Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/iMHAGtjiKTTEojn-HIZlmo1_KQs.roa
File: iMHAGtjiKTTEojn-HIZlmo1_KQs.roa (raw, json)
Hash identifier: UhlhysQ/rxV1gqFxTO5YtgUc3HAfJqOCcg05TaJR4ds=
Subject key identifier: 88:C1:C0:1A:D8:E2:29:34:C4:A2:39:FE:1C:86:65:9A:8D:7F:29:0B
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018972C03BF776F7F8EB4126CF4D8F1923EE
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/iMHAGtjiKTTEojn-HIZlmo1_KQs.roa
Signing time: Thu 20 Jul 2023 10:02:28 +0000
ROA not before: Thu 20 Jul 2023 10:02:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 31.129.22.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
37.220.86.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:c0:3b:f7:76:f7:f8:eb:41:26:cf:4d:8f:19:23:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 20 10:02:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88c1c01ad8e22934c4a239fe1c86659a8d7f290b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6f:0c:b0:f0:15:fa:c4:9b:3a:18:e5:5c:1b:
49:35:e3:0c:5e:89:8f:85:77:50:41:9c:17:a1:ef:
f4:41:e4:52:75:a2:47:3c:f5:15:30:43:4f:2a:d6:
22:ec:e9:be:e6:3a:c5:f5:ab:2d:9d:7b:6f:9d:cb:
39:f5:e7:78:fc:7f:ea:d8:1f:f1:44:97:a1:a4:1d:
1b:b9:15:99:f5:62:c1:c0:f5:cc:65:bc:82:f8:51:
be:51:bc:e1:e6:b3:16:f9:44:51:3f:8b:fa:da:a8:
70:f5:33:71:db:80:2f:da:30:c4:52:7c:a4:20:d2:
10:1b:f5:00:a0:82:df:86:57:06:7d:9a:c0:02:88:
70:81:e0:2e:59:e0:92:ea:9e:7f:a2:0d:5c:2a:09:
3d:d0:1b:c5:54:12:09:40:7b:50:a6:3c:46:34:d9:
09:4d:dd:09:c4:eb:97:4e:bb:23:0c:6a:79:28:20:
fd:22:c6:df:15:62:e5:59:35:6f:a4:68:07:a4:3d:
21:63:4e:94:ac:4c:3d:76:24:be:66:5d:c5:24:73:
b6:34:0b:88:22:40:e9:e3:33:bf:2e:8a:15:c5:e3:
fe:3f:33:ba:6f:bd:3f:98:d9:df:12:9a:04:ff:20:
44:e7:3b:b8:9d:62:9f:0c:b9:45:0e:f9:55:7b:9a:
e8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C1:C0:1A:D8:E2:29:34:C4:A2:39:FE:1C:86:65:9A:8D:7F:29:0B
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/iMHAGtjiKTTEojn-HIZlmo1_KQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.86.0/23
45.95.232.0/23
45.129.184.0/24
45.129.187.0/24
91.107.116.0/24
92.118.112.0/24
141.98.234.0/24
185.166.199.0/24
185.247.184.0/24
194.28.192.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
39:29:da:0f:3f:9f:0e:14:94:82:2e:b8:7c:cc:26:97:5c:e4:
c7:bd:6e:fc:f9:60:55:78:9b:a2:c6:48:53:ed:ec:24:87:ca:
3d:84:c7:2b:8c:b5:fd:d6:38:ac:56:85:36:ac:7b:03:79:58:
26:f7:9e:fb:b7:dc:ca:b3:e7:4d:46:4f:89:14:43:3c:54:da:
87:00:8b:4c:9f:dd:df:3d:a2:cf:e9:90:ce:3b:11:ef:e5:81:
0b:05:51:48:ce:bc:62:3f:c1:42:42:4c:40:f4:2d:ef:aa:15:
d6:4f:fd:b0:90:78:b4:21:ff:19:2e:2b:7f:9b:05:15:4f:e2:
1c:91:ec:f6:3b:73:87:90:8b:31:9e:bb:22:96:69:dc:58:fb:
c3:bd:2f:0c:e0:af:f1:b8:c1:a0:33:dd:8f:a8:e7:c9:51:f1:
39:36:a6:cf:aa:de:0c:a2:1f:79:2f:00:f7:c8:03:af:b8:0c:
4f:b8:a8:0a:7b:3a:db:05:ab:5d:2b:dd:c6:3b:12:1d:ec:c7:
1f:d4:b9:aa:a3:a9:27:b7:c8:9a:d0:32:8d:b9:cc:e4:98:70:
ef:fc:9b:23:f8:c2:f1:62:5c:b0:f3:4d:e7:44:6d:55:b5:9d:
97:ac:18:2f:ba:5f:5d:51:0a:51:04:2c:b4:44:16:a6:0e:4b:
c7:e3:a5:04
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYlywDv3dvf460Emz02PGSPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzIwMTAwMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMxYzAxYWQ4ZTIyOTM0YzRhMjM5ZmUxYzg2NjU5YThkN2YyOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm8MsPAV+sSbOhjlXBtJNeMMXomP
hXdQQZwXoe/0QeRSdaJHPPUVMENPKtYi7Om+5jrF9astnXtvncs59ed4/H/q2B/x
RJehpB0buRWZ9WLBwPXMZbyC+FG+Ubzh5rMW+URRP4v62qhw9TNx24Av2jDEUnyk
INIQG/UAoILfhlcGfZrAAohwgeAuWeCS6p5/og1cKgk90BvFVBIJQHtQpjxGNNkJ
Td0JxOuXTrsjDGp5KCD9IsbfFWLlWTVvpGgHpD0hY06UrEw9diS+Zl3FJHO2NAuI
IkDp4zO/LooVxeP+PzO6b70/mNnfEpoE/yBE5zu4nWKfDLlFDvlVe5rowwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFIjBwBrY4ik0xKI5/hyGZZqNfykLMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvaU1IQUd0amlLVFRFb2puLUhJWmxtbzFfS1FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABSwqAwQA
BSwsAwQAH4EWAwQBJdxWAwQBLV/oAwQALYG4AwQALYG7AwQAW2t0AwQAXHZwAwQA
jWLqAwQAuabHAwQAufe4AwQAwhzAAwQBw1AwAwQA1DwXMA0GCSqGSIb3DQEBCwUA
A4IBAQA5KdoPP58OFJSCLrh8zCaXXOTHvW78+WBVeJuixkhT7ewkh8o9hMcrjLX9
1jisVoU2rHsDeVgm9577t9zKs+dNRk+JFEM8VNqHAItMn93fPaLP6ZDOOxHv5YEL
BVFIzrxiP8FCQkxA9C3vqhXWT/2wkHi0If8ZLit/mwUVT+Ickez2O3OHkIsxnrsi
lmncWPvDvS8M4K/xuMGgM92PqOfJUfE5NqbPqt4Moh95LwD3yAOvuAxPuKgKezrb
BatdK93GOxId7Mcf1Lmqo6knt8ia0DKNuczkmHDv/Jsj+MLxYlyw803nRG1VtZ2X
rBgvul9dUQpRBCy0RBamDkvH46UE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org