Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j4t-UDHHv0auJ4dV2AnaS1s05HI.roa
File: j4t-UDHHv0auJ4dV2AnaS1s05HI.roa (raw, json)
Hash identifier: w1UaLy+h5kNnVe0K8iqP9raUZ8zxRsoalJ/IcMvRL/4=
Subject key identifier: 8F:8B:7E:50:31:C7:BF:46:AE:27:87:55:D8:09:DA:4B:5B:34:E4:72
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01864EEEB074BBB84CBADBBB8052C8466C77
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j4t-UDHHv0auJ4dV2AnaS1s05HI.roa
Signing time: Tue 14 Feb 2023 07:58:30 +0000
ROA not before: Tue 14 Feb 2023 07:58:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 31.129.22.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.80.128.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:ee:b0:74:bb:b8:4c:ba:db:bb:80:52:c8:46:6c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 14 07:58:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f8b7e5031c7bf46ae278755d809da4b5b34e472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7f:c3:18:bd:5a:d0:1d:fc:bc:19:d0:18:a7:
d4:ab:26:1a:cb:9b:b9:3e:69:9d:ba:32:88:81:77:
65:18:b5:c0:dd:5b:19:62:a3:25:3b:9b:ef:ed:27:
44:7a:40:06:99:1a:15:3a:f8:b1:82:66:ef:cb:89:
e0:b4:ec:de:26:e6:82:ad:51:39:86:89:ef:87:d4:
09:62:88:61:7d:a6:5e:5b:25:a7:f5:20:5d:22:63:
37:e9:a3:7c:12:21:00:1b:15:0f:b5:d5:21:14:c8:
ab:fb:94:bc:c5:d3:5c:6a:6a:05:c3:5d:d7:38:ec:
be:87:99:28:04:f0:63:9c:fd:de:27:3c:3e:39:76:
59:a1:87:9b:b5:7c:4b:81:03:3c:80:48:27:ab:e6:
fd:90:7f:37:cc:d2:2b:db:48:0f:02:ce:05:8c:cd:
62:cf:c7:a3:ec:8d:74:c9:e3:33:8a:79:42:a1:3b:
43:37:f0:42:76:2d:45:17:cc:5a:9e:ab:c5:b3:35:
a6:9f:ad:59:08:61:55:a3:ce:06:0b:cb:5b:a0:b3:
ca:4c:29:01:f6:db:4a:67:22:e2:24:82:5f:c8:86:
d6:56:5b:cb:0a:58:79:b4:b3:de:e5:da:0b:cc:da:
ae:2a:90:b7:2a:ad:27:0b:b3:4a:bd:81:b8:ea:c3:
56:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8B:7E:50:31:C7:BF:46:AE:27:87:55:D8:09:DA:4B:5B:34:E4:72
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j4t-UDHHv0auJ4dV2AnaS1s05HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.22.0/24
45.80.128.0/24
45.129.184.0/24
141.98.234.0/24
195.80.48.0/23
Signature Algorithm: sha256WithRSAEncryption
66:aa:aa:79:6b:51:23:0d:db:00:6a:30:a0:22:01:b2:8a:5d:
3a:16:98:7f:1b:d6:cb:e4:59:f7:c4:20:92:bc:0e:e5:71:4e:
d3:ad:dc:7a:5d:54:e5:b4:e1:1a:21:12:be:de:ad:76:48:72:
a5:7a:8d:7c:88:57:02:0e:65:f7:be:a8:8f:2e:b7:c5:8e:bd:
3e:41:a1:0f:1a:50:22:4f:63:a0:bb:96:00:9a:13:f0:04:e4:
f8:87:60:49:14:29:14:17:e8:23:84:46:d9:29:71:bb:b3:29:
18:9f:aa:62:44:03:09:0f:f7:54:e8:e2:d6:4f:b2:e4:92:76:
e7:00:3e:c1:11:b5:11:74:dc:2f:03:e3:31:e8:ad:1f:05:87:
af:15:87:62:04:06:48:86:1e:b2:e8:30:a1:0f:cc:34:16:c4:
5a:1c:68:75:18:2a:ff:8c:5e:89:8e:4d:89:13:8c:e9:ab:5e:
86:b5:f3:27:88:c6:d2:69:08:72:80:bf:89:8d:b2:ba:64:ec:
a3:f3:e7:12:c0:7f:fc:4c:34:6c:4d:72:4c:e2:97:d3:a1:8c:
62:38:45:79:dd:89:67:0d:89:0b:82:4d:1d:7e:40:54:29:a0:
24:b5:dd:56:ce:d1:59:c6:fa:f0:c8:2f:eb:ad:57:2b:cd:09:
ba:76:db:f4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZO7rB0u7hMutu7gFLIRmx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjE0MDc1ODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjhiN2U1MDMxYzdiZjQ2YWUyNzg3NTVkODA5ZGE0YjViMzRlNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH/DGL1a0B38vBnQGKfUqyYay5u5
PmmdujKIgXdlGLXA3VsZYqMlO5vv7SdEekAGmRoVOvixgmbvy4ngtOzeJuaCrVE5
honvh9QJYohhfaZeWyWn9SBdImM36aN8EiEAGxUPtdUhFMir+5S8xdNcamoFw13X
OOy+h5koBPBjnP3eJzw+OXZZoYebtXxLgQM8gEgnq+b9kH83zNIr20gPAs4FjM1i
z8ej7I10yeMzinlCoTtDN/BCdi1FF8xanqvFszWmn61ZCGFVo84GC8tboLPKTCkB
9ttKZyLiJIJfyIbWVlvLClh5tLPe5doLzNquKpC3Kq0nC7NKvYG46sNWZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI+LflAxx79GrieHVdgJ2ktbNORyMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvajR0LVVESEh2MGF1SjRkVjJBbmFTMXMwNUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABSwqAwQA
H4EWAwQALVCAAwQALYG4AwQAjWLqAwQBw1AwMA0GCSqGSIb3DQEBCwUAA4IBAQBm
qqp5a1EjDdsAajCgIgGyil06Fph/G9bL5Fn3xCCSvA7lcU7Trdx6XVTltOEaIRK+
3q12SHKleo18iFcCDmX3vqiPLrfFjr0+QaEPGlAiT2Ogu5YAmhPwBOT4h2BJFCkU
F+gjhEbZKXG7sykYn6piRAMJD/dU6OLWT7LkknbnAD7BEbURdNwvA+Mx6K0fBYev
FYdiBAZIhh6y6DChD8w0FsRaHGh1GCr/jF6Jjk2JE4zpq16GtfMniMbSaQhygL+J
jbK6ZOyj8+cSwH/8TDRsTXJM4pfToYxiOEV53YlnDYkLgk0dfkBUKaAktd1WztFZ
xvrwyC/rrVcrzQm6dtv0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org