Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/zzlHr5C5940lp_CgLtarghRd99Q.roa
File: zzlHr5C5940lp_CgLtarghRd99Q.roa (raw, json)
Hash identifier: 40xpIFKHS7DQRJaPBNjFw9EQCXFMDHA4O5scC9cZyIQ=
Subject key identifier: CF:39:47:AF:90:B9:F7:8D:25:A7:F0:A0:2E:D6:AB:82:14:5D:F7:D4
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186E1567D44654E824D0AA1CE59267AE66D
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/zzlHr5C5940lp_CgLtarghRd99Q.roa
Signing time: Tue 14 Mar 2023 18:16:27 +0000
ROA not before: Tue 14 Mar 2023 18:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
109.236.56.0/23 maxlen: 23
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:56:7d:44:65:4e:82:4d:0a:a1:ce:59:26:7a:e6:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 14 18:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf3947af90b9f78d25a7f0a02ed6ab82145df7d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:70:db:c8:55:44:91:18:b2:5c:38:bd:1f:
0c:81:f5:70:d1:79:dc:be:c8:7c:93:bc:94:d1:bb:
e4:f5:bf:3d:4b:1d:1b:99:ca:86:6d:fa:ca:cc:45:
f8:14:e0:d8:ae:21:c6:51:3e:da:e8:8b:1d:5d:0c:
b6:54:79:e8:d4:db:1a:83:dd:73:46:c2:b0:b1:2f:
b4:da:bc:76:39:5f:25:86:bb:c4:87:1c:1f:fe:84:
97:09:6d:48:96:6e:e3:13:60:98:50:e9:cf:8a:4f:
c0:c1:81:f4:ab:cc:6e:f5:f4:05:a9:ba:ba:70:80:
bc:43:83:c6:6b:00:3b:80:7c:5c:ab:e0:cc:f9:bd:
b7:28:4f:4c:08:13:82:67:40:8f:26:b6:b4:f9:5e:
de:d3:68:02:7f:80:bf:f4:61:5c:42:5f:a3:06:c6:
b8:98:60:20:13:c5:c2:91:1e:a4:b9:cd:02:21:54:
3a:38:b3:f9:10:30:1c:ca:66:6c:0c:57:c3:52:3e:
91:6c:a3:10:8c:02:4d:85:b4:01:f7:c9:2a:87:d2:
eb:d8:68:44:13:cc:a4:8f:83:d1:fa:bb:16:bc:fc:
63:14:e5:6a:10:57:ac:bb:63:8e:3a:be:b6:a5:bf:
43:fb:f5:d3:60:08:77:16:6e:6c:78:ce:59:5b:98:
92:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:39:47:AF:90:B9:F7:8D:25:A7:F0:A0:2E:D6:AB:82:14:5D:F7:D4
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/zzlHr5C5940lp_CgLtarghRd99Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.80.129.0-45.80.131.255
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
29:a2:64:e6:17:5e:22:d6:22:0f:0f:fb:c2:4e:b4:5d:dd:f6:
b9:b7:18:06:c7:68:21:ac:22:6c:86:93:1c:31:f8:ef:9a:99:
05:a3:09:a9:1e:26:36:14:38:6d:48:88:19:6b:31:17:2b:ae:
e7:59:a3:35:af:d0:04:a8:71:68:28:36:54:76:e8:fa:c4:73:
07:1f:d5:e3:b9:56:e8:d7:ea:50:87:50:c1:08:b4:4d:d8:67:
b2:05:42:28:12:ad:20:9e:2b:a0:10:c0:bf:1d:b4:29:19:d1:
4f:12:79:fd:e9:68:99:20:97:a6:7c:2f:d3:43:c2:d4:e1:17:
97:24:e5:e6:0c:90:d9:10:1b:c2:ea:f8:66:97:1b:c2:70:53:
9d:0b:4e:1d:39:33:de:66:68:37:c7:d8:fa:43:f9:e0:ab:26:
8c:0d:e4:40:b9:dd:f2:59:a8:1b:5d:8d:c9:8e:d7:41:ef:1f:
06:75:7e:f6:e8:db:cc:24:f0:59:e2:28:82:42:6f:ce:11:63:
b6:95:42:d6:01:94:14:1e:cd:39:c9:13:e1:4a:d5:a6:0e:42:
77:8c:3b:4c:17:2a:ce:40:4c:df:82:b6:4d:02:30:8b:c3:76:
10:af:7c:97:cb:52:46:fa:3e:2f:11:32:ef:2d:e6:ff:76:d4:
ef:4a:95:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYbhVn1EZU6CTQqhzlkmeuZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzE0MTgxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM5NDdhZjkwYjlmNzhkMjVhN2YwYTAyZWQ2YWI4MjE0NWRmN2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorJw28hVRJEYslw4vR8MgfVw0Xnc
vsh8k7yU0bvk9b89Sx0bmcqGbfrKzEX4FODYriHGUT7a6IsdXQy2VHno1Nsag91z
RsKwsS+02rx2OV8lhrvEhxwf/oSXCW1Ilm7jE2CYUOnPik/AwYH0q8xu9fQFqbq6
cIC8Q4PGawA7gHxcq+DM+b23KE9MCBOCZ0CPJra0+V7e02gCf4C/9GFcQl+jBsa4
mGAgE8XCkR6kuc0CIVQ6OLP5EDAcymZsDFfDUj6RbKMQjAJNhbQB98kqh9Lr2GhE
E8ykj4PR+rsWvPxjFOVqEFesu2OOOr62pb9D+/XTYAh3Fm5seM5ZW5iSdQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFM85R6+QufeNJafwoC7Wq4IUXffUMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvenpsSHI1QzU5NDBscF9DZ0x0YXJnaFJkOTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAEwgYUwCwMD
AB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FAwDAMEAC1QgQMEAi1Q
gAMEAC4QDAMEAS4QDgMEAi4TQDAMAwQEUciQAwQBUcicMAwDBANextgDBAFextww
DAMEA23sOAMEAG3sOjAMAwQAjWLpAwQAjWLqAwQBuabEMA0GCSqGSIb3DQEBCwUA
A4IBAQApomTmF14i1iIPD/vCTrRd3fa5txgGx2ghrCJshpMcMfjvmpkFowmpHiY2
FDhtSIgZazEXK67nWaM1r9AEqHFoKDZUduj6xHMHH9XjuVbo1+pQh1DBCLRN2Gey
BUIoEq0gniugEMC/HbQpGdFPEnn96WiZIJemfC/TQ8LU4ReXJOXmDJDZEBvC6vhm
lxvCcFOdC04dOTPeZmg3x9j6Q/ngqyaMDeRAud3yWagbXY3JjtdB7x8GdX726NvM
JPBZ4iiCQm/OEWO2lULWAZQUHs05yRPhStWmDkJ3jDtMFyrOQEzfgrZNAjCLw3YQ
r3yXy1JG+j4vETLvLeb/dtTvSpUC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-ams.rpki-client.org