Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FDXJqd1Z2Vqj7vlbccQYnqtnt8Y.roa
File: FDXJqd1Z2Vqj7vlbccQYnqtnt8Y.roa (raw, json)
Hash identifier: XZ/EjPQTHZeWZa7HFbHRBqy3N0z/v5hFXgKGdKrkpZw=
Subject key identifier: 14:35:C9:A9:DD:59:D9:5A:A3:EE:F9:5B:71:C4:18:9E:AB:67:B7:C6
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01831BE20F6DE70479E0EE83EB9D8AC4821C
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FDXJqd1Z2Vqj7vlbccQYnqtnt8Y.roa
Signing time: Thu 08 Sep 2022 06:55:43 +0000
ROA not before: Thu 08 Sep 2022 06:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.80.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1b:e2:0f:6d:e7:04:79:e0:ee:83:eb:9d:8a:c4:82:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Sep 8 06:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1435c9a9dd59d95aa3eef95b71c4189eab67b7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2f:f7:33:5d:14:23:2b:2d:52:ab:5a:b9:3d:
08:3e:9d:01:f7:9f:89:ac:ee:9a:e1:ee:49:4b:4a:
41:10:7c:e8:69:28:68:6d:5b:16:06:38:fa:2d:ec:
43:97:ce:f3:7d:63:7d:dd:fe:27:19:7b:5e:a3:5e:
8a:b4:52:a8:9c:2a:2e:a7:d2:83:8c:d3:ed:b3:be:
d8:0b:4b:64:fc:69:06:79:a2:4b:4b:a0:c5:29:fc:
38:e9:11:ac:c0:83:63:f3:55:65:f5:26:4b:09:52:
48:15:36:be:1b:79:3d:3b:ee:50:8c:33:5c:b6:52:
3a:28:7f:fe:b8:b1:75:08:88:80:fc:4d:42:e3:a7:
38:5c:25:d1:09:17:52:0a:eb:95:c4:44:f6:7c:6c:
79:cd:62:8d:72:07:a3:39:9d:67:be:32:8c:ea:fb:
71:d3:84:6d:eb:42:fe:04:db:12:12:c3:57:de:91:
cf:60:0d:ba:34:78:f4:a3:46:90:43:df:64:11:30:
e3:b4:95:c7:69:f7:aa:30:d2:cd:09:45:b2:20:c3:
7d:0d:23:b3:06:95:53:a6:54:37:e1:25:e5:16:4b:
e5:02:f2:a7:86:47:ce:32:2c:9c:08:a8:38:b1:04:
58:78:58:87:53:11:ce:fe:85:e0:2a:5b:5e:d2:c5:
05:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:35:C9:A9:DD:59:D9:5A:A3:EE:F9:5B:71:C4:18:9E:AB:67:B7:C6
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FDXJqd1Z2Vqj7vlbccQYnqtnt8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.29.255
31.129.31.0/24
45.80.128.0/24
Signature Algorithm: sha256WithRSAEncryption
51:90:cf:85:a4:c5:0e:89:e8:e6:2b:2d:88:ae:d5:6a:d8:e2:
04:26:bc:64:47:37:fd:88:73:01:1a:69:b1:8f:02:83:91:1a:
59:65:74:62:29:5c:45:2e:70:19:e8:60:4b:fc:af:6e:bf:6b:
2b:47:0a:10:14:24:c9:04:b7:1f:1b:f3:4c:35:03:4b:f5:26:
f3:c1:2d:c0:2a:2c:60:24:4d:57:4a:a1:5b:7a:f4:11:66:eb:
75:22:17:a5:e6:e4:b2:8f:b9:99:76:00:6f:56:80:25:9c:87:
b6:f1:d8:a4:f1:2c:5f:40:13:3e:fa:42:8b:9c:cf:a0:55:46:
55:6d:f1:7d:df:a8:26:e0:b0:43:06:68:5b:d5:7a:7f:e1:fb:
c3:f5:af:fd:30:9b:44:9d:e0:db:d5:89:8f:b5:f2:74:e1:a8:
4c:c3:dc:9b:46:ae:ae:51:c0:9c:12:67:5c:a8:c0:a5:67:93:
43:ee:71:5c:31:c6:8c:34:d7:51:c2:b5:a5:88:84:85:66:fe:
73:f0:67:e9:c2:b7:19:ba:c2:80:a8:b3:3d:d9:58:1c:34:ec:
45:be:53:3e:9d:2f:94:97:b6:63:9a:1b:63:8f:d1:db:84:86:
d4:4a:49:bd:dc:43:60:52:8a:b7:ab:b1:c7:e0:fa:cc:54:24:
c8:81:20:da
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYMb4g9t5wR54O6D652KxIIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIwOTA4MDY1NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDM1YzlhOWRkNTlkOTVhYTNlZWY5NWI3MWM0MTg5ZWFiNjdiN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy/3M10UIystUqtauT0IPp0B95+J
rO6a4e5JS0pBEHzoaShobVsWBjj6LexDl87zfWN93f4nGXteo16KtFKonCoup9KD
jNPts77YC0tk/GkGeaJLS6DFKfw46RGswINj81Vl9SZLCVJIFTa+G3k9O+5QjDNc
tlI6KH/+uLF1CIiA/E1C46c4XCXRCRdSCuuVxET2fGx5zWKNcgejOZ1nvjKM6vtx
04Rt60L+BNsSEsNX3pHPYA26NHj0o0aQQ99kETDjtJXHafeqMNLNCUWyIMN9DSOz
BpVTplQ34SXlFkvlAvKnhkfOMiycCKg4sQRYeFiHUxHO/oXgKlte0sUF7QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFBQ1yandWdlao+75W3HEGJ6rZ7fGMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRkRYSnFkMVoyVnFqN3ZsYmNjUVlucXRudDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZMAsDAwAfgQME
AR+BHAMEAB+BHwMEAC1QgDANBgkqhkiG9w0BAQsFAAOCAQEAUZDPhaTFDono5ist
iK7VatjiBCa8ZEc3/YhzARppsY8Cg5EaWWV0YilcRS5wGehgS/yvbr9rK0cKEBQk
yQS3HxvzTDUDS/Um88EtwCosYCRNV0qhW3r0EWbrdSIXpebkso+5mXYAb1aAJZyH
tvHYpPEsX0ATPvpCi5zPoFVGVW3xfd+oJuCwQwZoW9V6f+H7w/Wv/TCbRJ3g29WJ
j7XydOGoTMPcm0aurlHAnBJnXKjApWeTQ+5xXDHGjDTXUcK1pYiEhWb+c/Bn6cK3
GbrCgKizPdlYHDTsRb5TPp0vlJe2Y5obY4/R24SG1EpJvdxDYFKKt6uxx+D6zFQk
yIEg2g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org