Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fniTFQ-rxzL1tSwJn1y1IlJg258.roa
File: fniTFQ-rxzL1tSwJn1y1IlJg258.roa (raw, json)
Hash identifier: 82Sjw86QgpCNi1pk5BxqhLsVpMCcXbpSsZrEowLGl7U=
Subject key identifier: 7E:78:93:15:0F:AB:C7:32:F5:B5:2C:09:9F:5C:B5:22:52:60:DB:9F
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018852C3442CD8BE82AC5301A8EC1ADA8981
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fniTFQ-rxzL1tSwJn1y1IlJg258.roa
Signing time: Thu 25 May 2023 11:55:08 +0000
ROA not before: Thu 25 May 2023 11:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202423
IP address blocks: 212.60.22.0/24 maxlen: 24
5.44.43.0/24 maxlen: 24
5.44.45.0/24 maxlen: 24
45.129.186.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
77.220.205.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
89.191.227.0/24 maxlen: 24
89.191.230.0/24 maxlen: 24
89.191.231.0/24 maxlen: 24
89.191.233.0/24 maxlen: 24
89.191.235.0/24 maxlen: 24
194.116.162.0/24 maxlen: 24
194.116.163.0/24 maxlen: 24
45.89.188.0/24 maxlen: 24
45.89.189.0/24 maxlen: 24
45.89.191.0/24 maxlen: 24
91.107.119.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:c3:44:2c:d8:be:82:ac:53:01:a8:ec:1a:da:89:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 25 11:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e7893150fabc732f5b52c099f5cb5225260db9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:ae:b4:61:d6:78:1f:43:9f:77:a8:50:ac:
42:3c:27:93:ab:07:af:bb:98:34:70:1f:9d:a9:1f:
b8:3e:8b:38:b6:c1:4c:de:88:5b:6b:98:f7:ed:f6:
66:eb:0f:72:fc:20:fe:1e:32:e8:86:92:1b:85:8f:
4d:e4:4e:7f:dd:16:68:5b:9a:73:b9:9a:d2:dd:df:
1c:a6:f2:e1:e3:1b:55:e1:3d:a6:46:b9:d8:49:68:
08:f6:c1:8d:58:62:fe:80:d8:24:d0:4a:a1:15:93:
d9:a3:52:83:73:11:37:eb:56:51:91:84:3e:9e:48:
04:5b:f0:4d:1f:c6:87:6c:b2:52:ff:c8:ae:34:bb:
46:d5:2d:1a:43:e9:14:1c:8e:68:e7:83:6d:0b:d2:
e2:da:6f:74:d3:48:d0:a6:d1:48:66:f2:24:b2:c4:
3b:10:c3:e3:6f:a4:7a:d4:c4:c2:5b:67:6b:96:16:
60:20:8b:1f:c3:d9:59:b3:a5:5e:e5:6b:cb:3a:22:
1e:de:02:ba:5b:4d:fe:d2:cc:3b:53:b1:0d:a3:79:
92:7d:da:5d:97:da:9b:27:1b:df:11:85:34:91:af:
bf:54:ae:6b:d7:eb:97:22:47:d9:ed:7f:73:f0:39:
f5:87:f8:e8:7e:60:00:0f:0c:d2:62:c8:10:88:a6:
1c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:78:93:15:0F:AB:C7:32:F5:B5:2C:09:9F:5C:B5:22:52:60:DB:9F
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fniTFQ-rxzL1tSwJn1y1IlJg258.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.43.0/24
5.44.45.0/24
45.89.188.0/23
45.89.191.0/24
45.129.186.0/24
