Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FbcSD6_-MCDpG-jMprtgcMLGAiE.roa
File: FbcSD6_-MCDpG-jMprtgcMLGAiE.roa (raw, json)
Hash identifier: 6ECXJLYL42rjfpJILjMMwy6WAQ8NU3Qrjz1aUrIcVXg=
Subject key identifier: 15:B7:12:0F:AF:FE:30:20:E9:1B:E8:CC:A6:BB:60:70:C2:C6:02:21
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018F2E86E33B37592A58EB0FFACE8CFBEFE2
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FbcSD6_-MCDpG-jMprtgcMLGAiE.roa
Signing time: Tue 30 Apr 2024 10:22:22 +0000
ROA not before: Tue 30 Apr 2024 10:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:86:e3:3b:37:59:2a:58:eb:0f:fa:ce:8c:fb:ef:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 30 10:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b7120faffe3020e91be8cca6bb6070c2c60221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:28:7f:d0:11:93:d6:dc:e9:95:57:35:3d:c3:
56:68:79:2e:86:29:66:19:8d:e8:93:79:ac:5c:c6:
8c:f8:83:99:ba:e4:a0:a6:d0:92:f1:d4:d8:6f:29:
ad:c1:3a:e2:a3:da:89:e7:bf:85:ac:db:84:0b:3e:
cc:f6:23:29:a7:f7:29:fb:b0:d7:d7:a8:d2:c9:d0:
40:ca:00:49:38:a6:e4:03:62:c5:f7:17:f8:70:0b:
47:9a:86:07:ec:12:c9:e9:6c:ae:4f:7e:88:c2:21:
13:da:7d:db:0e:b1:4f:08:3f:a3:d4:a6:e8:d4:72:
40:0f:a6:5c:f9:ae:5d:c6:b2:96:00:a9:cf:fa:65:
c3:20:04:5a:55:4a:7b:05:87:f4:ec:6f:98:ed:0d:
0c:17:d6:50:c1:19:dc:80:e5:8d:35:94:ec:10:4b:
49:51:ac:00:08:9d:81:ce:a3:9c:17:66:28:49:c0:
bb:aa:c4:a6:f1:f9:1f:bd:4f:bf:07:2b:98:74:37:
d9:1e:a5:a6:c9:92:45:97:10:ed:c7:07:f8:f0:97:
89:d3:d3:b5:46:f5:05:9a:a7:1c:fe:03:9a:da:e1:
f2:17:6c:5d:1e:4f:28:f4:3b:9d:36:b0:19:27:5e:
c8:05:b7:cc:43:76:b5:09:be:fe:49:e3:26:24:14:
de:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B7:12:0F:AF:FE:30:20:E9:1B:E8:CC:A6:BB:60:70:C2:C6:02:21
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/FbcSD6_-MCDpG-jMprtgcMLGAiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.22.0/24
45.95.232.0/23
92.118.112.0/24
141.98.233.0-141.98.234.255
185.247.184.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3d:d2:de:da:08:1f:3a:9f:3a:97:cc:54:27:7a:ea:31:a9:
6e:55:9d:9e:d3:19:1a:83:69:62:3e:32:ce:4f:b8:c2:65:70:
d9:dc:d5:78:6e:d7:2c:59:b3:6b:2a:d2:13:2e:65:59:ea:3d:
aa:4f:34:bf:2a:80:a4:5b:07:14:8e:6c:20:90:7a:12:a9:df:
e3:03:84:c6:28:db:5e:be:8f:e5:c4:b0:9a:bd:1c:9d:9b:46:
8c:bb:bb:2c:18:2c:5f:3d:10:63:e2:d8:59:f1:07:aa:f4:06:
7d:e3:e3:90:e3:14:bc:e9:b8:f4:b3:b0:94:1a:ea:9e:4f:63:
b3:e9:62:d5:5a:ba:df:e7:55:83:38:8c:df:15:7b:88:60:fa:
a4:43:c6:ef:37:6d:29:15:7e:1c:5b:76:e3:20:f3:a0:48:7c:
6f:b9:77:1e:6e:20:1a:65:b3:61:15:62:1a:97:5a:a8:e2:6b:
56:f6:a2:11:18:a6:bf:59:2a:58:a9:41:d7:bc:61:50:9d:d8:
cd:de:22:c2:a6:05:0f:50:0e:7c:ce:85:5b:49:75:ac:64:7d:
f7:48:49:bd:5b:29:17:d7:6e:76:3e:0a:00:e5:70:27:60:e3:
d2:07:02:95:7e:ad:ca:e8:af:89:84:a2:62:63:73:37:51:67:
99:1f:dd:c3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY8uhuM7N1kqWOsP+s6M++/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwNDMwMTAyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWI3MTIwZmFmZmUzMDIwZTkxYmU4Y2NhNmJiNjA3MGMyYzYwMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyh/0BGT1tzplVc1PcNWaHkuhilm
GY3ok3msXMaM+IOZuuSgptCS8dTYbymtwTrio9qJ57+FrNuECz7M9iMpp/cp+7DX
16jSydBAygBJOKbkA2LF9xf4cAtHmoYH7BLJ6WyuT36IwiET2n3bDrFPCD+j1Kbo
1HJAD6Zc+a5dxrKWAKnP+mXDIARaVUp7BYf07G+Y7Q0MF9ZQwRncgOWNNZTsEEtJ
UawACJ2BzqOcF2YoScC7qsSm8fkfvU+/ByuYdDfZHqWmyZJFlxDtxwf48JeJ09O1
RvUFmqcc/gOa2uHyF2xdHk8o9DudNrAZJ17IBbfMQ3a1Cb7+SeMmJBTeWwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBW3Eg+v/jAg6RvozKa7YHDCxgIhMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRmJjU0Q2Xy1NQ0RwRy1qTXBydGdjTUxHQWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABSwqAwQA
H4EWAwQBLV/oAwQAXHZwMAwDBACNYukDBACNYuoDBAC597gwDQYJKoZIhvcNAQEL
BQADggEBAEg90t7aCB86nzqXzFQneuoxqW5VnZ7TGRqDaWI+Ms5PuMJlcNnc1Xhu
1yxZs2sq0hMuZVnqPapPNL8qgKRbBxSObCCQehKp3+MDhMYo216+j+XEsJq9HJ2b
Roy7uywYLF89EGPi2FnxB6r0Bn3j45DjFLzpuPSzsJQa6p5PY7PpYtVaut/nVYM4
jN8Ve4hg+qRDxu83bSkVfhxbduMg86BIfG+5dx5uIBpls2EVYhqXWqjia1b2ohEY
pr9ZKlipQde8YVCd2M3eIsKmBQ9QDnzOhVtJdaxkffdISb1bKRfXbnY+CgDlcCdg
49IHApV+rcror4mEomJjczdRZ5kf3cM=
-----END CERTIFICATE-----
Generated at Fri Jun 28 19:45:55 2024 by rpki-client on console-ams.rpki-client.org