Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bcM7ACJ3nWxJipgMQbru4-bt3vQ.roa
File: bcM7ACJ3nWxJipgMQbru4-bt3vQ.roa (raw, json)
Hash identifier: m9I+qRnYN0/3b6KtXvliXhZ7WS6lhNpIIEhrAYdlpeQ=
Subject key identifier: 6D:C3:3B:00:22:77:9D:6C:49:8A:98:0C:41:BA:EE:E3:E6:ED:DE:F4
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12090595
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bcM7ACJ3nWxJipgMQbru4-bt3vQ.roa
Signing time: Thu 10 Mar 2022 07:59:16 +0000
ROA not before: Thu 10 Mar 2022 07:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
91.107.124.0/23 maxlen: 23
194.31.174.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
91.107.127.0/24 maxlen: 24
194.5.92.0/24 maxlen: 24
194.5.93.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
45.66.116.0/24 maxlen: 24
45.66.119.0/24 maxlen: 24
109.236.58.0/24 maxlen: 24
109.236.56.0/23 maxlen: 23
92.118.114.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302581141 (0x12090595)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 10 07:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dc33b0022779d6c498a980c41baeee3e6eddef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:36:da:43:a0:73:6e:17:1a:a3:4a:83:14:8d:
60:3c:81:c1:2a:7c:c0:75:87:80:4a:53:a1:96:9e:
07:05:5e:a2:93:fb:39:0e:c2:60:25:44:81:c4:77:
e8:b4:95:35:06:12:ef:d5:f5:bd:8d:6e:90:aa:9f:
5a:71:4b:a3:2e:d3:03:c3:77:7f:fa:81:e9:55:11:
69:94:39:91:f2:67:ff:c9:28:89:bd:7d:b9:77:3b:
12:73:ce:57:b8:5b:8a:2b:12:35:59:81:a4:7d:1d:
07:a5:fe:81:b4:f2:a0:02:5a:bb:67:e6:99:1b:dd:
f9:ce:dd:c3:74:16:7b:8e:23:82:d7:44:1a:54:a9:
cf:ca:48:97:1d:96:6c:36:38:ed:d9:53:9c:43:d0:
e6:a1:c9:35:52:cb:0a:74:b4:8e:64:45:51:05:19:
b9:ef:08:ce:c2:1b:56:e2:1a:bb:f8:3d:be:85:af:
76:c9:c2:73:90:6d:2a:be:a1:2e:fd:1a:04:70:28:
f9:93:04:16:d8:32:3f:f6:06:bd:ea:62:39:4c:45:
67:2b:c8:1f:9a:a4:13:c3:f8:60:0c:3b:92:33:23:
53:e1:27:d1:74:9e:f7:61:9b:e1:c6:e3:97:0d:17:
2c:c9:4b:bc:a7:1f:1a:bb:cb:b0:7c:cb:58:10:21:
35:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C3:3B:00:22:77:9D:6C:49:8A:98:0C:41:BA:EE:E3:E6:ED:DE:F4
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bcM7ACJ3nWxJipgMQbru4-bt3vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.44.0/24
5.44.46.0/23
45.8.97.0-45.8.98.255
45.66.116.0/24
45.66.119.0/24
45.80.129.0-45.80.131.255
45.129.185.0/24
46.16.14.0/23
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
91.107.124.0/23
91.107.127.0/24
91.200.84.0/24
92.118.114.0/23
109.236.56.0-109.236.58.255
