Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/wnlsUg3hFbf-rXZnZMGVSoOhK3I.roa
File: wnlsUg3hFbf-rXZnZMGVSoOhK3I.roa (raw, json)
Hash identifier: 8UpNhKnbwBBxsKO6T1BY9vDgbTdUXews9CXSoFNLsjM=
Subject key identifier: C2:79:6C:52:0D:E1:15:B7:FE:AD:76:67:64:C1:95:4A:83:A1:2B:72
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0185969E5D26A3042D8A0F83C3A427D47458
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/wnlsUg3hFbf-rXZnZMGVSoOhK3I.roa
Signing time: Mon 09 Jan 2023 13:00:38 +0000
ROA not before: Mon 09 Jan 2023 13:00:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
195.80.50.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
91.107.124.0/23 maxlen: 23
37.220.80.0/22 maxlen: 22
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
91.107.127.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
45.66.117.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:9e:5d:26:a3:04:2d:8a:0f:83:c3:a4:27:d4:74:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 9 13:00:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2796c520de115b7fead766764c1954a83a12b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f4:3a:24:84:52:c0:b3:ac:c5:a2:33:21:b7:
3b:60:7c:63:b2:4a:7e:8a:1f:9b:f6:83:29:33:d5:
c0:fd:aa:38:fe:f9:c6:5c:02:4d:fe:48:94:1a:b1:
8d:b7:c6:95:28:a4:90:93:11:6f:0b:f6:cd:1e:0d:
a7:9a:f7:c2:5d:c1:1b:c8:78:c2:74:1b:a0:04:e3:
f6:3b:3e:7e:68:cc:38:48:09:47:ce:a6:9c:6f:c2:
0b:ea:cd:60:35:b8:14:3e:86:55:e4:85:a0:5c:e4:
37:7b:84:0f:79:a5:4a:05:31:96:64:55:3e:74:a0:
8e:3e:cf:60:e5:38:19:ed:ac:f7:b9:ec:d2:ca:ec:
98:e5:e4:84:65:0e:e5:43:4d:f1:12:1e:10:4b:a0:
15:19:65:23:aa:bc:78:38:11:bf:b6:1b:e7:f9:22:
cc:65:0d:b2:01:34:f3:7f:14:37:dd:d7:78:9f:40:
07:b8:ab:c4:2f:49:98:04:c8:c6:b5:a3:8f:3a:19:
a0:53:c1:c8:a0:7a:78:a1:16:61:08:21:0e:98:8b:
7f:76:e3:39:07:90:2e:e7:30:29:86:55:6d:60:b6:
93:2d:92:cd:70:e7:77:7f:2c:8a:d7:a3:0d:c8:37:
6d:14:d4:fb:1d:0e:af:98:6c:29:f2:98:7b:92:af:
55:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:79:6C:52:0D:E1:15:B7:FE:AD:76:67:64:C1:95:4A:83:A1:2B:72
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/wnlsUg3hFbf-rXZnZMGVSoOhK3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
31.129.0.0-31.129.21.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.8.97.0-45.8.98.255
45.66.117.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.187.0/24
46.16.12.0/24
46.16.14.0/23
89.191.232.0/24
91.107.116.0/24
91.107.124.0/23
91.107.127.0/24
141.98.233.0-141.98.234.255
194.28.192.0/24
194.31.173.0-194.31.174.255
195.80.50.0/24
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:bc:cb:85:6b:1d:d6:bb:97:ee:51:ed:f6:b9:ed:07:4c:9f:
ef:23:b0:db:b2:cf:17:ce:f9:18:d2:f2:98:2a:6e:60:97:64:
d0:46:1b:a7:d9:95:18:e1:4b:5a:ce:40:23:89:cd:99:4c:73:
61:24:88:31:ef:a3:d9:1c:75:c5:a7:3c:e1:4b:a5:c6:6e:34:
47:ba:13:8e:03:a0:92:56:6a:55:0a:f2:14:bf:6b:d7:59:b8:
ce:26:ba:b2:f5:94:c5:05:19:99:d7:58:08:c6:72:51:fc:4d:
6c:d8:52:29:a8:33:80:b8:4e:2e:a0:db:b4:e4:3b:9b:f9:0f:
0e:3c:5f:d2:0f:f3:57:0c:f1:87:35:2f:45:01:c8:c9:da:af:
63:f3:04:8e:45:79:af:60:15:f2:c6:ba:94:48:a4:55:2a:af:
31:42:d5:4e:a4:35:08:74:97:e2:3d:bd:45:d4:7b:13:ea:fa:
7a:c5:23:03:e7:72:f1:b0:e3:23:4f:33:84:f5:84:b2:f4:0f:
b2:40:58:6d:59:42:5d:7b:cc:1a:86:c3:ab:72:b9:33:45:e3:
19:77:90:04:69:aa:5e:29:fc:a5:d2:55:77:50:b1:74:94:1f:
af:38:e4:78:d1:38:94:57:da:f5:f1:73:0c:e8:12:e5:a8:16:
e2:8f:66:02
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYWWnl0mowQtig+Dw6Qn1HRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTA5MTMwMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjc5NmM1MjBkZTExNWI3ZmVhZDc2Njc2NGMxOTU0YTgzYTEyYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvQ6JIRSwLOsxaIzIbc7YHxjskp+
ih+b9oMpM9XA/ao4/vnGXAJN/kiUGrGNt8aVKKSQkxFvC/bNHg2nmvfCXcEbyHjC
dBugBOP2Oz5+aMw4SAlHzqacb8IL6s1gNbgUPoZV5IWgXOQ3e4QPeaVKBTGWZFU+
dKCOPs9g5TgZ7az3uezSyuyY5eSEZQ7lQ03xEh4QS6AVGWUjqrx4OBG/thvn+SLM
ZQ2yATTzfxQ33dd4n0AHuKvEL0mYBMjGtaOPOhmgU8HIoHp4oRZhCCEOmIt/duM5
B5Au5zAphlVtYLaTLZLNcOd3fyyK16MNyDdtFNT7HQ6vmGwp8ph7kq9V8wIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFMJ5bFIN4RW3/q12Z2TBlUqDoStyMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvd25sc1VnM2hGYmYtclhablpNR1ZTb09oSzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBtAQCAAEwga0DBAEF
LC4wCwMDAB+BAwQBH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FAwDAMEAC0I
YQMEAC0IYgMEAC1CdQMEAC1CdzAMAwQALVCBAwQCLVCAAwQALYG7AwQALhAMAwQB
LhAOAwQAWb/oAwQAW2t0AwQBW2t8AwQAW2t/MAwDBACNYukDBACNYuoDBADCHMAw
DAMEAMIfrQMEAMIfrgMEAMNQMgMEANQ8FzANBgkqhkiG9w0BAQsFAAOCAQEAS7zL
hWsd1ruX7lHt9rntB0yf7yOw27LPF875GNLymCpuYJdk0EYbp9mVGOFLWs5AI4nN
mUxzYSSIMe+j2Rx1xac84Uulxm40R7oTjgOgklZqVQryFL9r11m4zia6svWUxQUZ
mddYCMZyUfxNbNhSKagzgLhOLqDbtOQ7m/kPDjxf0g/zVwzxhzUvRQHIydqvY/ME
jkV5r2AV8sa6lEikVSqvMULVTqQ1CHSX4j29RdR7E+r6esUjA+dy8bDjI08zhPWE
svQPskBYbVlCXXvMGobDq3K5M0XjGXeQBGmqXin8pdJVd1CxdJQfrzjkeNE4lFfa
9fFzDOgS5agW4o9mAg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org