Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Vwb7V-WQriqhNOtnhvxfJSUWCUc.roa
File: Vwb7V-WQriqhNOtnhvxfJSUWCUc.roa (raw, json)
Hash identifier: 06W+AVgRshNdjEhpGeUlbumhvbSXCJMMNDMOEqvMdug=
Subject key identifier: 57:06:FB:57:E5:90:AE:2A:A1:34:EB:67:86:FC:5F:25:25:16:09:47
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018728B3DDFAC62AA72E1CE5A55135A7F33C
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Vwb7V-WQriqhNOtnhvxfJSUWCUc.roa
Signing time: Tue 28 Mar 2023 14:51:29 +0000
ROA not before: Tue 28 Mar 2023 14:51:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
85.92.108.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:b3:dd:fa:c6:2a:a7:2e:1c:e5:a5:51:35:a7:f3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 28 14:51:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5706fb57e590ae2aa134eb6786fc5f2525160947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:69:fb:4e:80:44:5f:c5:25:61:e0:1f:37:d8:
86:47:88:94:2b:0a:72:6d:a4:bf:1d:05:0c:af:4a:
b7:b1:65:f7:5f:88:9c:3c:42:d5:7a:ae:d2:5b:cf:
40:4a:8b:ad:2b:97:8a:12:05:ee:be:be:d8:87:7d:
ff:b5:1d:34:d8:f1:5c:70:fe:e5:14:f1:1e:74:b1:
51:04:ed:a8:a9:6f:02:52:6a:b6:50:6d:f2:3d:81:
4d:db:ff:b8:b2:62:ec:52:1f:fc:05:28:bb:74:c5:
60:56:98:4e:ea:82:97:61:6e:37:ed:d7:26:73:2c:
e9:71:09:56:77:88:70:02:9b:9e:a1:a2:2d:88:20:
b1:6d:d1:2e:45:1b:25:d9:5f:54:5c:2b:fb:a4:0e:
42:29:11:d5:12:e7:34:81:fd:45:74:22:b7:ed:a3:
e3:dd:b0:7b:fa:b8:8a:03:43:4b:ec:b8:2a:ff:14:
10:d8:93:1a:6c:59:f6:8a:63:65:c0:bd:a0:ae:fa:
1f:87:80:38:13:84:98:f6:6b:91:6f:a1:45:1c:2f:
6f:15:b6:fa:da:93:26:76:05:73:9a:32:00:a3:7e:
f0:e6:bc:ed:54:71:c1:29:26:59:26:12:c9:36:ff:
3a:4a:a7:0d:a3:b3:a5:0f:95:96:c8:52:df:1b:77:
69:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:06:FB:57:E5:90:AE:2A:A1:34:EB:67:86:FC:5F:25:25:16:09:47
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Vwb7V-WQriqhNOtnhvxfJSUWCUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.80.129.0-45.80.131.255
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
85.92.108.0/24
94.198.216.0-94.198.221.255
109.236.58.0/24
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
50:39:c8:3f:50:a2:6d:43:a7:22:09:df:d5:28:1d:5a:91:32:
5a:0d:fe:5f:26:97:8c:58:b9:d7:3b:f0:54:0e:1d:de:00:5b:
43:83:91:36:ab:fc:ba:f4:55:38:24:6f:bc:07:03:fa:51:12:
31:cf:9a:34:f3:5b:a4:da:19:33:12:df:03:0c:f0:af:2c:12:
8b:10:73:5a:13:e0:16:fb:ba:47:a6:40:a3:f1:85:3d:5d:8e:
1d:90:39:23:30:9e:e5:83:d0:4e:9d:0a:38:e1:fc:d4:c7:41:
3e:42:c1:86:40:94:14:4a:c5:9c:07:5a:8b:bd:01:82:94:d7:
ee:1d:35:6a:e3:6a:fb:ba:77:c1:0c:ad:63:09:f0:1e:8f:ae:
1f:5d:26:3c:2a:9d:2d:ea:58:67:6a:3e:60:57:f3:74:cd:de:
f8:a0:0b:2b:cc:81:5b:15:fa:fe:f9:88:88:7b:cc:9a:a2:ce:
77:9f:56:2f:cd:4f:be:59:a5:7d:3d:ba:9f:36:aa:92:43:04:
9b:45:2b:07:b7:a7:2d:39:56:d5:04:2c:ce:23:71:5a:b5:50:
6d:25:cd:44:ee:7c:c4:c9:a1:d6:d5:56:09:e4:ca:6d:4b:0a:
dc:d8:04:aa:e5:2d:16:33:77:28:5c:cc:51:0a:a0:ab:96:c7:
5a:9c:eb:15
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYcos936xiqnLhzlpVE1p/M8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzI4MTQ1MTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzA2ZmI1N2U1OTBhZTJhYTEzNGViNjc4NmZjNWYyNTI1MTYwOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Gn7ToBEX8UlYeAfN9iGR4iUKwpy
baS/HQUMr0q3sWX3X4icPELVeq7SW89ASoutK5eKEgXuvr7Yh33/tR002PFccP7l
FPEedLFRBO2oqW8CUmq2UG3yPYFN2/+4smLsUh/8BSi7dMVgVphO6oKXYW437dcm
cyzpcQlWd4hwApueoaItiCCxbdEuRRsl2V9UXCv7pA5CKRHVEuc0gf1FdCK37aPj
3bB7+riKA0NL7Lgq/xQQ2JMabFn2imNlwL2grvofh4A4E4SY9muRb6FFHC9vFbb6
2pMmdgVzmjIAo37w5rztVHHBKSZZJhLJNv86SqcNo7OlD5WWyFLfG3dpBQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFFcG+1flkK4qoTTrZ4b8XyUlFglHMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvVndiN1YtV1FyaXFoTk90bmh2eGZKU1VXQ1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTCBigQCAAEwgYMwCwMD
AB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FAwDAMEAC1QgQMEAi1Q
gAMEAC4QDAMEAS4QDgMEAi4TQDAMAwQEUciQAwQBUcicAwQAVVxsMAwDBANextgD
BAFextwDBABt7DowDAMEAI1i6QMEAI1i6gMEAbmmxDANBgkqhkiG9w0BAQsFAAOC
AQEAUDnIP1CibUOnIgnf1SgdWpEyWg3+XyaXjFi51zvwVA4d3gBbQ4ORNqv8uvRV
OCRvvAcD+lESMc+aNPNbpNoZMxLfAwzwrywSixBzWhPgFvu6R6ZAo/GFPV2OHZA5
IzCe5YPQTp0KOOH81MdBPkLBhkCUFErFnAdai70BgpTX7h01auNq+7p3wQytYwnw
Ho+uH10mPCqdLepYZ2o+YFfzdM3e+KALK8yBWxX6/vmIiHvMmqLOd59WL81Pvlml
fT26nzaqkkMEm0UrB7enLTlW1QQsziNxWrVQbSXNRO58xMmh1tVWCeTKbUsK3NgE
quUtFjN3KFzMUQqgq5bHWpzrFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org