Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3z3nJ1rzyKeB382d-BtRY7jiymY.roa
File: 3z3nJ1rzyKeB382d-BtRY7jiymY.roa (raw, json)
Hash identifier: A3eUegmmhi1gKIefztf2AclbufhaCODc3EsmdKMpB0I=
Subject key identifier: DF:3D:E7:27:5A:F3:C8:A7:81:DF:CD:9D:F8:1B:51:63:B8:E2:CA:66
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018D82437553F4C63BF2A210C45E44F04533
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3z3nJ1rzyKeB382d-BtRY7jiymY.roa
Signing time: Wed 07 Feb 2024 06:31:15 +0000
ROA not before: Wed 07 Feb 2024 06:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 5.44.42.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
37.220.86.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:43:75:53:f4:c6:3b:f2:a2:10:c4:5e:44:f0:45:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 7 06:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df3de7275af3c8a781dfcd9df81b5163b8e2ca66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:54:38:74:4a:5b:49:9d:67:63:ae:76:bd:1b:
79:86:9f:ee:6e:75:18:3e:7f:2b:7a:bf:a0:ec:14:
aa:7b:8d:50:df:4f:dc:9b:31:0e:21:58:62:56:73:
54:ba:e4:08:32:0f:ce:6e:74:e8:d1:a0:89:fa:e6:
93:5a:55:e9:17:26:09:e8:49:c8:a2:7c:7f:a0:88:
65:af:f9:00:3a:1c:8e:de:af:b1:8a:00:4f:c5:30:
27:c3:39:e2:84:13:b0:ea:e1:af:58:5d:cc:11:26:
6c:f9:2b:0c:70:88:6e:b1:7c:da:2b:7a:e0:c1:fa:
5f:86:39:02:ac:36:20:89:7a:ec:e1:c0:b1:d5:92:
25:a7:7c:5c:11:c0:21:ef:e5:27:4c:13:da:7f:d5:
9b:1f:6f:f2:37:d0:fe:3b:07:bd:14:61:37:e5:f9:
19:45:ed:a0:9f:e3:be:26:39:9b:b9:e4:7c:c0:5e:
b7:b4:e5:0f:c0:9b:ae:a8:63:91:29:99:f2:54:08:
98:ea:46:d5:ab:e8:e8:66:7d:75:2c:db:e8:22:99:
15:6a:4f:79:fd:18:06:8f:a0:50:08:90:ea:8f:00:
4f:d0:f5:de:ed:54:c1:24:34:e0:d6:25:47:42:14:
43:56:55:08:f8:34:41:23:57:1b:19:65:f1:0a:41:
6e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3D:E7:27:5A:F3:C8:A7:81:DF:CD:9D:F8:1B:51:63:B8:E2:CA:66
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3z3nJ1rzyKeB382d-BtRY7jiymY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.86.0/23
45.95.232.0/23
45.129.184.0/24
45.129.187.0/24
77.83.116.0/24
89.191.232.0/24
91.107.116.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
194.28.192.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
83:69:f8:02:ad:51:ff:4e:57:ad:f7:bf:b8:3c:fd:22:77:b7:
3e:ba:8e:52:97:03:f8:a5:90:34:29:8a:54:92:74:bb:18:07:
c0:f4:b1:4c:1a:02:06:3e:a4:e0:08:66:be:30:da:00:d3:27:
89:49:89:d5:60:1a:be:a6:d0:53:f6:fe:fa:7c:ad:38:c4:8d:
a9:72:16:67:7d:2b:d4:96:25:3f:b8:76:b8:a4:53:35:fb:7b:
cf:6c:6d:f4:e6:89:a3:54:be:52:e1:fc:98:90:9b:7e:9b:c8:
22:72:37:58:06:87:20:1a:d8:11:44:fd:98:43:56:c8:40:6a:
82:87:6c:2b:1e:20:b5:35:bf:60:08:88:ba:4e:ef:43:0b:3e:
f0:4a:0c:dd:3b:90:2d:42:a1:ca:b4:15:13:03:dc:6d:a9:20:
65:59:8c:2f:c5:33:c1:94:2f:0b:70:fc:d4:b1:0d:9d:6e:8b:
f1:26:3f:ca:70:43:10:b2:06:b2:3e:81:9b:a3:ef:8d:45:6f:
57:04:a9:2e:a4:6f:fe:b9:b1:66:3b:33:7e:39:b7:74:6d:8a:
87:87:3c:a9:1e:b9:97:75:8d:e4:79:bb:ed:1b:ac:9d:46:1f:
e2:63:19:3b:39:81:4a:8b:95:6c:82:ba:b6:83:af:86:1e:66:
b8:d6:74:29
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY2CQ3VT9MY78qIQxF5E8EUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMjA3MDYzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNkZTcyNzVhZjNjOGE3ODFkZmNkOWRmODFiNTE2M2I4ZTJjYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1Q4dEpbSZ1nY652vRt5hp/ubnUY
Pn8rer+g7BSqe41Q30/cmzEOIVhiVnNUuuQIMg/ObnTo0aCJ+uaTWlXpFyYJ6EnI
onx/oIhlr/kAOhyO3q+xigBPxTAnwznihBOw6uGvWF3MESZs+SsMcIhusXzaK3rg
wfpfhjkCrDYgiXrs4cCx1ZIlp3xcEcAh7+UnTBPaf9WbH2/yN9D+Owe9FGE35fkZ
Re2gn+O+JjmbueR8wF63tOUPwJuuqGORKZnyVAiY6kbVq+joZn11LNvoIpkVak95
/RgGj6BQCJDqjwBP0PXe7VTBJDTg1iVHQhRDVlUI+DRBI1cbGWXxCkFuXwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFN895yda88ingd/NnfgbUWO44spmMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvM3ozbkoxcnp5S2VCMzgyZC1CdFJZN2ppeW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAAUsKgME
AAUsLAMEAB+BFgMEASXcVgMEAS1f6AMEAC2BuAMEAC2BuwMEAE1TdAMEAFm/6AME
AFtrdAMEAFx2cDAMAwQAjWLpAwQAjWLqAwQAuabHAwQAufe4AwQAwhzAAwQBw1Aw
AwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQCDafgCrVH/Tlet97+4PP0id7c+uo5S
lwP4pZA0KYpUknS7GAfA9LFMGgIGPqTgCGa+MNoA0yeJSYnVYBq+ptBT9v76fK04
xI2pchZnfSvUliU/uHa4pFM1+3vPbG305omjVL5S4fyYkJt+m8gicjdYBocgGtgR
RP2YQ1bIQGqCh2wrHiC1Nb9gCIi6Tu9DCz7wSgzdO5AtQqHKtBUTA9xtqSBlWYwv
xTPBlC8LcPzUsQ2dbovxJj/KcEMQsgayPoGbo++NRW9XBKkupG/+ubFmOzN+Obd0
bYqHhzypHrmXdY3kebvtG6ydRh/iYxk7OYFKi5Vsgrq2g6+GHma41nQp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org