Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bIFLliAP3xTkC4WMhi8CMq2JTsk.roa
File: bIFLliAP3xTkC4WMhi8CMq2JTsk.roa (raw, json)
Hash identifier: O8OPNs+qzYQ+rl+ZZ8KOett0nQBnGLpUhk+Ss1+MeIQ=
Subject key identifier: 6C:81:4B:96:20:0F:DF:14:E4:0B:85:8C:86:2F:02:32:AD:89:4E:C9
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186EA298FA9750E1C982C96B37F6085CB9D
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bIFLliAP3xTkC4WMhi8CMq2JTsk.roa
Signing time: Thu 16 Mar 2023 11:23:57 +0000
ROA not before: Thu 16 Mar 2023 11:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:29:8f:a9:75:0e:1c:98:2c:96:b3:7f:60:85:cb:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 16 11:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c814b96200fdf14e40b858c862f0232ad894ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:81:9b:6a:a6:09:a4:85:87:76:f0:8a:66:6d:
83:a6:e1:27:7c:60:9d:57:e1:c5:e5:fc:f1:d7:ec:
51:0e:28:85:4d:6c:f9:84:9a:8b:84:56:a0:d1:36:
c2:da:9d:59:4c:a7:bf:4d:c3:9f:8f:b4:27:d7:d3:
99:f5:20:ec:c3:8d:fd:b7:9a:4a:98:c5:0a:e2:2a:
b7:04:f5:c8:6f:36:26:fa:69:69:fd:8c:c6:9d:dd:
50:ae:26:16:9b:38:43:2f:f1:58:b5:e5:c8:6b:c0:
36:69:86:fd:f5:88:d2:54:45:f5:59:81:ba:45:9e:
f4:e0:a3:b3:98:52:00:24:72:2b:ee:d5:9f:3a:25:
54:fb:eb:c5:7f:40:f2:46:ea:03:e0:dd:09:37:00:
26:a0:2a:bb:27:ec:9d:12:c7:e5:fe:6b:8f:f7:60:
95:d0:86:a4:44:57:2b:6f:83:55:07:b8:65:be:d2:
63:68:77:4d:a9:1b:d3:d7:95:28:bd:0f:d5:05:a1:
ea:cd:71:a5:93:73:d3:5e:d3:e4:bf:c9:7d:db:eb:
10:e8:f4:26:fb:d1:cb:18:db:1e:86:d1:b0:7f:62:
a1:2e:0c:30:3e:96:71:6e:d2:50:99:df:dd:b0:54:
d3:05:7d:0c:01:dc:a4:64:7e:ad:5d:99:bc:d0:04:
31:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:81:4B:96:20:0F:DF:14:E4:0B:85:8C:86:2F:02:32:AD:89:4E:C9
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bIFLliAP3xTkC4WMhi8CMq2JTsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.80.129.0-45.80.131.255
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
109.236.58.0/24
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
47:08:17:32:54:70:37:ea:76:b4:dd:d1:c9:6e:ff:5e:15:06:
d0:23:a5:de:2d:4d:84:33:c2:21:3b:91:e0:7b:9a:36:f3:29:
c5:cd:f2:47:43:d5:c1:a8:a4:92:05:3e:02:d5:d1:a6:e0:cb:
de:59:cb:ca:db:4e:53:68:85:65:9f:42:59:16:9e:5d:d0:5e:
7c:17:49:3f:bd:ef:e8:27:03:61:71:c3:65:cb:83:bc:3f:d0:
e5:42:b3:4b:9e:08:a2:06:1a:cf:63:ca:4f:3f:26:37:d5:04:
21:bb:57:df:b8:9a:74:02:34:cd:46:8b:fa:3e:e9:f3:c0:e5:
9a:b1:16:47:6d:74:3c:c8:8a:c2:f7:5c:f0:1e:94:4c:b4:af:
0e:0b:0b:14:75:d9:94:18:ee:8c:1b:b4:6a:31:6c:bd:d6:b1:
33:06:bf:ef:ef:4d:f4:67:6f:92:ba:9d:6b:eb:d6:aa:67:13:
32:60:d7:42:5c:06:b0:f8:9f:2a:40:72:3a:e9:68:15:58:69:
ed:7b:ad:c5:0f:cf:44:91:5f:2e:5a:d5:4a:b9:3f:9f:25:79:
71:19:c4:48:7d:8d:1d:91:d7:d5:ec:d9:e0:f6:1f:d8:44:ff:
f2:17:eb:d5:4a:12:3f:7a:e6:7c:ad:6f:ca:0c:fe:e9:a6:71:
f8:54:8b:3a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYbqKY+pdQ4cmCyWs39ghcudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzE2MTEyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgxNGI5NjIwMGZkZjE0ZTQwYjg1OGM4NjJmMDIzMmFkODk0ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYGbaqYJpIWHdvCKZm2DpuEnfGCd
V+HF5fzx1+xRDiiFTWz5hJqLhFag0TbC2p1ZTKe/TcOfj7Qn19OZ9SDsw439t5pK
mMUK4iq3BPXIbzYm+mlp/YzGnd1QriYWmzhDL/FYteXIa8A2aYb99YjSVEX1WYG6
RZ704KOzmFIAJHIr7tWfOiVU++vFf0DyRuoD4N0JNwAmoCq7J+ydEsfl/muP92CV
0IakRFcrb4NVB7hlvtJjaHdNqRvT15UovQ/VBaHqzXGlk3PTXtPkv8l92+sQ6PQm
+9HLGNsehtGwf2KhLgwwPpZxbtJQmd/dsFTTBX0MAdykZH6tXZm80AQx+QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGyBS5YgD98U5AuFjIYvAjKtiU7JMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvYklGTGxpQVAzeFRrQzRXTWhpOENNcTJKVHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQCAAEwfTALAwMA
H4EDBAAfgRQwDAMEAB+BFwMEAR+BHAMEAB+BHwMEAiXcUDAMAwQALVCBAwQCLVCA
AwQALhAMAwQBLhAOAwQCLhNAMAwDBARRyJADBAFRyJwwDAMEA17G2AMEAV7G3AME
AG3sOjAMAwQAjWLpAwQAjWLqAwQBuabEMA0GCSqGSIb3DQEBCwUAA4IBAQBHCBcy
VHA36na03dHJbv9eFQbQI6XeLU2EM8IhO5Hge5o28ynFzfJHQ9XBqKSSBT4C1dGm
4MveWcvK205TaIVln0JZFp5d0F58F0k/ve/oJwNhccNly4O8P9DlQrNLngiiBhrP
Y8pPPyY31QQhu1ffuJp0AjTNRov6PunzwOWasRZHbXQ8yIrC91zwHpRMtK8OCwsU
ddmUGO6MG7RqMWy91rEzBr/v7030Z2+Sup1r69aqZxMyYNdCXAaw+J8qQHI66WgV
WGnte63FD89EkV8uWtVKuT+fJXlxGcRIfY0dkdfV7Nng9h/YRP/yF+vVShI/euZ8
rW/KDP7ppnH4VIs6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org