Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/I-xsADO84dbuFZEBevYGMY1JlyQ.roa
File: I-xsADO84dbuFZEBevYGMY1JlyQ.roa (raw, json)
Hash identifier: fEG0oWeglKSktPAOGNHGqpsYd7lcsHNNvFluZgtE9l0=
Subject key identifier: 23:EC:6C:00:33:BC:E1:D6:EE:15:91:01:7A:F6:06:31:8D:49:97:24
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12E19DFB
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/I-xsADO84dbuFZEBevYGMY1JlyQ.roa
Signing time: Sun 12 Jun 2022 14:05:02 +0000
ROA not before: Sun 12 Jun 2022 14:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.32.0/20 maxlen: 20
5.44.42.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316775931 (0x12e19dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jun 12 14:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23ec6c0033bce1d6ee1591017af606318d499724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:f3:95:1a:cf:1b:b1:e4:8f:7c:18:e6:64:
1d:df:81:f6:69:06:be:d2:74:76:78:59:04:5a:36:
75:d9:a1:f0:da:63:be:33:db:85:21:ef:d5:5c:d5:
9c:bb:8f:c2:a1:fc:5d:4b:75:99:4d:a6:b9:df:4b:
e7:84:2c:5c:ff:da:1e:81:c9:c2:f5:4d:79:f7:2e:
52:da:c8:0d:d4:da:ac:16:b1:ad:3c:cd:de:b0:4c:
43:23:5f:f3:6a:66:3e:de:0d:b0:09:1b:5d:b3:0a:
57:ad:ae:65:d9:ae:a5:de:4b:8e:2d:af:fb:e3:f3:
d6:6b:1c:31:b4:af:b0:e7:0a:ad:d7:5d:29:33:8c:
6c:92:25:40:be:39:e9:d2:07:f5:a5:5c:35:52:f6:
ac:0b:b8:8e:b3:f2:d6:69:50:9c:61:61:24:03:15:
48:60:64:91:f6:30:75:4e:31:62:b9:2f:69:b0:29:
6c:01:db:68:38:7e:4b:79:6a:c5:c4:47:88:c2:6d:
94:85:fb:e5:d9:1b:a8:27:ad:c5:c9:2d:6f:08:13:
4e:2f:65:6a:d3:97:b4:14:35:04:dc:0e:c5:72:a9:
42:df:62:12:eb:80:48:04:5a:17:23:64:cc:77:7c:
c1:1b:8e:c7:a1:2a:70:32:0f:f5:a4:a9:bc:20:4b:
fc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EC:6C:00:33:BC:E1:D6:EE:15:91:01:7A:F6:06:31:8D:49:97:24
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/I-xsADO84dbuFZEBevYGMY1JlyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.0.0-31.129.29.255
31.129.31.0-31.129.47.255
Signature Algorithm: sha256WithRSAEncryption
78:69:b4:bd:e4:d3:c8:3d:ff:17:06:c6:38:b0:56:8d:67:be:
14:f0:2a:5c:0a:14:e0:a9:1e:b3:2d:b2:13:8c:c9:22:88:f5:
91:06:42:e3:1e:c0:42:be:a4:ea:fe:06:aa:b0:2e:ab:ac:17:
3c:7b:06:fa:63:cd:b2:04:20:82:60:41:26:34:38:55:f0:17:
f5:5b:00:28:ef:7d:08:ac:a4:a1:75:f0:64:88:76:bd:0b:29:
51:ac:77:4c:8d:f4:8c:6b:2b:3c:ce:2c:1e:9e:b8:f9:03:51:
9a:03:18:94:a2:ec:c6:bd:f4:6b:cf:28:b2:48:db:c3:59:e0:
8d:e2:32:f5:6c:38:d7:e9:32:ed:d8:1a:03:47:6d:db:a6:c6:
d4:03:c7:54:48:88:e2:9a:1a:44:4c:64:6a:3c:d9:50:ff:18:
66:ce:83:a7:33:07:53:cc:eb:4d:1e:66:85:d0:82:89:06:df:
45:92:d0:9f:1a:a5:90:bc:32:98:69:94:c1:b6:f0:3f:7c:e1:
a7:de:1f:17:0b:78:e9:3a:86:fa:9d:e4:3c:ee:a2:88:4f:88:
9f:32:46:3a:c9:fd:de:a2:1e:3e:62:33:11:d0:99:00:c9:bd:
3f:84:ff:2e:9b:63:13:70:db:ab:28:87:23:de:15:f6:47:1a:
88:59:37:bd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEuGd+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDYx
MjE0MDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNlYzZjMDAzM2Jj
ZTFkNmVlMTU5MTAxN2FmNjA2MzE4ZDQ5OTcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsS85Uazxux5I98GOZkHd+B9mkGvtJ0dnhZBFo2ddmh8Npj
vjPbhSHv1VzVnLuPwqH8XUt1mU2mud9L54QsXP/aHoHJwvVNefcuUtrIDdTarBax
rTzN3rBMQyNf82pmPt4NsAkbXbMKV62uZdmupd5Lji2v++Pz1mscMbSvsOcKrddd
KTOMbJIlQL456dIH9aVcNVL2rAu4jrPy1mlQnGFhJAMVSGBkkfYwdU4xYrkvabAp
bAHbaDh+S3lqxcRHiMJtlIX75dkbqCetxcktbwgTTi9latOXtBQ1BNwOxXKpQt9i
EuuASARaFyNkzHd8wRuOx6EqcDIP9aSpvCBL/L8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQj7GwAM7zh1u4VkQF69gYxjUmXJDAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L0kteHNBRE84NGRidUZaRUJldllHTVkxSmx5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwJwQCAAEwIQMEAAUsKjALAwMAH4EDBAEfgRwwDAME
AB+BHwMEBB+BIDANBgkqhkiG9w0BAQsFAAOCAQEAeGm0veTTyD3/FwbGOLBWjWe+
FPAqXAoU4Kkesy2yE4zJIoj1kQZC4x7AQr6k6v4GqrAuq6wXPHsG+mPNsgQggmBB
JjQ4VfAX9VsAKO99CKykoXXwZIh2vQspUax3TI30jGsrPM4sHp64+QNRmgMYlKLs
xr30a88oskjbw1ngjeIy9Ww41+ky7dgaA0dt26bG1APHVEiI4poaRExkajzZUP8Y
Zs6DpzMHU8zrTR5mhdCCiQbfRZLQnxqlkLwymGmUwbbwP3zhp94fFwt46TqG+p3k
PO6iiE+InzJGOsn93qIePmIzEdCZAMm9P4T/LptjE3DbqyiHI94V9kcaiFk3vQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org