Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EAkQtVqEPQMy1VRmAmU-G_A_T4c.roa
File: EAkQtVqEPQMy1VRmAmU-G_A_T4c.roa (raw, json)
Hash identifier: YDuKwcnuF03G3SSvW1GAWKcNapXmyDJb47+yROHbHeo=
Subject key identifier: 10:09:10:B5:5A:84:3D:03:32:D5:54:66:02:65:3E:1B:F0:3F:4F:87
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186F3EC7D565FA0AB31EF9DD70D1CC5CAF1
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EAkQtVqEPQMy1VRmAmU-G_A_T4c.roa
Signing time: Sat 18 Mar 2023 08:53:27 +0000
ROA not before: Sat 18 Mar 2023 08:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.95.235.0/24 maxlen: 24
45.80.129.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
109.236.58.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f3:ec:7d:56:5f:a0:ab:31:ef:9d:d7:0d:1c:c5:ca:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 18 08:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=100910b55a843d0332d5546602653e1bf03f4f87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:a0:e1:1f:f3:8c:6e:d0:32:c3:99:92:78:
d9:b5:0d:c7:05:ee:56:94:5b:56:36:ac:e2:03:a4:
8d:6f:d6:64:56:32:f6:bc:26:2b:c0:54:2d:9f:4b:
7a:79:53:e9:e0:6c:d4:41:58:d0:0b:0a:1d:7a:f8:
1a:56:53:7e:76:03:93:d5:85:91:63:c8:a0:e7:3d:
30:ce:3f:c1:5d:9e:2b:02:4b:58:0d:b5:c0:ce:ce:
43:37:6e:f9:d1:f7:f7:ec:81:3a:98:37:6d:cc:aa:
b9:a9:cc:48:47:ef:f8:34:04:e2:70:2b:b7:45:3c:
6b:b9:ce:c7:1e:c1:59:f1:92:78:a0:17:fa:58:d9:
bb:ba:ec:9c:06:4e:2e:c2:bb:3c:d4:89:08:d8:c0:
e7:af:04:ad:7b:6b:f6:4a:08:e8:fd:d3:c6:9d:62:
a1:d3:b8:7a:63:30:4f:1c:15:ed:1c:3b:5a:e3:ff:
0f:2a:3c:f9:83:97:48:51:b6:d2:a0:1d:4e:7e:0f:
1e:cf:de:26:a8:65:08:27:02:71:c3:57:4f:9b:a8:
06:4e:c7:c9:80:d6:2a:ad:a9:5b:06:85:3b:d7:d2:
9e:10:36:ec:4e:4c:c7:54:18:54:02:5b:c4:e9:65:
5a:75:47:a2:1b:f7:08:61:2f:8a:f5:d0:d7:44:1d:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:09:10:B5:5A:84:3D:03:32:D5:54:66:02:65:3E:1B:F0:3F:4F:87
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/EAkQtVqEPQMy1VRmAmU-G_A_T4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.80.129.0-45.80.131.255
45.95.235.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
109.236.58.0/24
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
78:81:8e:7f:8a:cd:92:e7:d2:9c:a1:69:13:84:b8:65:dc:c9:
59:6b:62:96:bc:61:37:34:26:72:05:0f:f9:5b:3f:9d:fb:46:
76:de:29:b5:24:2a:c5:21:da:2b:22:f4:96:8a:89:b7:a4:bc:
5f:cf:34:0b:84:83:24:3d:56:f3:5c:be:b6:dc:17:03:36:c2:
00:48:06:10:5e:c7:b3:5b:22:24:8b:a9:62:10:c0:1b:bc:82:
25:11:5f:5a:55:11:62:99:09:f7:d7:90:72:f9:02:6f:0c:c2:
cf:e7:74:8d:25:0a:c4:4f:64:01:74:2e:1b:d7:01:ab:ab:74:
62:70:51:b1:94:6d:ff:dc:8e:54:ff:a5:0d:2a:cd:3c:f9:7e:
2e:d6:8a:52:02:e7:ca:5d:c7:7c:35:f5:22:7d:ca:fc:49:3a:
55:4e:a9:4b:72:16:4a:9c:2b:9b:ad:5b:09:ce:c9:c0:fc:5d:
8e:39:01:cd:f6:bf:a9:9e:9d:2c:a0:d0:2b:a6:20:84:ec:d8:
50:2c:24:f6:b0:92:86:a3:c2:33:6e:ac:7a:64:96:07:ad:4f:
80:1e:63:95:81:32:1b:e1:0a:ad:11:3b:e4:e6:45:20:b6:b2:
de:af:f9:89:87:ea:94:07:06:d0:2f:3f:04:bf:2c:41:8c:70:
ac:fb:fe:01
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYbz7H1WX6CrMe+d1w0cxcrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzE4MDg1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDA5MTBiNTVhODQzZDAzMzJkNTU0NjYwMjY1M2UxYmYwM2Y0Zjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Big4R/zjG7QMsOZknjZtQ3HBe5W
lFtWNqziA6SNb9ZkVjL2vCYrwFQtn0t6eVPp4GzUQVjQCwodevgaVlN+dgOT1YWR
Y8ig5z0wzj/BXZ4rAktYDbXAzs5DN2750ff37IE6mDdtzKq5qcxIR+/4NATicCu3
RTxruc7HHsFZ8ZJ4oBf6WNm7uuycBk4uwrs81IkI2MDnrwSte2v2Sgjo/dPGnWKh
07h6YzBPHBXtHDta4/8PKjz5g5dIUbbSoB1Ofg8ez94mqGUIJwJxw1dPm6gGTsfJ
gNYqralbBoU719KeEDbsTkzHVBhUAlvE6WVadUeiG/cIYS+K9dDXRB1F1QIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFBAJELVahD0DMtVUZgJlPhvwP0+HMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRUFrUXRWcUVQUU15MVZSbUFtVS1HX0FfVDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTCBigQCAAEwgYMwCwMD
AB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FAwDAMEAC1QgQMEAi1Q
gAMEAC1f6wMEAC4QDAMEAS4QDgMEAi4TQDAMAwQEUciQAwQBUcicMAwDBANextgD
BAFextwDBABt7DowDAMEAI1i6QMEAI1i6gMEAbmmxDANBgkqhkiG9w0BAQsFAAOC
AQEAeIGOf4rNkufSnKFpE4S4ZdzJWWtilrxhNzQmcgUP+Vs/nftGdt4ptSQqxSHa
KyL0loqJt6S8X880C4SDJD1W81y+ttwXAzbCAEgGEF7Hs1siJIupYhDAG7yCJRFf
WlURYpkJ99eQcvkCbwzCz+d0jSUKxE9kAXQuG9cBq6t0YnBRsZRt/9yOVP+lDSrN
PPl+LtaKUgLnyl3HfDX1In3K/Ek6VU6pS3IWSpwrm61bCc7JwPxdjjkBzfa/qZ6d
LKDQK6YghOzYUCwk9rCShqPCM26semSWB61PgB5jlYEyG+EKrRE75OZFILay3q/5
iYfqlAcG0C8/BL8sQYxwrPv+AQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org