Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LtWg3mMELQp7vlWsE2ETHV9tMYk.roa
File: LtWg3mMELQp7vlWsE2ETHV9tMYk.roa (raw, json)
Hash identifier: K136ciMkWEmWPa4pRRNKPxS0HvnU+NBcqDEMFSuEppc=
Subject key identifier: 2E:D5:A0:DE:63:04:2D:0A:7B:BE:55:AC:13:61:13:1D:5F:6D:31:89
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DFA26E24E32B48D4D3052608BDB5B
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LtWg3mMELQp7vlWsE2ETHV9tMYk.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210512
IP address blocks: 31.129.21.0/24 maxlen: 24
194.5.94.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fa:26:e2:4e:32:b4:8d:4d:30:52:60:8b:db:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ed5a0de63042d0a7bbe55ac1361131d5f6d3189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:83:a5:09:be:5d:08:94:19:6f:a2:c3:fc:
ea:e1:f2:12:0e:46:12:3f:fd:9d:1e:d0:a3:47:29:
2b:8e:6f:2b:3f:61:c8:00:fb:10:7d:eb:bd:61:2d:
b9:18:8b:1b:ca:6d:a6:67:4d:80:ce:81:5b:3d:74:
7d:9c:a1:ca:b7:ed:74:ca:17:94:9e:7a:24:0e:48:
db:b6:1c:42:b6:13:e6:d1:0f:07:58:f8:5e:b7:ae:
6f:ff:51:47:34:ae:18:a2:a3:82:a5:70:69:66:6c:
65:71:84:bc:64:59:62:f6:a4:e0:90:4b:39:70:41:
48:7e:be:4b:3b:98:93:0f:d1:9c:bb:1e:a2:e2:f1:
a4:63:af:11:a7:2a:e4:eb:5d:1d:e4:e6:55:a5:2c:
e1:0c:6f:36:ba:4b:e8:42:57:52:0b:9c:38:e3:02:
da:00:57:0d:6c:43:8f:a7:76:ec:df:3a:b8:bb:44:
72:01:4e:dd:c7:36:d5:0a:29:90:e2:84:94:65:de:
9a:ae:5b:8a:76:c8:ef:70:3d:38:fc:70:63:ae:07:
bb:a7:9b:0d:fc:27:a2:60:0f:0a:2b:ee:a8:90:99:
ae:2b:ee:d3:08:db:92:f1:79:5b:46:e3:a4:f4:2c:
c3:b4:18:59:fa:0b:9a:2d:76:c3:c0:71:1c:ba:53:
e5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D5:A0:DE:63:04:2D:0A:7B:BE:55:AC:13:61:13:1D:5F:6D:31:89
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/LtWg3mMELQp7vlWsE2ETHV9tMYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0/24
194.5.94.0/24
Signature Algorithm: sha256WithRSAEncryption
60:01:92:53:4e:2c:e0:27:d7:97:51:5b:62:dd:9a:fa:50:e8:
95:d1:53:bb:4a:41:20:c5:85:96:e6:f1:4f:06:5e:35:76:9d:
57:a9:24:ef:cf:d8:5f:d9:52:d9:d1:9a:53:e2:60:36:4f:f8:
a6:a5:2f:a7:7b:cc:74:b8:1e:93:97:11:14:72:d3:34:4a:0e:
6d:74:71:e5:9f:1c:1c:d2:1e:e5:7d:0a:54:a7:14:ac:21:a1:
39:8c:c5:3b:9f:97:e8:e8:97:b5:8f:cb:26:ae:33:0b:4b:df:
4b:81:0d:78:e2:b9:22:8e:25:67:53:9c:8f:d8:04:8b:41:c3:
55:55:41:ae:07:37:82:c4:61:75:76:54:b5:51:d2:09:a6:ce:
bb:72:90:5a:07:28:62:b5:93:07:b8:75:54:ae:fe:41:b0:5f:
d4:c8:f7:3b:b8:a4:63:3b:2c:12:8f:74:19:47:b2:47:a2:96:
91:08:64:5c:66:d2:b6:c5:bd:68:b1:bd:6c:f8:78:c6:f1:06:
19:8c:9a:0b:70:92:30:e9:90:b8:d2:e5:35:54:c0:c9:2d:19:
e6:67:50:8c:fe:2c:b0:57:c9:d9:2e:69:83:69:c6:f0:c4:32:
15:5e:c1:c1:82:a1:a3:bb:e6:ea:e2:f7:d4:7f:05:99:12:83:
e1:23:15:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbfom4k4ytI1NMFJgi9tbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ1YTBkZTYzMDQyZDBhN2JiZTU1YWMxMzYxMTMxZDVmNmQzMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTGDpQm+XQiUGW+iw/zq4fISDkYS
P/2dHtCjRykrjm8rP2HIAPsQfeu9YS25GIsbym2mZ02AzoFbPXR9nKHKt+10yheU
nnokDkjbthxCthPm0Q8HWPhet65v/1FHNK4YoqOCpXBpZmxlcYS8ZFli9qTgkEs5
cEFIfr5LO5iTD9Gcux6i4vGkY68Rpyrk610d5OZVpSzhDG82ukvoQldSC5w44wLa
AFcNbEOPp3bs3zq4u0RyAU7dxzbVCimQ4oSUZd6arluKdsjvcD04/HBjrge7p5sN
/CeiYA8KK+6okJmuK+7TCNuS8XlbRuOk9CzDtBhZ+guaLXbDwHEculPlGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC7VoN5jBC0Ke75VrBNhEx1fbTGJMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTHRXZzNtTUVMUXA3dmxXc0UyRVRIVjl0TVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4EVAwQA
wgVeMA0GCSqGSIb3DQEBCwUAA4IBAQBgAZJTTizgJ9eXUVti3Zr6UOiV0VO7SkEg
xYWW5vFPBl41dp1XqSTvz9hf2VLZ0ZpT4mA2T/impS+ne8x0uB6TlxEUctM0Sg5t
dHHlnxwc0h7lfQpUpxSsIaE5jMU7n5fo6Je1j8smrjMLS99LgQ144rkijiVnU5yP
2ASLQcNVVUGuBzeCxGF1dlS1UdIJps67cpBaByhitZMHuHVUrv5BsF/UyPc7uKRj
OywSj3QZR7JHopaRCGRcZtK2xb1osb1s+HjG8QYZjJoLcJIw6ZC40uU1VMDJLRnm
Z1CM/iywV8nZLmmDacbwxDIVXsHBgqGju+bq4vfUfwWZEoPhIxU/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org