Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-klIPbHK0Y8ibT-gvj3YhP4m86o.roa
File: 1-klIPbHK0Y8ibT-gvj3YhP4m86o.roa (raw, json)
Hash identifier: P7rQiz1lH9ZRiGIyfqqZewzJaUkonn08WfzEjYj58F4=
Subject key identifier: FA:49:48:3D:B1:CA:D1:8F:22:6D:3F:A0:BE:3D:D8:84:FE:26:F3:AA
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018532CD30B99143487C6B323DE8110F6EA8
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-klIPbHK0Y8ibT-gvj3YhP4m86o.roa
Signing time: Wed 21 Dec 2022 03:49:46 +0000
ROA not before: Wed 21 Dec 2022 03:49:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 31.129.22.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.80.128.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:32:cd:30:b9:91:43:48:7c:6b:32:3d:e8:11:0f:6e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Dec 21 03:49:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa49483db1cad18f226d3fa0be3dd884fe26f3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:94:96:15:1f:4e:7e:a3:fa:0c:21:36:69:2c:
4e:2a:36:12:2e:8f:1f:d3:3d:f7:68:5e:b3:69:33:
55:db:23:84:1c:ef:b6:60:48:6d:3a:fb:28:3f:e6:
95:e8:3d:16:b3:e4:1c:9c:e7:70:ca:d7:4c:32:4a:
4a:b6:a6:9f:62:ee:a4:4c:e4:e1:c4:31:fa:69:2b:
d6:0e:ad:4b:36:71:b6:ef:1b:a7:99:68:74:76:fb:
a4:c0:cc:45:16:66:e4:59:ba:9b:e4:93:7f:9e:f2:
75:9a:53:88:98:6a:f2:a5:65:19:8c:cf:88:e4:b6:
8c:12:4c:10:60:bb:0a:84:59:18:9a:6d:e5:f4:f4:
7f:f8:30:28:b8:ce:c4:fd:6d:8f:9f:04:75:87:68:
44:56:b5:80:ea:11:fb:cd:0f:35:74:75:8b:24:6e:
23:e4:b9:60:d5:f6:65:74:02:43:da:e5:71:12:e1:
e8:a2:d0:b1:52:b3:f8:d5:8f:f2:2d:ad:30:ff:e7:
9e:57:8c:0f:cf:58:9e:6d:18:ce:38:a9:7d:cf:c1:
cd:81:56:e1:8e:23:3e:08:c4:0a:93:cb:e2:21:24:
98:a3:9c:de:cd:1c:73:40:e6:9f:61:07:28:46:db:
32:b2:1c:dd:d1:76:40:37:7c:af:85:61:b6:b3:e3:
58:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:49:48:3D:B1:CA:D1:8F:22:6D:3F:A0:BE:3D:D8:84:FE:26:F3:AA
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/1-klIPbHK0Y8ibT-gvj3YhP4m86o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.22.0/24
45.80.128.0/24
45.129.184.0/24
195.80.48.0/23
Signature Algorithm: sha256WithRSAEncryption
90:22:0c:bc:1d:5a:d2:28:3a:bf:5d:07:c2:3b:84:ae:fe:9c:
55:42:28:ad:1b:12:4a:4b:00:12:b4:14:2b:46:80:32:88:54:
97:a5:4c:9f:31:23:7f:f1:f2:ab:9c:41:37:d6:5e:a3:d2:10:
7e:bb:dd:7b:d4:98:29:65:4a:6c:af:90:92:94:77:ac:40:d2:
0b:36:4a:ba:26:bb:e5:c2:0b:1d:1e:3c:ac:bd:90:c0:f3:41:
b5:7d:9f:76:11:1c:0b:c7:63:41:67:71:77:d0:b9:7b:de:25:
b8:36:16:08:46:0c:c3:b2:b9:18:1f:8f:30:ec:2d:10:ba:a7:
4c:f4:b8:6c:6c:2d:c9:71:14:df:ff:d9:a8:1a:63:34:e6:d2:
a3:14:af:2d:7e:ea:2e:22:e0:b1:f7:ad:57:55:f2:b7:db:6f:
b0:d7:e6:18:73:f0:7f:75:56:87:71:62:37:42:62:ef:5e:05:
23:ae:68:b8:0a:75:77:ce:28:b5:be:95:7c:6a:8e:78:67:05:
02:ff:d0:ea:5d:b4:b5:07:ed:69:78:b7:4d:a5:10:4d:60:ce:
62:34:71:b7:30:28:e6:70:61:f9:ee:01:37:d7:1b:80:de:a9:
6f:38:8a:1d:d4:12:ac:87:6a:36:1b:bb:23:c5:17:06:56:45:
4e:6a:cf:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYUyzTC5kUNIfGsyPegRD26oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjIxMjIxMDM0OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ5NDgzZGIxY2FkMThmMjI2ZDNmYTBiZTNkZDg4NGZlMjZmM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZSWFR9OfqP6DCE2aSxOKjYSLo8f
0z33aF6zaTNV2yOEHO+2YEhtOvsoP+aV6D0Ws+QcnOdwytdMMkpKtqafYu6kTOTh
xDH6aSvWDq1LNnG27xunmWh0dvukwMxFFmbkWbqb5JN/nvJ1mlOImGrypWUZjM+I
5LaMEkwQYLsKhFkYmm3l9PR/+DAouM7E/W2PnwR1h2hEVrWA6hH7zQ81dHWLJG4j
5Llg1fZldAJD2uVxEuHootCxUrP41Y/yLa0w/+eeV4wPz1iebRjOOKl9z8HNgVbh
jiM+CMQKk8viISSYo5zezRxzQOafYQcoRtsyshzd0XZAN3yvhWG2s+NYuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPpJSD2xytGPIm0/oL492IT+JvOqMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMS1rbElQYkhLMFk4aWJULWd2ajNZaFA0bTg2by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgy
OC8xL0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAAUsKgME
AB+BFgMEAC1QgAMEAC2BuAMEAcNQMDANBgkqhkiG9w0BAQsFAAOCAQEAkCIMvB1a
0ig6v10HwjuErv6cVUIorRsSSksAErQUK0aAMohUl6VMnzEjf/Hyq5xBN9Zeo9IQ
frvde9SYKWVKbK+QkpR3rEDSCzZKuia75cILHR48rL2QwPNBtX2fdhEcC8djQWdx
d9C5e94luDYWCEYMw7K5GB+PMOwtELqnTPS4bGwtyXEU3//ZqBpjNObSoxSvLX7q
LiLgsfetV1Xyt9tvsNfmGHPwf3VWh3FiN0Ji714FI65ouAp1d84otb6VfGqOeGcF
Av/Q6l20tQftaXi3TaUQTWDOYjRxtzAo5nBh+e4BN9cbgN6pbziKHdQSrIdqNhu7
I8UXBlZFTmrP2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org