Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jUlzR8w7t5HyuCildndGGJxo1-8.roa
File: jUlzR8w7t5HyuCildndGGJxo1-8.roa (raw, json)
Hash identifier: vWejSP48lRpDY11ppxedL8IaQzmrDRojMk208epnMt4=
Subject key identifier: 8D:49:73:47:CC:3B:B7:91:F2:B8:28:A5:76:77:46:18:9C:68:D7:EF
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01865F6FA520CBCA143D6777BF63AC3A69D2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jUlzR8w7t5HyuCildndGGJxo1-8.roa
Signing time: Fri 17 Feb 2023 12:53:17 +0000
ROA not before: Fri 17 Feb 2023 12:53:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
91.107.116.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
194.5.93.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
45.129.187.0/24 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:6f:a5:20:cb:ca:14:3d:67:77:bf:63:ac:3a:69:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 17 12:53:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d497347cc3bb791f2b828a5767746189c68d7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a6:f1:7c:ab:12:81:99:ef:00:89:d6:c9:91:
d6:58:29:1a:2d:f6:aa:01:93:c3:48:c8:65:7a:a3:
21:11:7c:6b:af:91:b7:4d:8b:9e:36:05:25:75:f3:
a1:31:a3:32:3c:af:d7:7d:e5:6a:87:ea:50:a8:eb:
d8:29:0c:88:32:45:9a:e9:b7:ca:42:9a:ac:3c:e2:
ad:90:19:a5:13:b6:6a:24:00:64:40:31:76:cd:c0:
f2:d7:67:19:93:af:a4:58:8f:6a:21:07:c2:b1:5a:
9c:97:6f:56:a0:d3:88:60:4f:18:de:3e:d8:bc:ad:
0a:0d:b2:c9:2e:cd:2f:1d:85:f1:fb:fe:23:05:8b:
f4:dd:c4:ba:6a:d5:0a:23:9c:c7:54:6b:61:8e:a1:
2e:89:5d:09:0e:89:a7:62:94:5c:8e:ca:c4:9f:0a:
84:34:e7:27:5d:15:55:30:10:5d:dc:90:d6:18:9f:
52:58:f3:c3:86:b6:b1:a6:eb:ba:f4:1d:29:e9:af:
4d:09:8c:b7:c4:89:7a:03:0f:4f:7c:39:f5:29:90:
b8:01:b2:72:87:d6:a5:a7:3d:5c:3f:63:77:53:ce:
38:39:15:86:69:25:17:54:96:27:cb:d3:60:1c:5e:
9f:6b:89:96:92:14:53:f5:78:45:2e:2e:ec:1e:e9:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:49:73:47:CC:3B:B7:91:F2:B8:28:A5:76:77:46:18:9C:68:D7:EF
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jUlzR8w7t5HyuCildndGGJxo1-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.187.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
91.107.116.0/24
94.198.216.0-94.198.221.255
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
185.166.196.0/23
194.5.93.0/24
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
92:77:2c:ea:23:c9:8c:65:ce:26:ef:6a:75:f7:ae:e3:99:e7:
64:1f:90:2e:79:1a:f1:e4:4e:53:85:d9:33:17:56:f2:0d:d7:
33:1f:f8:8b:5a:a4:ee:76:e7:74:7d:6e:30:b5:bc:32:b6:1b:
7c:1d:60:35:15:f8:e7:78:1c:fd:f7:61:1f:97:8a:aa:b3:19:
6c:12:5d:02:89:45:ad:04:cd:ca:4a:9e:04:ed:50:eb:03:3f:
40:39:65:bb:32:2e:41:c0:13:a4:46:ca:8b:77:4e:09:5e:6f:
7b:e0:2b:f8:60:29:43:26:39:aa:68:3b:a7:64:17:40:2d:90:
d0:d0:9b:88:09:59:e0:f3:f7:9a:cf:5f:dc:bd:79:f6:7b:3a:
5a:48:65:ef:52:04:b0:dd:fb:00:7b:be:ec:1a:e6:70:f1:8b:
b5:93:db:2c:37:fb:3e:d0:89:1d:8f:4b:0d:29:92:d2:ac:a0:
69:3f:61:c7:e0:e8:a4:c7:41:ea:9a:c1:70:5c:5e:94:10:59:
c2:87:1a:8d:c9:9d:71:b9:07:51:48:53:75:40:63:13:76:02:
bb:37:f6:23:69:62:aa:74:82:10:19:93:7b:22:1c:f5:05:80:
d9:b0:0e:4a:da:38:e6:8a:fd:4e:56:86:25:92:c4:28:6a:22:
1d:ca:29:58
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYZfb6Ugy8oUPWd3v2OsOmnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjE3MTI1MzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQ5NzM0N2NjM2JiNzkxZjJiODI4YTU3Njc3NDYxODljNjhkN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqbxfKsSgZnvAInWyZHWWCkaLfaq
AZPDSMhleqMhEXxrr5G3TYueNgUldfOhMaMyPK/XfeVqh+pQqOvYKQyIMkWa6bfK
QpqsPOKtkBmlE7ZqJABkQDF2zcDy12cZk6+kWI9qIQfCsVqcl29WoNOIYE8Y3j7Y
vK0KDbLJLs0vHYXx+/4jBYv03cS6atUKI5zHVGthjqEuiV0JDomnYpRcjsrEnwqE
NOcnXRVVMBBd3JDWGJ9SWPPDhraxpuu69B0p6a9NCYy3xIl6Aw9PfDn1KZC4AbJy
h9alpz1cP2N3U844ORWGaSUXVJYny9NgHF6fa4mWkhRT9XhFLi7sHukGPQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFI1Jc0fMO7eR8rgopXZ3RhicaNfvMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvalVselI4dzd0NUh5dUNpbGRuZEdHSnhvMS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBtgQCAAEwga8DBAEF
LC4wCwMDAB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FADBAAtQnUD
BAAtQncwDAMEAC1QgQMEAi1QgAMEAC2BuwMEAC4QDAMEAS4QDgMEAi4TQDAMAwQE
UciQAwQBUcicAwQAW2t0MAwDBANextgDBAFextwwDAMEA23sOAMEAG3sOjAMAwQA
jWLpAwQAjWLqAwQBuabEAwQAwgVdAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQCS
dyzqI8mMZc4m72p1967jmedkH5AueRrx5E5ThdkzF1byDdczH/iLWqTudud0fW4w
tbwytht8HWA1FfjneBz992Efl4qqsxlsEl0CiUWtBM3KSp4E7VDrAz9AOWW7Mi5B
wBOkRsqLd04JXm974Cv4YClDJjmqaDunZBdALZDQ0JuICVng8/eaz1/cvXn2ezpa
SGXvUgSw3fsAe77sGuZw8Yu1k9ssN/s+0Ikdj0sNKZLSrKBpP2HH4Oikx0HqmsFw
XF6UEFnChxqNyZ1xuQdRSFN1QGMTdgK7N/YjaWKqdIIQGZN7Ihz1BYDZsA5K2jjm
iv1OVoYlksQoaiIdyilY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org