAAEwga8DBAEF
LC4wCwMDAB+BAwQBH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FADBAAtQnUD
BAAtQncwDAMEAC1QgQMEAi1QgAMEAC2BuwMEAC4QDAMEAS4QDgMEAi4TQDAMAwQE
UciQAwQBUcicAwQAW2t0MAwDBANextgDBAFextwwDAMEA23sOAMEAG3sOjAMAwQA
jWLpAwQAjWLqAwQBuabEAwQAwgVdAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQCA
4CwIKJFYwfO0nmNbtCOnG+EB8htEqtygBny8Z7xb6pboqZd6k1xYLXk9WOs5VqNk
GuLDrXueUA0aC+FUg2ZnL5xzbMIHsVV4Rw/q6Oj5RV5SycBaC5s1zmCFAwyMHhU5
RCavQ4YY8YkABwc1HMTiHpkzKVxkOGxwHpc/2DMQewJ9pSmYtoAppYlGSpRkSZ7O
qAdhQl1iqx8+fdd2DHk0UAVfq81yr1MUyTRZofghEEQogFj/erA/jYW72QBO3C/s
rAgzjMQwbzULzzYQPEC3epxAnmUddkDSyOsb6aeQE4kMcglyUSagzJyOsjsRd90F
/yI0LW6KXEP2fQdmkls6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org