77.220.205.0/24
89.191.225.0/24
89.191.227.0/24
89.191.230.0/23
89.191.233.0/24
89.191.235.0/24
91.107.119.0/24
92.118.113.0/24
185.247.185.0/24
194.116.162.0/23
212.60.22.0/24
Signature Algorithm: sha256WithRSAEncryption
84:09:47:85:93:90:e5:f9:15:84:68:5d:6a:69:3b:c2:51:c3:
32:a1:8c:ad:d9:d3:17:86:a7:25:76:1a:10:70:26:f6:2a:b7:
e6:46:f3:f8:e7:73:95:3e:55:a1:cc:5d:03:64:62:8b:ec:5f:
25:8a:72:2f:84:9b:f2:be:d3:1a:ff:de:2d:fe:31:6b:39:45:
0f:68:5d:87:8c:2c:8c:c7:f3:c9:b5:65:b1:7a:f5:87:60:33:
7d:24:04:77:10:01:23:8e:9c:de:18:18:fa:26:b5:a6:ac:29:
96:17:de:bb:1b:e7:df:ac:eb:d2:84:d9:1d:e3:cc:b3:a7:30:
9b:69:e7:b6:96:d5:1c:5e:f7:0f:a4:f2:bb:d0:1a:03:cc:3e:
9c:e2:c7:cb:1f:31:5a:df:de:e4:44:6d:5b:6d:e7:15:4c:56:
ed:fb:6f:11:b2:6a:08:3d:1a:f0:0e:54:4b:fe:57:0c:13:8d:
83:25:db:8e:25:32:75:16:8f:e8:e2:ac:e6:d1:79:38:01:1b:
56:dc:42:8c:01:a4:df:2d:0e:6a:77:38:7a:26:b7:43:2d:8a:
73:5c:05:02:0c:e0:69:25:f5:31:0f:f5:c6:a2:33:0e:dd:58:
b9:22:98:b1:a2:c6:9e:fe:a1:3e:0b:ac:23:ee:6e:3f:cb:9f:
5e:3c:04:de
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYhSw0Qs2L6CrFMBqOwa2omBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNTI1MTE1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTc4OTMxNTBmYWJjNzMyZjViNTJjMDk5ZjVjYjUyMjUyNjBkYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNiutGHWeB9Dn3eoUKxCPCeTqwev
u5g0cB+dqR+4Pos4tsFM3ohba5j37fZm6w9y/CD+HjLohpIbhY9N5E5/3RZoW5pz
uZrS3d8cpvLh4xtV4T2mRrnYSWgI9sGNWGL+gNgk0EqhFZPZo1KDcxE361ZRkYQ+
nkgEW/BNH8aHbLJS/8iuNLtG1S0aQ+kUHI5o54NtC9Li2m9000jQptFIZvIkssQ7
EMPjb6R61MTCW2drlhZgIIsfw9lZs6Ve5WvLOiIe3gK6W03+0sw7U7ENo3mSfdpd
l9qbJxvfEYU0ka+/VK5r1+uXIkfZ7X9z8Dn1h/jofmAADwzSYsgQiKYcxwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFH54kxUPq8cy9bUsCZ9ctSJSYNufMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvZm5pVEZRLXJ4ekwxdFN3Sm4xeTFJbEpnMjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABSwrAwQA
BSwtAwQBLVm8AwQALVm/AwQALYG6AwQATdzNAwQAWb/hAwQAWb/jAwQBWb/mAwQA
Wb/pAwQAWb/rAwQAW2t3AwQAXHZxAwQAufe5AwQBwnSiAwQA1DwWMA0GCSqGSIb3
DQEBCwUAA4IBAQCECUeFk5Dl+RWEaF1qaTvCUcMyoYyt2dMXhqcldhoQcCb2Krfm
RvP453OVPlWhzF0DZGKL7F8linIvhJvyvtMa/94t/jFrOUUPaF2HjCyMx/PJtWWx
evWHYDN9JAR3EAEjjpzeGBj6JrWmrCmWF967G+ffrOvShNkd48yzpzCbaee2ltUc
XvcPpPK70BoDzD6c4sfLHzFa397kRG1bbecVTFbt+28RsmoIPRrwDlRL/lcME42D
JduOJTJ1Fo/o4qzm0Xk4ARtW3EKMAaTfLQ5qdzh6JrdDLYpzXAUCDOBpJfUxD/XG
ojMO3Vi5Ipixosae/qE+C6wj7m4/y59ePATe
-----END CERTIFICATE-----
Generated at Fri Jul 28 13:37:22 2023 by rpki-client on console-fra.rpki-client.org