141.98.233.0-141.98.234.255
194.5.92.0/23
194.28.192.0/24
194.31.173.0-194.31.174.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
85:5b:52:da:c2:1f:cc:9e:49:64:40:26:6c:94:c6:65:82:74:
80:e6:d9:37:5b:1b:95:63:b0:21:14:80:c7:fa:f8:13:2c:b9:
18:39:06:98:d3:d7:a7:b8:ea:89:89:ad:8d:06:70:04:78:0d:
67:7a:02:8e:2b:43:b8:d8:19:1b:73:4c:3b:9d:74:c2:47:12:
5b:0a:59:a4:e3:1c:83:c9:14:d1:d7:62:77:f8:7d:59:f6:b3:
b5:af:08:7c:8d:3e:de:e9:0b:d0:8f:11:21:d7:3f:9b:47:cc:
7e:7b:f1:cf:f8:84:95:56:45:97:b5:9d:d2:53:5d:ee:f2:84:
8e:d4:8c:88:a7:ea:98:28:2e:35:8e:37:31:13:e4:62:53:cd:
55:19:c7:80:c3:41:ca:0c:24:48:70:b7:8b:5c:69:dd:6c:7d:
84:94:11:d9:86:18:36:6b:bc:94:ed:e5:78:7c:b8:84:a3:8c:
d2:68:6d:c8:5c:68:ba:9a:07:8f:96:f9:c9:1d:5d:38:57:24:
b8:aa:7f:9d:13:4a:12:ea:95:99:16:07:e6:28:ec:67:e6:78:
a3:bd:39:c3:88:a7:50:84:06:c1:2e:b9:f9:6e:4c:e2:c4:8f:
15:89:a2:a1:5e:bd:e7:47:e0:ed:ed:eb:4d:6a:4b:10:a5:be:
87:7c:87:9a
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIEEgkFlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDMx
MDA3NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRjMzNiMDAyMjc3
OWQ2YzQ5OGE5ODBjNDFiYWVlZTNlNmVkZGVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJk22kOgc24XGqNKgxSNYDyBwSp8wHWHgEpToZaeBwVeopP7
OQ7CYCVEgcR36LSVNQYS79X1vY1ukKqfWnFLoy7TA8N3f/qB6VURaZQ5kfJn/8ko
ib19uXc7EnPOV7hbiisSNVmBpH0dB6X+gbTyoAJau2fmmRvd+c7dw3QWe44jgtdE
GlSpz8pIlx2WbDY47dlTnEPQ5qHJNVLLCnS0jmRFUQUZue8IzsIbVuIau/g9voWv
dsnCc5BtKr6hLv0aBHAo+ZMEFtgyP/YGvepiOUxFZyvIH5qkE8P4YAw7kjMjU+En
0XSe92Gb4cbjlw0XLMlLvKcfGrvLsHzLWBAhNeECAwEAAaOCAq4wggKqMB0GA1Ud
DgQWBBRtwzsAInedbEmKmAxBuu7j5u3e9DAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L2JjTTdBQ0ozbld4SmlwZ01RYnJ1NC1idDN2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wwYIKwYBBQUHAQcBAf8EgbMwgbAwga0EAgABMIGmAwQABSwsAwQBBSwuMAwDBAAt
CGEDBAAtCGIDBAAtQnQDBAAtQncwDAMEAC1QgQMEAi1QgAMEAC2BuQMEAS4QDgME
AFVcbQMEAFm/6AMEAFtrdAMEAVtrfAMEAFtrfwMEAFvIVAMEAVx2cjAMAwQDbew4
AwQAbew6MAwDBACNYukDBACNYuoDBAHCBVwDBADCHMAwDAMEAMIfrQMEAMIfrgME
AcNQMjANBgkqhkiG9w0BAQsFAAOCAQEAhVtS2sIfzJ5JZEAmbJTGZYJ0gObZN1sb
lWOwIRSAx/r4Eyy5GDkGmNPXp7jqiYmtjQZwBHgNZ3oCjitDuNgZG3NMO510wkcS
WwpZpOMcg8kU0ddid/h9Wfazta8IfI0+3ukL0I8RIdc/m0fMfnvxz/iElVZFl7Wd
0lNd7vKEjtSMiKfqmCguNY43MRPkYlPNVRnHgMNBygwkSHC3i1xp3Wx9hJQR2YYY
Nmu8lO3leHy4hKOM0mhtyFxoupoHj5b5yR1dOFckuKp/nRNKEuqVmRYH5ijsZ+Z4
o705w4inUIQGwS65+W5M4sSPFYmioV6950fg7e3rTWpLEKW+h3yHmg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org