Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/g-Dw16C1mDcOEBZV3Ec3Ax0oPCo.roa
File: g-Dw16C1mDcOEBZV3Ec3Ax0oPCo.roa (raw, json)
Hash identifier: zBpKD+KVJFNXMh1I0Gs6+nvnzsy0weLRccGH+HHCa10=
Subject key identifier: 83:E0:F0:D7:A0:B5:98:37:0E:10:16:55:DC:47:37:03:1D:28:3C:2A
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0186F3F4B9E5E5EC808D3B7FAC90711405A7
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/g-Dw16C1mDcOEBZV3Ec3Ax0oPCo.roa
Signing time: Sat 18 Mar 2023 09:02:27 +0000
ROA not before: Sat 18 Mar 2023 09:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
45.95.235.0/24 maxlen: 24
45.80.130.0/23 maxlen: 23
45.80.129.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
109.236.58.0/24 maxlen: 24
91.222.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f3:f4:b9:e5:e5:ec:80:8d:3b:7f:ac:90:71:14:05:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Mar 18 09:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83e0f0d7a0b598370e101655dc4737031d283c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:cc:44:7f:10:95:83:78:1c:bc:58:43:cc:
fc:09:90:ed:9c:eb:96:77:fc:1a:ac:e5:eb:bd:b1:
0a:47:0b:c0:2e:04:f3:8f:97:2f:37:c8:33:66:36:
3a:cc:97:08:fb:f8:ba:96:47:48:f1:52:33:d2:58:
60:33:5f:47:a3:4b:60:b9:39:27:7c:d9:aa:4a:5d:
3c:37:c7:4f:5e:ae:50:d2:ef:4d:25:3a:51:e2:bd:
24:17:9e:45:f5:dc:d8:9c:f5:5e:84:d0:f8:dc:f4:
46:3b:7d:b1:0e:db:2a:e9:0a:05:a7:7f:74:e7:53:
07:38:2a:1c:b1:ce:f5:96:f0:61:3b:aa:10:2b:8b:
18:22:3a:5b:c3:e8:1b:05:37:e6:14:52:27:c6:f1:
a7:1a:ac:9f:fd:a2:e7:a1:89:68:e0:3a:78:2d:33:
c2:d1:1d:75:d9:b8:35:6d:64:77:e8:0e:80:df:0c:
7a:9d:f9:4c:73:36:d6:4e:e1:96:31:17:7a:79:6a:
57:61:a6:c3:e5:dd:96:77:36:cb:af:70:bc:40:75:
cd:0d:c2:f0:06:31:1c:62:87:96:92:bc:06:fb:64:
80:c8:ae:3a:c1:d8:cb:88:19:47:e0:cf:39:0f:00:
9a:32:bd:7a:0a:f7:da:b7:c6:21:4f:57:77:4e:77:
70:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E0:F0:D7:A0:B5:98:37:0E:10:16:55:DC:47:37:03:1D:28:3C:2A
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/g-Dw16C1mDcOEBZV3Ec3Ax0oPCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
45.80.129.0-45.80.131.255
45.95.235.0/24
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
91.222.238.0/24
94.198.216.0-94.198.221.255
109.236.58.0/24
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:e7:12:f0:4a:de:02:9d:51:78:6f:6a:65:8b:34:25:71:04:
0e:2d:fe:a0:5e:62:fb:a4:9c:59:aa:1a:1d:a0:ad:56:5e:8d:
2c:49:5b:45:2a:d3:e0:73:72:ba:a3:0f:18:42:a1:07:2a:cd:
fb:a8:02:5f:fd:fb:80:1f:02:13:52:0f:ae:cb:2c:7f:97:74:
7d:7b:a8:90:d3:3d:fb:07:0f:41:0f:e1:3c:ce:9d:86:cb:cb:
19:1a:06:4d:45:50:97:ef:98:14:56:39:0e:7a:1e:ab:6f:ed:
ac:b1:48:9f:9c:68:a0:48:47:5a:8f:bc:1d:2a:e4:c8:6e:bb:
fe:86:a2:7e:fb:9f:3f:6d:a7:60:47:ff:89:05:f0:42:24:40:
33:f3:d4:a2:aa:4c:e3:9d:e3:f4:6e:18:3b:bc:e2:b1:66:8c:
80:f7:c7:f6:b9:c7:98:c1:80:d9:e8:ca:b8:f7:4a:3e:22:56:
c4:35:a3:cc:6a:3a:8b:e2:2e:bb:85:88:9b:f3:57:e5:98:c7:
c6:4f:f5:48:b2:67:06:37:4e:2a:cb:69:b2:d7:e8:fd:67:6d:
86:77:80:c2:40:6f:10:d8:c7:5d:4b:f8:1d:1c:66:a2:1a:f8:
70:fb:06:0b:76:b4:35:00:f6:23:43:d8:af:da:d7:44:ef:40:
c4:28:95:07
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYbz9Lnl5eyAjTt/rJBxFAWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzE4MDkwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2UwZjBkN2EwYjU5ODM3MGUxMDE2NTVkYzQ3MzcwMzFkMjgzYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLLMRH8QlYN4HLxYQ8z8CZDtnOuW
d/warOXrvbEKRwvALgTzj5cvN8gzZjY6zJcI+/i6lkdI8VIz0lhgM19Ho0tguTkn
fNmqSl08N8dPXq5Q0u9NJTpR4r0kF55F9dzYnPVehND43PRGO32xDtsq6QoFp390
51MHOCocsc71lvBhO6oQK4sYIjpbw+gbBTfmFFInxvGnGqyf/aLnoYlo4Dp4LTPC
0R112bg1bWR36A6A3wx6nflMczbWTuGWMRd6eWpXYabD5d2WdzbLr3C8QHXNDcLw
BjEcYoeWkrwG+2SAyK46wdjLiBlH4M85DwCaMr16Cvfat8YhT1d3TndwYwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFIPg8NegtZg3DhAWVdxHNwMdKDwqMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvZy1EdzE2QzFtRGNPRUJaVjNFYzNBeDBvUENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAEwgYkwCwMD
AB+BAwQAH4EUMAwDBAAfgRcDBAEfgRwDBAAfgR8DBAIl3FAwDAMEAC1QgQMEAi1Q
gAMEAC1f6wMEAC4QDAMEAS4QDgMEAi4TQDAMAwQEUciQAwQBUcicAwQAW97uMAwD
BANextgDBAFextwDBABt7DowDAMEAI1i6QMEAI1i6gMEAbmmxDANBgkqhkiG9w0B
AQsFAAOCAQEAHecS8EreAp1ReG9qZYs0JXEEDi3+oF5i+6ScWaoaHaCtVl6NLElb
RSrT4HNyuqMPGEKhByrN+6gCX/37gB8CE1IPrsssf5d0fXuokNM9+wcPQQ/hPM6d
hsvLGRoGTUVQl++YFFY5Dnoeq2/trLFIn5xooEhHWo+8HSrkyG67/oaifvufP22n
YEf/iQXwQiRAM/PUoqpM453j9G4YO7zisWaMgPfH9rnHmMGA2ejKuPdKPiJWxDWj
zGo6i+Iuu4WIm/NX5ZjHxk/1SLJnBjdOKstpstfo/WdthneAwkBvENjHXUv4HRxm
ohr4cPsGC3a0NQD2I0PYr9rXRO9AxCiVBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org