Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fppkYOalDxD8WMReA7AbziRwDBI.roa
File: fppkYOalDxD8WMReA7AbziRwDBI.roa (raw, json)
Hash identifier: cklvfNao2if0+BeEBwAVtJlgG6mogwkgJBFHxB48+zU=
Subject key identifier: 7E:9A:64:60:E6:A5:0F:10:FC:58:C4:5E:03:B0:1B:CE:24:70:0C:12
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01856E2FBCB3F749451DACC0347330CFB93F
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fppkYOalDxD8WMReA7AbziRwDBI.roa
Signing time: Sun 01 Jan 2023 16:35:00 +0000
ROA not before: Sun 01 Jan 2023 16:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
91.107.124.0/23 maxlen: 23
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
91.107.127.0/24 maxlen: 24
194.5.92.0/24 maxlen: 24
194.5.93.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.58.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:bc:b3:f7:49:45:1d:ac:c0:34:73:30:cf:b9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 16:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e9a6460e6a50f10fc58c45e03b01bce24700c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:df:77:fd:30:cc:aa:b5:dd:d5:4d:7f:ec:8b:
5d:6b:cc:15:b0:ca:8a:ce:96:c7:e6:ed:dc:c3:6f:
d7:09:6e:88:24:f5:6f:0e:b2:41:16:10:47:27:83:
79:6d:5a:8e:0b:d6:17:1d:73:d8:57:8c:f1:8e:24:
a2:e6:4b:89:a8:c9:df:fe:42:b6:dd:c9:01:16:1f:
03:02:35:1e:89:65:25:40:37:89:7b:8a:a4:b3:65:
33:68:70:d0:16:bf:14:bc:c2:dd:75:6e:7e:aa:ad:
eb:12:7f:1b:20:ee:e7:82:c8:36:ef:fa:a0:21:3e:
d2:52:ee:0e:7a:8c:cc:57:63:14:7c:84:80:55:0b:
5f:b0:cb:73:6a:d7:8c:b4:b2:4c:da:28:df:53:8b:
27:b2:c9:8f:b3:aa:4f:1b:1a:8b:c8:b0:88:bd:21:
a8:86:65:58:5b:9a:b2:bd:90:5a:89:2f:87:bb:c1:
d5:07:c5:c9:17:4d:f7:9a:45:d0:35:0b:e5:90:a0:
49:b3:03:92:09:8e:25:51:ad:ed:ec:a0:7d:72:b6:
59:6a:f0:48:41:7a:e8:6c:15:a6:34:3e:00:c0:45:
62:91:71:30:b9:6d:26:07:09:f3:89:ab:96:d8:1f:
55:a8:d3:3e:e9:f1:65:42:37:d2:d0:79:0b:fe:32:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9A:64:60:E6:A5:0F:10:FC:58:C4:5E:03:B0:1B:CE:24:70:0C:12
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fppkYOalDxD8WMReA7AbziRwDBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
5.44.46.0/23
45.8.97.0-45.8.98.255
45.66.116.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.185.0/24
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
91.107.124.0/23
91.107.127.0/24
91.200.84.0/24
92.118.114.0/23
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
194.5.92.0/23
194.28.192.0/24
194.31.173.0-194.31.174.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:12:78:4d:46:fa:19:99:4c:61:24:62:d8:b8:fe:c9:37:25:
28:e5:c9:a0:13:3e:3b:d2:29:38:03:17:35:f8:75:29:c1:a6:
8e:21:72:d0:b7:a9:18:b9:c5:02:95:51:c9:31:1f:40:39:c8:
44:1e:0e:ce:fd:3c:f2:62:55:2f:79:b8:f6:f6:75:eb:6c:7c:
24:b4:85:eb:20:2f:2e:84:7e:52:41:5d:f3:69:d9:75:77:56:
dd:b1:a5:78:9d:7d:fd:32:b7:74:af:c6:6c:83:cb:46:9e:82:
49:75:1f:de:d2:0c:35:82:81:8d:58:d0:06:b5:dc:51:6a:06:
1d:c4:ac:f1:c9:a8:92:e6:83:51:6a:14:36:6b:5b:da:f6:f1:
33:0e:91:75:01:cb:6f:56:36:45:99:db:1c:3f:8c:37:4a:24:
77:00:54:7b:7f:a4:52:e5:84:3b:86:90:5e:a6:3b:06:2b:58:
94:26:18:8a:22:5f:82:46:ed:eb:1f:82:5f:7d:0f:1a:97:f0:
05:b8:79:37:21:b9:02:e9:12:be:b6:22:ab:c3:24:87:0e:ff:
4d:4c:97:96:17:be:25:17:64:51:b7:72:ce:99:52:4c:97:2b:
e9:5a:80:47:3c:c3:0e:b5:24:36:62:9b:42:26:a6:98:25:b9:
d9:43:83:e2
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYVuL7yz90lFHazANHMwz7k/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTlhNjQ2MGU2YTUwZjEwZmM1OGM0NWUwM2IwMWJjZTI0NzAwYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd93/TDMqrXd1U1/7Itda8wVsMqK
zpbH5u3cw2/XCW6IJPVvDrJBFhBHJ4N5bVqOC9YXHXPYV4zxjiSi5kuJqMnf/kK2
3ckBFh8DAjUeiWUlQDeJe4qks2UzaHDQFr8UvMLddW5+qq3rEn8bIO7ngsg27/qg
IT7SUu4OeozMV2MUfISAVQtfsMtzateMtLJM2ijfU4snssmPs6pPGxqLyLCIvSGo
hmVYW5qyvZBaiS+Hu8HVB8XJF033mkXQNQvlkKBJswOSCY4lUa3t7KB9crZZavBI
QXrobBWmND4AwEVikXEwuW0mBwnziauW2B9VqNM+6fFlQjfS0HkL/jJvnQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFH6aZGDmpQ8Q/FjEXgOwG84kcAwSMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvZnBwa1lPYWxEeEQ4V01SZUE3QWJ6aVJ3REJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAF
LCwDBAEFLC4wDAMEAC0IYQMEAC0IYgMEAC1CdAMEAC1CdzAMAwQALVCBAwQCLVCA
AwQALYG5AwQAVVxtAwQAWb/oAwQAW2t0AwQBW2t8AwQAW2t/AwQAW8hUAwQBXHZy
MAwDBANt7DgDBABt7DowDAMEAI1i6QMEAI1i6gMEAcIFXAMEAMIcwDAMAwQAwh+t
AwQAwh+uAwQBw1AyMA0GCSqGSIb3DQEBCwUAA4IBAQCbEnhNRvoZmUxhJGLYuP7J
NyUo5cmgEz470ik4Axc1+HUpwaaOIXLQt6kYucUClVHJMR9AOchEHg7O/TzyYlUv
ebj29nXrbHwktIXrIC8uhH5SQV3zadl1d1bdsaV4nX39Mrd0r8Zsg8tGnoJJdR/e
0gw1goGNWNAGtdxRagYdxKzxyaiS5oNRahQ2a1va9vEzDpF1ActvVjZFmdscP4w3
SiR3AFR7f6RS5YQ7hpBepjsGK1iUJhiKIl+CRu3rH4JffQ8al/AFuHk3IbkC6RK+
tiKrwySHDv9NTJeWF74lF2RRt3LOmVJMlyvpWoBHPMMOtSQ2YptCJqaYJbnZQ4Pi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org