Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/29xNZ7O7-aG1JhjrHt_7fdA9BzM.roa
File: 29xNZ7O7-aG1JhjrHt_7fdA9BzM.roa (raw, json)
Hash identifier: dr0oagGxX98zkYTRp7hRtcB0gKt/7gLcdj5CQhwbtXg=
Subject key identifier: DB:DC:4D:67:B3:BB:F9:A1:B5:26:18:EB:1E:DF:FB:7D:D0:3D:07:33
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018E382548940B1E9E294AA8E7B4933ACD64
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/29xNZ7O7-aG1JhjrHt_7fdA9BzM.roa
Signing time: Wed 13 Mar 2024 14:09:11 +0000
ROA not before: Wed 13 Mar 2024 14:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 5.44.43.0/24 maxlen: 24
5.44.45.0/24 maxlen: 24
89.191.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:25:48:94:0b:1e:9e:29:4a:a8:e7:b4:93:3a:cd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 13 14:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbdc4d67b3bbf9a1b52618eb1edffb7dd03d0733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:b1:0d:0d:9d:5a:d2:57:f3:eb:5d:cc:ff:
cf:86:df:b1:e5:47:b4:65:7e:fb:83:2f:c7:99:82:
cc:78:e6:f8:b0:a7:32:76:31:65:bb:46:21:cd:50:
d5:dc:79:7f:8a:f2:51:36:65:3e:55:00:8f:db:3c:
0e:0e:7f:db:d6:1c:0c:6d:53:f7:a8:4e:0a:72:8a:
73:c3:ae:ce:e5:e9:94:76:a5:04:49:f5:c1:c4:b1:
fe:a1:17:20:d0:84:44:e4:91:18:55:42:b8:9a:ab:
9b:8f:a2:cb:f6:53:21:4c:a7:7d:2a:b3:3a:ae:62:
85:0b:c0:59:87:7c:f2:b1:0f:8d:04:57:d3:ba:4c:
8d:3a:62:b0:c8:85:42:d0:75:2a:3f:fe:d4:83:64:
c2:4d:c7:8e:ae:54:59:4d:14:05:9e:68:74:aa:5b:
14:ce:0e:db:a9:f9:e6:e2:15:ef:95:8a:20:65:22:
fa:9d:35:d5:b3:e5:6f:a9:4a:0e:af:00:4e:a6:3c:
b8:af:f1:cf:b8:f1:58:f1:b1:c6:a7:06:4f:44:a2:
35:b2:47:f3:cf:2c:3f:bf:76:c0:ef:1a:a4:91:42:
25:b7:d7:81:eb:25:c8:5b:75:8b:d6:8d:6d:03:99:
b5:05:49:db:33:78:92:19:7f:64:03:c2:ab:2a:86:
85:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DC:4D:67:B3:BB:F9:A1:B5:26:18:EB:1E:DF:FB:7D:D0:3D:07:33
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/29xNZ7O7-aG1JhjrHt_7fdA9BzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.43.0/24
5.44.45.0/24
89.191.231.0/24
Signature Algorithm: sha256WithRSAEncryption
54:13:31:9f:2f:67:8c:5d:05:d4:27:48:56:1a:70:81:c2:75:
8c:ad:1d:cc:d1:aa:cb:51:b9:63:47:a0:71:3d:fc:65:3b:5f:
64:5f:fb:e2:be:56:00:0e:74:b2:5e:08:6a:5d:58:8e:f6:5f:
d2:d3:4b:e4:d6:82:d6:c2:85:7e:7f:15:c2:72:11:ba:86:17:
c6:31:8f:bf:88:98:27:da:c5:7a:22:bc:2f:61:e7:db:2f:ae:
e1:b1:8d:26:9b:b7:01:d0:5e:2e:90:35:9a:a4:df:8b:d1:d6:
c0:08:4a:77:93:23:c7:f0:f5:d7:24:d2:b5:26:6b:d7:a7:5c:
66:a3:03:3d:68:e8:ac:68:c2:5c:d1:dd:7c:8d:d4:d1:f6:23:
8f:99:32:37:eb:8a:fa:c4:58:14:fe:07:f6:d0:dc:bf:e6:92:
ec:2f:f1:6b:97:b1:0c:58:4e:cd:55:9a:93:08:c2:0a:eb:a1:
81:16:a9:e0:c3:f7:42:57:b6:b4:57:c2:01:d8:f3:81:dd:9d:
72:a2:58:b4:94:78:c3:ca:8b:60:89:67:3b:c2:9b:3c:ef:a0:
7d:5e:af:68:bc:5a:3c:e1:34:47:10:6b:d9:89:0a:3f:fc:42:
b1:b9:e3:fc:79:a3:6c:44:60:a5:5b:6f:d4:b5:04:1f:a3:0d:
0f:ea:7e:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY44JUiUCx6eKUqo57STOs1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMzEzMTQwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmRjNGQ2N2IzYmJmOWExYjUyNjE4ZWIxZWRmZmI3ZGQwM2QwNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGOxDQ2dWtJX8+tdzP/Pht+x5Ue0
ZX77gy/HmYLMeOb4sKcydjFlu0YhzVDV3Hl/ivJRNmU+VQCP2zwODn/b1hwMbVP3
qE4Kcopzw67O5emUdqUESfXBxLH+oRcg0IRE5JEYVUK4mqubj6LL9lMhTKd9KrM6
rmKFC8BZh3zysQ+NBFfTukyNOmKwyIVC0HUqP/7Ug2TCTceOrlRZTRQFnmh0qlsU
zg7bqfnm4hXvlYogZSL6nTXVs+VvqUoOrwBOpjy4r/HPuPFY8bHGpwZPRKI1skfz
zyw/v3bA7xqkkUIlt9eB6yXIW3WL1o1tA5m1BUnbM3iSGX9kA8KrKoaF9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNvcTWezu/mhtSYY6x7f+33QPQczMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvMjl4Tlo3TzctYUcxSmhqckh0XzdmZEE5QnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABSwrAwQA
BSwtAwQAWb/nMA0GCSqGSIb3DQEBCwUAA4IBAQBUEzGfL2eMXQXUJ0hWGnCBwnWM
rR3M0arLUbljR6BxPfxlO19kX/vivlYADnSyXghqXViO9l/S00vk1oLWwoV+fxXC
chG6hhfGMY+/iJgn2sV6IrwvYefbL67hsY0mm7cB0F4ukDWapN+L0dbACEp3kyPH
8PXXJNK1JmvXp1xmowM9aOisaMJc0d18jdTR9iOPmTI364r6xFgU/gf20Ny/5pLs
L/Frl7EMWE7NVZqTCMIK66GBFqngw/dCV7a0V8IB2POB3Z1yoli0lHjDyotgiWc7
wps876B9Xq9ovFo84TRHEGvZiQo//EKxueP8eaNsRGClW2/UtQQfow0P6n6y
-----END CERTIFICATE-----
Generated at Thu Aug 8 18:26:33 2024 by rpki-client on console-ams.rpki-client.org