Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j5JQ3Uvv9CGnPKAY6e-xZotf87k.roa
File: j5JQ3Uvv9CGnPKAY6e-xZotf87k.roa (raw, json)
Hash identifier: YXIXTL9H+7YqmgXaE+75WcmIWsZCvQV/vwBiU2I5VvA=
Subject key identifier: 8F:92:50:DD:4B:EF:F4:21:A7:3C:A0:18:E9:EF:B1:66:8B:5F:F3:B9
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185A10960F53D232C2B07B4FEB12C7066A9
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j5JQ3Uvv9CGnPKAY6e-xZotf87k.roa
Signing time: Wed 11 Jan 2023 13:33:44 +0000
ROA not before: Wed 11 Jan 2023 13:33:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
91.107.124.0/23 maxlen: 23
37.220.80.0/22 maxlen: 22
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
91.107.127.0/24 maxlen: 24
194.5.93.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
45.129.187.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:09:60:f5:3d:23:2c:2b:07:b4:fe:b1:2c:70:66:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 11 13:33:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f9250dd4beff421a73ca018e9efb1668b5ff3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:1d:0c:32:55:56:6a:70:72:ea:29:91:c7:
83:26:bc:03:69:7e:81:a9:d0:11:c3:eb:a5:dd:50:
7d:98:d6:38:f0:5c:88:99:2a:69:76:32:db:04:aa:
ef:f4:39:62:72:11:d5:6f:14:2d:47:fa:55:c1:e3:
27:c0:d5:2b:54:a1:24:44:53:a6:f9:ea:28:47:a6:
ec:d2:03:1a:1a:c2:a4:28:de:2b:44:84:6a:be:f4:
f3:f0:79:36:c1:95:43:6c:a4:e2:b8:91:14:1f:9a:
da:f3:cf:3b:7c:4e:96:69:9d:b0:74:6c:3c:b3:b4:
51:11:5c:2b:80:6c:59:a5:17:06:3d:eb:2c:da:76:
32:9c:14:e8:1d:be:aa:32:61:a5:28:db:59:b3:6c:
5b:3c:cd:58:01:68:60:f0:0b:80:96:2f:39:36:2e:
20:17:ca:df:44:86:95:13:3c:cd:2f:8f:9f:bd:fc:
64:11:57:4d:2a:94:c5:55:c8:b1:19:8d:f5:6c:e2:
d2:e0:9e:10:18:9e:52:88:f3:57:7e:2d:cb:aa:5a:
85:5c:c2:3b:f0:5d:d6:d6:eb:0c:a1:4c:9d:19:5f:
e6:20:da:23:56:65:ca:dc:93:8e:2b:4e:52:82:27:
ab:53:29:2f:8d:4a:b4:5d:e2:d1:ab:b5:f9:9a:fc:
d3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:92:50:DD:4B:EF:F4:21:A7:3C:A0:18:E9:EF:B1:66:8B:5F:F3:B9
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/j5JQ3Uvv9CGnPKAY6e-xZotf87k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
31.129.0.0-31.129.21.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.187.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
91.107.124.0/23
91.107.127.0/24
94.198.216.0-94.198.221.255
109.236.56.0/23
141.98.233.0-141.98.234.255
185.166.196.0/23
194.5.93.0/24
194.28.192.0/24
194.31.173.0-194.31.174.255
