Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fwS_1T7nxErUC2k0qRSIJGAdIY0.roa
File: fwS_1T7nxErUC2k0qRSIJGAdIY0.roa (raw, json)
Hash identifier: lOxn5iGbsUOsZcu56BvPbbogJiHjRCm/YZ6KmgX9RWw=
Subject key identifier: 7F:04:BF:D5:3E:E7:C4:4A:D4:0B:69:34:A9:14:88:24:60:1D:21:8D
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01899BE72EDC784A4A2ED5C8EC9413AD5878
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fwS_1T7nxErUC2k0qRSIJGAdIY0.roa
Signing time: Fri 28 Jul 2023 09:49:26 +0000
ROA not before: Fri 28 Jul 2023 09:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:e7:2e:dc:78:4a:4a:2e:d5:c8:ec:94:13:ad:58:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 28 09:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f04bfd53ee7c44ad40b6934a9148824601d218d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:97:1f:bd:60:59:04:d2:4d:6c:51:9d:b9:
ba:f6:20:55:a6:30:98:da:4f:14:b1:7c:0e:0b:c8:
c5:54:d6:46:4c:5e:66:ee:01:79:9b:f0:05:bd:6b:
da:fc:00:f9:93:55:2b:05:69:1d:e7:fe:87:73:8a:
bf:a7:e9:3f:f6:36:01:a8:0c:a3:01:9f:55:b3:a7:
2a:57:0c:25:1a:95:7e:11:b8:0f:49:c9:78:d2:17:
d3:8f:f8:c7:ab:62:81:00:3a:77:79:c9:1a:37:1f:
fa:e5:6d:a2:e1:53:0e:c8:a1:2a:ff:ec:10:46:d0:
33:c8:6e:1a:8e:ff:ef:20:61:94:dc:75:5e:6f:e0:
f1:ab:aa:79:16:37:2a:1f:a4:ac:57:dc:2e:6b:4f:
d7:3c:a0:1f:b9:75:ab:a6:8f:60:06:e1:e2:24:27:
c8:f2:e8:83:c5:a5:0d:a3:8b:65:89:06:13:98:0e:
f3:02:4b:71:d8:e6:d2:49:77:3b:fe:a3:84:a5:73:
ef:25:b6:9e:3f:06:84:2e:da:24:c5:e9:5c:f8:40:
be:99:3e:6a:f7:4a:d7:5b:90:4f:0c:b6:ca:78:e0:
fe:a5:b5:2a:60:78:bc:55:06:d7:2a:ae:0a:ab:1d:
c3:bc:33:f4:bb:89:18:bc:47:16:cd:27:20:67:7c:
62:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:04:BF:D5:3E:E7:C4:4A:D4:0B:69:34:A9:14:88:24:60:1D:21:8D
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/fwS_1T7nxErUC2k0qRSIJGAdIY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0/22
141.98.234.0/24
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:0a:25:6b:03:68:7d:49:36:be:e4:c5:83:80:c6:40:95:3b:
76:e0:9d:8f:3d:a8:14:b2:81:4a:a0:96:3c:94:93:17:87:7a:
07:13:7e:62:07:9e:cc:99:11:c7:64:25:43:3c:75:16:39:5a:
60:fb:c3:8f:31:7d:7f:f1:f2:6e:9b:15:b2:1d:ad:7b:71:01:
76:f3:b6:84:ba:3a:f6:b0:a9:e1:96:e7:65:9d:59:1b:2b:d2:
9c:9c:1a:05:94:0e:67:ee:95:fe:c1:41:00:cb:5e:3f:e6:77:
26:de:18:85:3a:5b:a6:d6:4a:99:17:b9:39:2d:cb:f7:36:13:
89:d2:9d:92:0c:33:62:68:07:4c:f8:27:92:80:90:5d:52:5c:
95:bf:02:39:58:61:e4:29:c9:07:a6:15:fa:c6:a2:2e:b6:d2:
dd:60:84:19:14:6c:d3:6c:5b:4d:b5:7c:62:40:01:be:c7:91:
36:a0:7d:27:47:ef:f2:39:10:ba:2e:0b:59:47:4d:87:15:ad:
4c:05:3f:8e:e9:f1:de:01:e4:d0:01:43:22:29:79:32:cb:84:
db:c2:7a:b6:2d:9b:bc:07:75:30:7b:c1:87:9f:4a:f1:bf:2c:
e4:ca:2b:a1:4e:6c:d0:d5:4e:e8:45:1f:dd:07:5d:8d:7a:a7:
0f:c9:35:8b
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYmb5y7ceEpKLtXI7JQTrVh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzI4MDk0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjA0YmZkNTNlZTdjNDRhZDQwYjY5MzRhOTE0ODgyNDYwMWQyMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhGXH71gWQTSTWxRnbm69iBVpjCY
2k8UsXwOC8jFVNZGTF5m7gF5m/AFvWva/AD5k1UrBWkd5/6Hc4q/p+k/9jYBqAyj
AZ9Vs6cqVwwlGpV+EbgPScl40hfTj/jHq2KBADp3eckaNx/65W2i4VMOyKEq/+wQ
RtAzyG4ajv/vIGGU3HVeb+Dxq6p5FjcqH6SsV9wua0/XPKAfuXWrpo9gBuHiJCfI
8uiDxaUNo4tliQYTmA7zAktx2ObSSXc7/qOEpXPvJbaePwaELtokxelc+EC+mT5q
90rXW5BPDLbKeOD+pbUqYHi8VQbXKq4Kqx3DvDP0u4kYvEcWzScgZ3xi1QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFH8Ev9U+58RK1AtpNKkUiCRgHSGNMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvZndTXzFUN254RXJVQzJrMHFSU0lKR0FkSVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAATBZMAsDAwAfgQME
AB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQALhAMAwQBLhAOAwQCLhNA
MAwDBARRyJADBAFRyJwDBAJextgDBACNYuoDBAG5psQwDQYJKoZIhvcNAQELBQAD
ggEBAKQKJWsDaH1JNr7kxYOAxkCVO3bgnY89qBSygUqgljyUkxeHegcTfmIHnsyZ
EcdkJUM8dRY5WmD7w48xfX/x8m6bFbIdrXtxAXbztoS6OvawqeGW52WdWRsr0pyc
GgWUDmfulf7BQQDLXj/mdybeGIU6W6bWSpkXuTkty/c2E4nSnZIMM2JoB0z4J5KA
kF1SXJW/AjlYYeQpyQemFfrGoi620t1ghBkUbNNsW021fGJAAb7HkTagfSdH7/I5
ELouC1lHTYcVrUwFP47p8d4B5NABQyIpeTLLhNvCerYtm7wHdTB7wYefSvG/LOTK
K6FObNDVTuhFH90HXY16pw/JNYs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org