Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/R5ws3XrBMfoCCDaGOrdL8dktkKM.roa
File: R5ws3XrBMfoCCDaGOrdL8dktkKM.roa (raw, json)
Hash identifier: v3oOU/4dpAxgQMlNa1qXd5/XqmhEir3x6d2NvfrpPRE=
Subject key identifier: 47:9C:2C:DD:7A:C1:31:FA:02:08:36:86:3A:B7:4B:F1:D9:2D:90:A3
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DF9BCD22BD2A0585DF7A4DCE3CA11
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/R5ws3XrBMfoCCDaGOrdL8dktkKM.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 31.129.22.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
37.220.86.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f9:bc:d2:2b:d2:a0:58:5d:f7:a4:dc:e3:ca:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=479c2cdd7ac131fa020836863ab74bf1d92d90a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f8:6b:f2:30:50:a6:b6:0e:38:ec:56:bd:57:
eb:98:54:16:24:94:ef:56:ca:e0:2d:fa:8d:af:37:
df:f7:5c:2f:d6:3b:32:a2:f7:f2:42:9b:23:30:03:
32:d4:d0:14:ea:3a:06:6b:f9:e0:0f:ad:2c:dc:87:
e4:65:4b:e7:d2:cf:73:e3:31:20:da:0d:38:dd:62:
16:0c:b4:d6:17:df:91:a5:a7:2b:cf:40:d0:21:58:
40:6e:15:5f:5f:8f:9d:22:49:1b:1a:e5:fa:26:f5:
2f:dd:d4:c5:5c:1d:ad:fd:85:37:e0:0b:2a:95:7c:
5d:47:e2:82:25:d3:06:7b:3c:0d:61:da:33:13:97:
85:17:2a:92:c9:ec:f3:c9:05:2f:d9:fc:dd:da:d8:
0f:c3:59:a3:e9:f5:ba:c2:0b:fa:f2:40:20:5b:d8:
ad:30:8d:11:f3:89:09:71:2c:da:f5:9f:46:1e:89:
d1:f1:b3:c5:f4:7a:26:f6:3f:ac:de:2b:93:fb:7d:
6b:72:0e:d6:f7:e2:73:46:07:66:c0:9f:07:a6:22:
ef:17:ee:c4:28:17:c9:78:ef:21:ea:36:78:3a:d1:
6c:66:f0:22:00:46:2a:95:8b:2f:46:0b:83:c3:7c:
af:43:30:87:ea:1f:d1:43:f4:d4:4a:e3:7a:dd:db:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9C:2C:DD:7A:C1:31:FA:02:08:36:86:3A:B7:4B:F1:D9:2D:90:A3
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/R5ws3XrBMfoCCDaGOrdL8dktkKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.86.0/23
45.95.232.0/23
45.129.184.0/24
45.129.187.0/24
91.107.116.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
194.28.192.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:b4:8a:49:e6:84:f9:1f:9d:e2:03:3f:39:36:09:c4:cd:45:
a8:98:fc:61:4d:d7:03:e7:ef:d6:17:a4:3a:37:f6:c6:6a:60:
e3:99:a0:a7:36:03:45:6a:b6:14:bd:e2:ec:cd:a0:b6:9b:1d:
90:59:c5:d3:8c:7d:02:86:1c:c2:62:70:c9:0d:c9:e3:21:b3:
83:42:f9:82:5e:d9:c6:30:a5:cb:0c:42:0f:b3:7b:bc:22:03:
07:f4:5d:f8:8e:74:93:c2:62:a8:f7:f7:75:2c:47:6f:04:9c:
e7:4b:00:8a:7b:f4:48:26:d3:5e:11:72:64:37:3a:fa:5e:2d:
78:10:cb:74:6f:1e:f0:54:58:15:09:cd:fa:ce:7d:d6:8a:b0:
17:be:4d:82:7d:16:2e:f8:c2:a6:4f:19:38:ca:f7:2a:90:57:
56:2b:21:31:69:32:cf:cc:18:35:0b:98:72:5e:70:ee:de:41:
21:fc:5f:e0:ba:2d:76:9d:9e:44:54:01:de:99:b6:90:6b:ae:
8a:74:d7:1d:72:14:94:c5:7b:05:07:42:2b:0d:6f:35:da:83:
87:25:7d:14:cf:b1:18:bb:00:17:70:fb:7c:8a:bd:52:ba:9d:
da:ef:8b:ef:9f:74:b6:f3:6d:cb:7d:b5:7b:a3:61:18:d5:3d:
97:21:ba:35
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYzFbfm80ivSoFhd96Tc48oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzljMmNkZDdhYzEzMWZhMDIwODM2ODYzYWI3NGJmMWQ5MmQ5MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPhr8jBQprYOOOxWvVfrmFQWJJTv
VsrgLfqNrzff91wv1jsyovfyQpsjMAMy1NAU6joGa/ngD60s3IfkZUvn0s9z4zEg
2g043WIWDLTWF9+Rpacrz0DQIVhAbhVfX4+dIkkbGuX6JvUv3dTFXB2t/YU34Asq
lXxdR+KCJdMGezwNYdozE5eFFyqSyezzyQUv2fzd2tgPw1mj6fW6wgv68kAgW9it
MI0R84kJcSza9Z9GHonR8bPF9Hom9j+s3iuT+31rcg7W9+JzRgdmwJ8HpiLvF+7E
KBfJeO8h6jZ4OtFsZvAiAEYqlYsvRguDw3yvQzCH6h/RQ/TUSuN63dsJqQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFEecLN16wTH6Agg2hjq3S/HZLZCjMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUjV3czNYckJNZm9DQ0RhR09yZEw4ZGt0a0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABSwqAwQA
BSwsAwQAH4EWAwQBJdxWAwQBLV/oAwQALYG4AwQALYG7AwQAW2t0AwQAXHZwMAwD
BACNYukDBACNYuoDBAC5pscDBAC597gDBADCHMADBAHDUDADBADUPBcwDQYJKoZI
hvcNAQELBQADggEBAC20iknmhPkfneIDPzk2CcTNRaiY/GFN1wPn79YXpDo39sZq
YOOZoKc2A0VqthS94uzNoLabHZBZxdOMfQKGHMJicMkNyeMhs4NC+YJe2cYwpcsM
Qg+ze7wiAwf0XfiOdJPCYqj393UsR28EnOdLAIp79Egm014RcmQ3OvpeLXgQy3Rv
HvBUWBUJzfrOfdaKsBe+TYJ9Fi74wqZPGTjK9yqQV1YrITFpMs/MGDULmHJecO7e
QSH8X+C6LXadnkRUAd6ZtpBrrop01x1yFJTFewUHQisNbzXag4clfRTPsRi7ABdw
+3yKvVK6ndrvi++fdLbzbct9tXujYRjVPZchujU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org