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d2:47:b4:09:e5:b9:d9:74:aa:60:6e:f9:ef:24:85:ed:fa:
d4:09:8d:8a:09:a4:18:73:6d:ff:02:0f:d9:ef:0e:72:ae:06:
ae:bd:5d:b6:97:9f:7c:f0:a0:67:14:e4:ea:b3:75:c3:70:f5:
25:2b:4b:bc:6a:f0:f4:2f:7d:19:e4:51:e3:1b:5a:40:25:92:
28:6e:df:e1:d6:c8:00:ba:fd:20:7b:ee:99:19:d8:d9:f8:30:
ae:b4:47:f9:9e:8b:05:46:b7:5b:69:ea:18:3e:c1:14:36:ca:
ce:3e:23:59:d5:1c:4f:22:43:fc:98:bc:b5:58:86:30:af:55:
a6:cc:97:4d:a3:17:ed:27:3c:9d:0d:09:af:59:b3:aa:bc:98:
a1:1d:98:f8:10:c6:f9:8c:c6:01:91:09:f6:ef:b6:c7:2b:db:
1a:04:54:cb:10:3d:87:47:b5:dc:e2:82:a6:40:52:2d:ce:8e:
ab:32:46:20:94:ae:e3:3b:ab:08:38:fb:fb:59:b8:f4:6e:83:
48:4e:0b:a1:05:62:b4:2e:c8:ef:83:3f:46:fd:88:cc:25:22:
55:c9:74:1a:ca:68:c6:68:6a:b1:37:88:97:fa:77:65:4c:4d:
43:85:96:24:be:16:c7:75:e6:fe:37:b4:4c:8f:20:86:df:87:
2b:e7:2e:d1
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgISAYWhCWD1PSMsKwe0/rEscGapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTExMTMzMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjkyNTBkZDRiZWZmNDIxYTczY2EwMThlOWVmYjE2NjhiNWZmM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/0dDDJVVmpwcuopkceDJrwDaX6B
qdARw+ul3VB9mNY48FyImSppdjLbBKrv9DlichHVbxQtR/pVweMnwNUrVKEkRFOm
+eooR6bs0gMaGsKkKN4rRIRqvvTz8Hk2wZVDbKTiuJEUH5ra8887fE6WaZ2wdGw8
s7RREVwrgGxZpRcGPess2nYynBToHb6qMmGlKNtZs2xbPM1YAWhg8AuAli85Ni4g
F8rfRIaVEzzNL4+fvfxkEVdNKpTFVcixGY31bOLS4J4QGJ5SiPNXfi3LqlqFXMI7
8F3W1usMoUydGV/mINojVmXK3JOOK05SgierUykvjUq0XeLRq7X5mvzToQIDAQAB
o4IC2zCCAtcwHQYDVR0OBBYEFI+SUN1L7/QhpzygGOnvsWaLX/O5MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvajVKUTNVdnY5Q0duUEtBWTZlLXhab3RmODdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHwBggrBgEFBQcBBwEB/wSB4DCB3TCB2gQCAAEwgdMDBAEF
LC4wCwMDAB+BAwQBH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FADBAAtQnUD
BAAtQncwDAMEAC1QgQMEAi1QgAMEAC2BuwMEAC4QDAMEAS4QDgMEAi4TQDAMAwQE
UciQAwQBUcicAwQAVVxtAwQAWb/oAwQAW2t0AwQBW2t8AwQAW2t/MAwDBANextgD
BAFextwDBAFt7DgwDAMEAI1i6QMEAI1i6gMEAbmmxAMEAMIFXQMEAMIcwDAMAwQA
wh+tAwQAwh+uAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQCC0ke0CeW52XSqYG75
7ySF7frUCY2KCaQYc23/Ag/Z7w5yrgauvV22l5988KBnFOTqs3XDcPUlK0u8avD0
L30Z5FHjG1pAJZIobt/h1sgAuv0ge+6ZGdjZ+DCutEf5nosFRrdbaeoYPsEUNsrO
PiNZ1RxPIkP8mLy1WIYwr1WmzJdNoxftJzydDQmvWbOqvJihHZj4EMb5jMYBkQn2
77bHK9saBFTLED2HR7Xc4oKmQFItzo6rMkYglK7jO6sIOPv7Wbj0boNITguhBWK0
Lsjvgz9G/YjMJSJVyXQaymjGaGqxN4iX+ndlTE1DhZYkvhbHdeb+N7RMjyCG34cr
5y7R
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org