Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/kJNbOaxmGXa9Bqy5k0tmFMjH27w.roa
File: kJNbOaxmGXa9Bqy5k0tmFMjH27w.roa (raw, json)
Hash identifier: FU41dtOZCEbk4hHgtOZlXwzGC2qSam/FQ92/ZII+By4=
Subject key identifier: 90:93:5B:39:AC:66:19:76:BD:06:AC:B9:93:4B:66:14:C8:C7:DB:BC
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01867815D66AB931C71B0D8A4ACA3CA0D2FF
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/kJNbOaxmGXa9Bqy5k0tmFMjH27w.roa
Signing time: Wed 22 Feb 2023 07:45:42 +0000
ROA not before: Wed 22 Feb 2023 07:45:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
91.107.116.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
194.5.93.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
45.129.187.0/24 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:15:d6:6a:b9:31:c7:1b:0d:8a:4a:ca:3c:a0:d2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 22 07:45:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90935b39ac661976bd06acb9934b6614c8c7dbbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:15:25:b1:aa:25:70:cc:35:7d:b5:68:dd:31:
62:26:2d:38:05:1c:06:5b:34:90:6f:47:63:38:34:
95:40:c2:93:56:c7:b8:24:d9:20:80:78:a1:71:97:
fe:88:49:35:18:89:77:c7:5a:c8:e5:39:6a:f9:5b:
fd:de:4a:2e:bc:f3:1c:4b:52:0c:f0:0b:6e:1b:50:
d8:1f:3c:82:0c:cc:7c:9e:e0:3c:26:09:05:1d:f0:
16:01:40:b4:f2:f5:25:ef:f9:9f:3c:84:c0:3b:76:
4a:67:f5:1d:6b:a7:ee:49:2b:15:2d:eb:6d:d2:7e:
36:9a:fa:63:a4:a6:1e:95:86:17:93:99:43:7c:e5:
7f:5a:98:44:38:71:bf:6f:e5:6f:69:20:d3:1c:f3:
82:5c:9f:84:48:8a:68:b0:e5:b6:aa:20:42:ee:57:
c2:dc:87:c8:49:fa:a3:51:0b:42:f0:f7:d1:6a:83:
d9:57:77:b1:ba:fe:60:5f:89:2a:3e:ca:ee:28:94:
5c:5a:3e:ad:16:af:f0:7c:c1:07:9e:54:1b:0f:df:
da:1f:5f:ec:db:16:b2:39:3d:6a:01:da:88:5b:f4:
70:b2:b0:64:0e:47:f9:25:bc:5d:5c:f0:e3:6c:32:
70:41:88:52:45:e2:c2:e5:e4:ea:97:d0:e2:09:81:
8d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:93:5B:39:AC:66:19:76:BD:06:AC:B9:93:4B:66:14:C8:C7:DB:BC
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/kJNbOaxmGXa9Bqy5k0tmFMjH27w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.187.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
91.107.116.0/24
94.198.216.0-94.198.221.255
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
185.166.196.0/23
194.5.93.0/24
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:04:9a:97:8e:87:c3:1f:09:ce:19:a3:a6:f6:7a:b1:6a:84:
43:87:43:49:74:0c:76:f7:25:cc:53:36:d2:1e:f1:4f:01:e8:
f0:4f:73:85:a5:cb:66:8d:6d:e4:e8:6d:f7:33:3e:9f:62:3b:
cc:6c:0b:68:c5:09:72:99:19:3f:5e:3a:ff:90:c0:79:2c:0c:
42:a7:e7:07:a1:37:3a:a7:5f:aa:ca:8b:99:0d:6c:57:e1:cc:
cc:5c:80:7e:4d:33:f0:ed:76:78:4e:97:38:95:d3:b9:e8:92:
0a:5f:b9:cc:b8:71:64:9d:d0:9c:99:dd:60:dc:22:89:62:0b:
7c:ca:fb:5d:67:65:79:bb:9a:da:70:76:b5:5f:14:88:1f:98:
3c:65:31:2d:23:7d:2d:e4:f4:a3:53:da:e8:28:39:d8:9e:01:
3d:7f:d9:c0:1d:95:8e:f4:59:38:72:c5:bf:a2:b6:fb:1a:57:
42:5f:e6:ea:36:68:af:57:e1:35:1c:8c:e5:52:55:33:1d:f1:
d3:91:81:d2:fe:62:d4:67:9b:78:5e:b6:b2:20:69:ef:f6:9b:
a1:f7:f5:6c:03:14:29:4c:76:6d:1d:b2:ac:1f:33:e1:61:5d:
bb:1c:e3:77:c7:49:ff:f4:44:ae:35:b6:fa:25:97:62:6e:d8:
d8:62:fe:b9
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYZ4FdZquTHHGw2KSso8oNL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjIyMDc0NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDkzNWIzOWFjNjYxOTc2YmQwNmFjYjk5MzRiNjYxNGM4YzdkYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxUlsaolcMw1fbVo3TFiJi04BRwG
WzSQb0djODSVQMKTVse4JNkggHihcZf+iEk1GIl3x1rI5Tlq+Vv93kouvPMcS1IM
8AtuG1DYHzyCDMx8nuA8JgkFHfAWAUC08vUl7/mfPITAO3ZKZ/Uda6fuSSsVLett
0n42mvpjpKYelYYXk5lDfOV/WphEOHG/b+VvaSDTHPOCXJ+ESIposOW2qiBC7lfC
3IfISfqjUQtC8PfRaoPZV3exuv5gX4kqPsruKJRcWj6tFq/wfMEHnlQbD9/aH1/s
2xayOT1qAdqIW/RwsrBkDkf5JbxdXPDjbDJwQYhSReLC5eTql9DiCYGNUwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFJCTWzmsZhl2vQasuZNLZhTIx9u8MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEva0pOYk9heG1HWGE5QnF5NWswdG1GTWpIMjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBsAQCAAEwgakwCwMD
AB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FADBAAtQnUDBAAtQncw
DAMEAC1QgQMEAi1QgAMEAC2BuwMEAC4QDAMEAS4QDgMEAi4TQDAMAwQEUciQAwQB
UcicAwQAW2t0MAwDBANextgDBAFextwwDAMEA23sOAMEAG3sOjAMAwQAjWLpAwQA
jWLqAwQBuabEAwQAwgVdAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQAdBJqXjofD
HwnOGaOm9nqxaoRDh0NJdAx29yXMUzbSHvFPAejwT3OFpctmjW3k6G33Mz6fYjvM
bAtoxQlymRk/Xjr/kMB5LAxCp+cHoTc6p1+qyouZDWxX4czMXIB+TTPw7XZ4Tpc4
ldO56JIKX7nMuHFkndCcmd1g3CKJYgt8yvtdZ2V5u5racHa1XxSIH5g8ZTEtI30t
5PSjU9roKDnYngE9f9nAHZWO9Fk4csW/orb7GldCX+bqNmivV+E1HIzlUlUzHfHT
kYHS/mLUZ5t4XrayIGnv9puh9/VsAxQpTHZtHbKsHzPhYV27HON3x0n/9ESuNbb6
JZdibtjYYv65
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org