Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e5Mrx5RJeAEyEcfMJhsNGHroITc.roa
File: e5Mrx5RJeAEyEcfMJhsNGHroITc.roa (raw, json)
Hash identifier: 7yAhLu6fFTjUgAPBfqTeFyAY4SvJP0j+fV62PSR2gp8=
Subject key identifier: 7B:93:2B:C7:94:49:78:01:32:11:C7:CC:26:1B:0D:18:7A:E8:21:37
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 11E2871D
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e5Mrx5RJeAEyEcfMJhsNGHroITc.roa
Signing time: Fri 25 Feb 2022 11:51:30 +0000
ROA not before: Fri 25 Feb 2022 11:51:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
194.5.94.0/23 maxlen: 23
194.5.95.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
77.83.117.0/24 maxlen: 24
77.83.119.0/24 maxlen: 24
194.28.193.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
45.66.118.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300058397 (0x11e2871d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 25 11:51:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b932bc7944978013211c7cc261b0d187ae82137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:3a:89:64:d7:6f:cd:82:4b:03:2e:fd:98:
bf:d9:d0:c1:01:a9:87:ca:a1:a1:d2:16:eb:83:94:
4c:df:8c:97:ca:61:e6:98:43:39:11:1e:d5:42:73:
f7:cf:78:2d:c9:1c:a2:d7:12:ba:6b:ea:c0:ed:ac:
0b:3c:b1:d5:df:99:3f:47:52:28:85:a3:b3:d7:0c:
ad:17:c1:04:cb:8b:74:7e:40:9d:67:af:7b:c9:74:
ff:1d:c7:34:71:e2:0f:cc:ef:ab:68:83:ea:52:e3:
c1:f2:ac:e8:ce:48:78:2d:fe:21:33:9f:d9:9c:5d:
d8:df:cc:6c:44:9e:5b:7d:08:a6:4a:21:52:52:77:
bd:d1:5d:41:95:71:2e:bc:42:66:06:9b:04:42:ea:
03:17:ee:32:46:32:e5:be:50:3c:0e:ae:47:62:fb:
fb:ba:b3:c3:25:6d:42:b1:a3:8e:ea:98:d5:e2:2b:
82:76:61:8d:b8:a9:d0:e3:f5:e9:ac:19:df:ed:18:
f9:8b:25:a8:e9:8b:99:34:1f:4f:78:f4:ec:3a:34:
a3:cc:20:6a:18:3e:b2:b5:71:e1:aa:fa:67:8d:de:
62:e1:db:02:97:54:9c:00:1f:d9:d7:74:17:2f:5d:
39:e1:12:68:23:8d:df:e0:f2:f5:4c:b0:aa:1a:45:
5c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:93:2B:C7:94:49:78:01:32:11:C7:CC:26:1B:0D:18:7A:E8:21:37
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/e5Mrx5RJeAEyEcfMJhsNGHroITc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0-31.129.22.255
31.129.30.0/24
45.8.99.0/24
45.66.118.0/24
45.129.184.0/24
77.83.116.0/23
77.83.119.0/24
194.5.94.0/23
194.28.193.0/24
195.80.48.0/24
Signature Algorithm: sha256WithRSAEncryption
06:39:50:8a:3f:62:9b:13:ee:9c:71:f4:4e:3e:46:3f:d1:ab:
58:c5:42:76:a5:0c:f6:4c:85:f6:72:0a:92:3b:2a:5b:d3:db:
c0:72:94:23:0e:eb:85:8e:d8:86:3f:b9:d1:79:c8:4f:5c:b5:
39:a9:a4:f5:24:69:1e:41:9f:57:19:0d:62:56:ee:d3:81:cd:
eb:49:d6:10:ae:c6:5e:cc:c6:88:d2:9b:3f:e8:d9:27:16:cf:
74:57:4b:f0:9b:68:42:dd:01:cc:2d:24:e7:e3:85:6b:9e:3d:
94:43:99:e1:15:b9:c0:90:43:4b:e1:69:c4:49:66:cd:b6:54:
ef:37:13:48:35:ba:79:38:e9:62:6b:f1:eb:5f:00:cd:d7:ca:
ab:ce:dd:56:78:b9:0d:e2:46:78:11:13:68:e6:ee:f3:65:2e:
ff:07:70:3a:8e:49:d3:4b:3f:52:1d:68:ba:4e:df:de:5f:d1:
bc:34:4a:ef:37:4b:c2:aa:7e:58:05:ea:5f:2d:78:cb:58:38:
36:1f:50:96:ad:2d:bd:8d:6a:2f:2a:8e:7f:50:5f:ad:a6:2c:
28:6c:f9:3d:66:8b:ac:b5:72:4d:5a:6a:4e:7f:17:9a:ca:cd:
43:68:4f:08:0b:27:40:ea:bf:bb:44:0d:3b:54:3c:f4:28:5c:
ee:e3:d4:ce
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEEeKHHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDIy
NTExNTEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I5MzJiYzc5NDQ5
NzgwMTMyMTFjN2NjMjYxYjBkMTg3YWU4MjEzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjSOolk12/NgksDLv2Yv9nQwQGph8qhodIW64OUTN+Ml8ph
5phDOREe1UJz9894LckcotcSumvqwO2sCzyx1d+ZP0dSKIWjs9cMrRfBBMuLdH5A
nWeve8l0/x3HNHHiD8zvq2iD6lLjwfKs6M5IeC3+ITOf2Zxd2N/MbESeW30Ipkoh
UlJ3vdFdQZVxLrxCZgabBELqAxfuMkYy5b5QPA6uR2L7+7qzwyVtQrGjjuqY1eIr
gnZhjbip0OP16awZ3+0Y+YslqOmLmTQfT3j07Do0o8wgahg+srVx4ar6Z43eYuHb
ApdUnAAf2dd0Fy9dOeESaCON3+Dy9UywqhpFXMECAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBR7kyvHlEl4ATIRx8wmGw0YeughNzAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L2U1TXJ4NVJKZUFFeUVjZk1KaHNOR0hyb0lUYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRDAMAwQAH4EVAwQAH4EWAwQAH4EeAwQA
LQhjAwQALUJ2AwQALYG4AwQBTVN0AwQATVN3AwQBwgVeAwQAwhzBAwQAw1AwMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOVCKP2KbE+6ccfROPkY/0atYxUJ2pQz2TIX2cgqS
Oypb09vAcpQjDuuFjtiGP7nRechPXLU5qaT1JGkeQZ9XGQ1iVu7Tgc3rSdYQrsZe
zMaI0ps/6NknFs90V0vwm2hC3QHMLSTn44Vrnj2UQ5nhFbnAkENL4WnESWbNtlTv
NxNINbp5OOlia/HrXwDN18qrzt1WeLkN4kZ4ERNo5u7zZS7/B3A6jknTSz9SHWi6
Tt/eX9G8NErvN0vCqn5YBepfLXjLWDg2H1CWrS29jWovKo5/UF+tpiwobPk9Zous
tXJNWmpOfxeays1DaE8ICydA6r+7RA07VDz0KFzu49TO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org