Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Ta3BsVs2l_IxlHvKH3dIX1zvVXw.roa
File: Ta3BsVs2l_IxlHvKH3dIX1zvVXw.roa (raw, json)
Hash identifier: QftNC1hsq3/7boMb+oEBIL3PKIsEzh7lDcZ4uC0QeXE=
Subject key identifier: 4D:AD:C1:B1:5B:36:97:F2:31:94:7B:CA:1F:77:48:5F:5C:EF:55:7C
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018E9EADF824DC3F18362C81D1399D259FD3
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Ta3BsVs2l_IxlHvKH3dIX1zvVXw.roa
Signing time: Tue 02 Apr 2024 11:59:44 +0000
ROA not before: Tue 02 Apr 2024 11:59:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 5.44.42.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
37.220.86.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:ad:f8:24:dc:3f:18:36:2c:81:d1:39:9d:25:9f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 2 11:59:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dadc1b15b3697f231947bca1f77485f5cef557c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e6:80:e0:45:cb:bf:dc:50:f0:44:fb:79:7a:
a0:02:e3:45:81:46:21:f2:0e:14:85:51:ae:b8:0d:
4d:6e:d8:b4:96:a4:26:0e:43:fc:69:a5:16:74:a9:
68:7e:41:47:23:5e:0e:51:f9:ff:7a:28:94:43:09:
f6:36:eb:fa:b5:4d:91:52:20:86:18:d5:cf:fa:cc:
c1:ea:0e:5f:8c:8a:ac:0b:ae:ae:0a:5a:6e:b3:c8:
52:f5:74:22:15:f1:af:e2:07:20:3e:96:53:0f:4e:
b5:59:ad:cd:f4:3b:ee:7b:25:35:0a:0b:1c:d4:d1:
91:ff:e4:d8:88:19:2d:b1:3e:2f:f0:63:25:06:f0:
d2:be:a2:9f:b8:8c:41:f4:52:43:b1:94:15:cc:c0:
88:cf:08:52:c3:c5:c0:32:a1:76:64:14:c3:5a:4f:
31:43:d5:d8:93:ed:3d:17:9a:fe:42:59:12:48:09:
5d:95:9e:b3:ef:7a:70:ec:43:c9:07:2c:bf:92:13:
db:02:c6:8c:42:78:fe:51:3f:2c:6e:62:b2:0a:f5:
72:c7:b2:10:51:2b:2d:0d:da:48:f7:06:37:2e:3c:
e0:34:46:ad:3a:57:21:62:35:37:64:57:6a:eb:85:
9a:0c:7c:4d:b5:b6:2b:75:f1:ba:37:72:f3:9b:c8:
e8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AD:C1:B1:5B:36:97:F2:31:94:7B:CA:1F:77:48:5F:5C:EF:55:7C
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/Ta3BsVs2l_IxlHvKH3dIX1zvVXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.86.0/24
45.95.232.0/23
45.129.184.0/24
45.129.187.0/24
77.83.116.0/24
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
194.28.192.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:82:54:b9:66:0c:ce:4a:41:c6:89:5b:37:20:4f:de:d3:53:
0b:ef:93:c2:22:cd:3b:7b:ab:71:fd:e5:59:cf:44:21:ba:f1:
49:e1:65:ca:93:e0:51:82:a1:66:95:45:fd:e4:4f:76:af:9e:
36:10:3f:04:63:9e:21:42:c8:ca:84:b0:fb:22:c6:cc:ba:5e:
a0:0e:b6:6a:17:1f:ca:6a:c9:a6:29:13:bc:a6:e6:03:65:13:
c0:83:50:6a:4e:07:62:d6:54:fe:2d:02:b6:6b:9d:57:d0:d6:
fe:9a:db:15:3c:2a:d9:6d:6a:aa:71:a7:63:7e:f4:b3:d6:0f:
c2:55:88:8b:93:41:d0:54:bb:cd:ac:e8:20:3b:4f:d7:51:37:
be:2d:67:8f:98:61:76:f5:69:0c:29:ee:87:9e:34:61:a4:44:
63:93:66:8b:4f:ac:01:5f:2d:a3:b9:0d:a1:c3:c9:e8:99:f2:
30:52:da:64:5f:7b:5b:89:85:23:b6:3b:b9:15:1d:82:5d:27:
3d:77:3c:db:3e:97:cd:0d:04:9d:34:eb:de:55:6e:a1:c2:ca:
1a:2c:76:c7:97:2d:d7:0d:cd:cb:aa:53:14:f0:9f:5e:8f:78:
1f:db:95:59:8b:f2:6c:c0:8c:56:72:8a:c8:cb:1d:d1:b6:2a:
3e:10:5c:d5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY6erfgk3D8YNiyB0TmdJZ/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwNDAyMTE1OTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFkYzFiMTViMzY5N2YyMzE5NDdiY2ExZjc3NDg1ZjVjZWY1NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+aA4EXLv9xQ8ET7eXqgAuNFgUYh
8g4UhVGuuA1Nbti0lqQmDkP8aaUWdKlofkFHI14OUfn/eiiUQwn2Nuv6tU2RUiCG
GNXP+szB6g5fjIqsC66uClpus8hS9XQiFfGv4gcgPpZTD061Wa3N9DvueyU1Cgsc
1NGR/+TYiBktsT4v8GMlBvDSvqKfuIxB9FJDsZQVzMCIzwhSw8XAMqF2ZBTDWk8x
Q9XYk+09F5r+QlkSSAldlZ6z73pw7EPJByy/khPbAsaMQnj+UT8sbmKyCvVyx7IQ
USstDdpI9wY3LjzgNEatOlchYjU3ZFdq64WaDHxNtbYrdfG6N3Lzm8jozwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFE2twbFbNpfyMZR7yh93SF9c71V8MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvVGEzQnNWczJsX0l4bEh2S0gzZElYMXp2Vlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAAUsKgME
AAUsLAMEAB+BFgMEACXcVgMEAS1f6AMEAC2BuAMEAC2BuwMEAE1TdAMEAFVcbQME
AFm/6AMEAFtrdAMEAFx2cDAMAwQAjWLpAwQAjWLqAwQAuabHAwQAufe4AwQAwhzA
AwQBw1AwAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQA8glS5ZgzOSkHGiVs3IE/e
01ML75PCIs07e6tx/eVZz0QhuvFJ4WXKk+BRgqFmlUX95E92r542ED8EY54hQsjK
hLD7IsbMul6gDrZqFx/KasmmKRO8puYDZRPAg1BqTgdi1lT+LQK2a51X0Nb+mtsV
PCrZbWqqcadjfvSz1g/CVYiLk0HQVLvNrOggO0/XUTe+LWePmGF29WkMKe6HnjRh
pERjk2aLT6wBXy2juQ2hw8nomfIwUtpkX3tbiYUjtju5FR2CXSc9dzzbPpfNDQSd
NOveVW6hwsoaLHbHly3XDc3LqlMU8J9ej3gf25VZi/JswIxWcorIyx3Rtio+EFzV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org