Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RNTdzLS2Pk9pHRG4Jm4prMvLjBE.roa
File: RNTdzLS2Pk9pHRG4Jm4prMvLjBE.roa (raw, json)
Hash identifier: SLhzIimBrkXUI29GJ7E0+oJHCnJT9AN2NghBTlVXTSs=
Subject key identifier: 44:D4:DD:CC:B4:B6:3E:4F:69:1D:11:B8:26:6E:29:AC:CB:CB:8C:11
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01887CC172228D65058BF11B6F7B735022B3
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RNTdzLS2Pk9pHRG4Jm4prMvLjBE.roa
Signing time: Fri 02 Jun 2023 15:37:12 +0000
ROA not before: Fri 02 Jun 2023 15:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:c1:72:22:8d:65:05:8b:f1:1b:6f:7b:73:50:22:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jun 2 15:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44d4ddccb4b63e4f691d11b8266e29accbcb8c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7d:2a:bf:34:8d:d7:80:78:51:9a:1c:d2:51:
a9:f0:15:9f:85:26:b5:78:c2:d9:97:5a:6c:f0:ea:
ae:36:89:70:f6:8d:f2:6f:f2:d7:cd:f7:56:02:21:
67:82:4c:82:f3:87:a3:17:bd:2c:30:25:2e:00:ff:
12:b1:f5:1d:df:f9:e2:90:6b:40:59:b5:53:f3:77:
59:93:b0:2f:be:b1:70:0a:13:73:11:4c:6b:0e:8a:
80:dd:df:fa:2b:ec:dd:87:3a:dc:5e:91:d4:9a:e6:
22:10:3e:2e:98:ae:89:ba:bd:23:af:84:dd:f5:fe:
36:17:25:51:a5:6f:13:21:60:f0:0b:3d:dc:c4:26:
17:d9:ad:9c:35:40:3f:53:e4:3e:3d:5d:ed:bd:bd:
2b:be:d9:69:ec:71:8a:24:b5:97:e8:08:66:ac:60:
47:a0:30:8e:b3:eb:1e:51:66:6d:49:25:a5:fd:a3:
fa:c5:be:b2:10:e6:1b:6d:1b:96:cf:46:47:58:d0:
2a:87:dd:27:1d:35:0e:b5:d6:a2:15:3a:6e:45:99:
bb:b4:76:47:c6:c8:2f:cc:eb:65:c5:ac:c7:fb:b4:
a9:36:88:bc:16:0b:62:49:d4:c0:1a:d5:ed:92:dd:
85:88:9e:38:31:b8:ad:30:9e:25:bd:cc:67:2e:41:
48:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D4:DD:CC:B4:B6:3E:4F:69:1D:11:B8:26:6E:29:AC:CB:CB:8C:11
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RNTdzLS2Pk9pHRG4Jm4prMvLjBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:db:ee:34:9c:ee:10:0b:94:27:52:ec:29:36:99:45:3f:20:
64:cc:c8:d6:f7:71:05:58:86:40:36:7f:35:29:28:07:1a:28:
1c:b8:49:bc:44:a6:85:03:b7:6e:db:63:58:9f:ad:6c:dd:0d:
75:29:0d:7c:13:f0:dd:37:01:d5:73:28:8d:98:b0:89:2e:d8:
fc:84:54:19:e4:d5:f4:ce:05:54:0f:9d:0e:af:73:81:12:92:
03:32:69:80:6e:b4:e1:25:46:55:95:14:1c:07:ee:7f:1d:80:
9b:c0:ce:3d:f6:b2:6b:8e:bc:8c:b2:6e:24:24:7e:f1:c3:6b:
fc:3f:86:1e:f2:54:e3:fa:ff:c2:00:2a:05:5b:95:9c:45:1a:
8e:23:b2:b2:f1:23:15:1d:9c:db:d3:53:f5:9a:00:a6:85:3a:
d7:69:b1:6f:1e:6a:37:61:b9:2b:92:72:01:6a:8c:cc:ec:f9:
d3:68:b4:93:bb:f2:56:a3:a9:f7:52:87:0f:82:af:74:b0:08:
7b:59:9a:97:02:2b:92:9d:85:e7:1e:d6:24:23:31:ee:47:8e:
72:2e:08:cd:b1:26:68:ce:59:8f:e8:1b:10:c6:d3:b2:d2:b0:
e5:0d:20:36:7d:ec:3c:29:59:75:65:fe:9b:9c:57:37:c4:cd:
fc:37:6c:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYh8wXIijWUFi/Ebb3tzUCKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNjAyMTUzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ0ZGRjY2I0YjYzZTRmNjkxZDExYjgyNjZlMjlhY2NiY2I4YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH0qvzSN14B4UZoc0lGp8BWfhSa1
eMLZl1ps8OquNolw9o3yb/LXzfdWAiFngkyC84ejF70sMCUuAP8SsfUd3/nikGtA
WbVT83dZk7AvvrFwChNzEUxrDoqA3d/6K+zdhzrcXpHUmuYiED4umK6Jur0jr4Td
9f42FyVRpW8TIWDwCz3cxCYX2a2cNUA/U+Q+PV3tvb0rvtlp7HGKJLWX6AhmrGBH
oDCOs+seUWZtSSWl/aP6xb6yEOYbbRuWz0ZHWNAqh90nHTUOtdaiFTpuRZm7tHZH
xsgvzOtlxazH+7SpNoi8FgtiSdTAGtXtkt2FiJ44MbitMJ4lvcxnLkFIVQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFETU3cy0tj5PaR0RuCZuKazLy4wRMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUk5UZHpMUzJQazlwSFJHNEptNHByTXZMakJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAEwaTALAwMAH4ED
BAAfgRQwDAMEAB+BFwMEAR+BHAMEAB+BHwMEAiXcUAMEAC4QDAMEAS4QDgMEAi4T
QDAMAwQEUciQAwQBUcicMAwDBANextgDBAFextwwDAMEAI1i6QMEAI1i6gMEAbmm
xDANBgkqhkiG9w0BAQsFAAOCAQEAK9vuNJzuEAuUJ1LsKTaZRT8gZMzI1vdxBViG
QDZ/NSkoBxooHLhJvESmhQO3bttjWJ+tbN0NdSkNfBPw3TcB1XMojZiwiS7Y/IRU
GeTV9M4FVA+dDq9zgRKSAzJpgG604SVGVZUUHAfufx2Am8DOPfaya468jLJuJCR+
8cNr/D+GHvJU4/r/wgAqBVuVnEUajiOysvEjFR2c29NT9ZoApoU612mxbx5qN2G5
K5JyAWqMzOz502i0k7vyVqOp91KHD4KvdLAIe1malwIrkp2F5x7WJCMx7keOci4I
zbEmaM5Zj+gbEMbTstKw5Q0gNn3sPClZdWX+m5xXN8TN/DdswA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org