Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-IpcB5pN-inQCodmfsOVusdVFY.roa
File: m-IpcB5pN-inQCodmfsOVusdVFY.roa (raw, json)
Hash identifier: +LV74DB7n1zP1/DhPEd21zAVSaspIQyfhsdmg1+RXf8=
Subject key identifier: 9B:E2:29:70:1E:69:37:E8:A7:40:2A:1D:99:FB:0E:56:EB:1D:54:56
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018DF056107E5A2681677A7A65560677B9BF
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-IpcB5pN-inQCodmfsOVusdVFY.roa
Signing time: Wed 28 Feb 2024 15:29:48 +0000
ROA not before: Wed 28 Feb 2024 15:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 5.44.42.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
37.220.86.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:56:10:7e:5a:26:81:67:7a:7a:65:56:06:77:b9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 28 15:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9be229701e6937e8a7402a1d99fb0e56eb1d5456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:13:bc:f2:a1:f6:5b:1c:9a:15:0f:83:92:c9:
89:b1:2d:36:56:a4:1e:9a:9e:14:3e:16:2b:6c:81:
bc:b9:48:b1:c2:ae:c1:08:b9:90:21:61:07:49:2a:
c5:1f:36:cc:2e:39:18:48:1f:11:4e:2a:b6:f4:ec:
8b:69:ce:4b:08:ff:d0:09:79:64:7b:76:f6:79:f5:
3d:98:61:93:ea:87:d4:12:bd:f1:11:4c:a2:30:dd:
27:9f:6e:91:9c:ff:dc:10:0f:10:88:a4:fe:17:40:
0f:11:d7:d8:52:79:76:3d:f5:04:f2:9a:81:1b:8a:
af:05:7a:20:eb:9d:b6:4a:6c:1e:9d:01:17:fa:46:
1e:dd:4a:9c:34:76:55:0e:ea:77:4a:d0:5c:03:05:
79:4b:59:cb:25:18:73:b2:b8:91:f4:f5:54:f6:03:
1a:ab:50:4c:5c:65:5b:1f:df:36:81:8d:af:65:09:
e2:66:a7:89:08:ff:7c:cc:fd:ff:f3:a1:23:80:c1:
49:0f:2b:ef:30:57:fe:fd:b1:3a:68:8b:5c:55:ae:
b6:9a:02:68:9d:15:42:9a:30:0f:57:ad:85:35:a5:
8f:72:38:65:8e:2f:94:48:6e:4a:38:93:41:d4:31:
7e:48:e3:ac:19:b4:b0:42:69:3e:0c:2d:ab:b7:0d:
6c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E2:29:70:1E:69:37:E8:A7:40:2A:1D:99:FB:0E:56:EB:1D:54:56
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-IpcB5pN-inQCodmfsOVusdVFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.86.0/23
45.95.232.0/23
45.129.184.0/24
45.129.187.0/24
77.83.116.0/24
85.92.109.0/24
89.191.232.0/24
91.107.116.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
194.28.192.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:34:86:50:f8:fd:c4:08:a7:90:75:39:c1:48:11:35:58:29:
75:33:16:3c:a8:c2:65:04:4c:98:b6:05:85:76:90:8d:89:cf:
1f:ad:3f:f3:f3:52:cd:85:e8:92:16:1c:ba:f4:7f:34:06:04:
ef:1c:7e:db:af:48:92:e0:3d:a9:e9:36:42:e6:32:1a:53:fa:
24:f0:7a:36:64:ed:7b:b5:fb:a6:49:f9:cb:f0:d9:b7:2c:52:
64:6d:25:22:71:f1:c1:a4:50:23:51:3a:24:39:aa:7d:e0:df:
59:09:31:48:60:b1:45:25:78:ca:ea:12:62:fd:a2:cd:03:a4:
d9:c4:b5:02:a9:18:ca:81:c3:7b:53:ab:19:f7:a3:14:68:11:
08:3d:f8:e0:7b:6a:bd:70:ac:22:36:53:93:18:e7:3d:51:cc:
c3:4c:22:45:3c:6d:f7:c3:a8:a0:c3:88:2a:0b:b6:74:ea:5b:
62:4c:eb:1b:18:7e:32:01:7a:97:63:db:60:a1:0d:8a:37:1e:
df:8e:a8:90:40:94:1c:52:14:b6:05:aa:82:be:f3:95:3c:7b:
40:25:88:db:01:05:62:35:e3:98:8a:a6:02:a8:7e:5a:4a:81:
2d:ef:85:51:1a:88:76:cd:41:72:93:46:61:95:c0:3a:b9:67:
b8:b5:df:c2
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY3wVhB+WiaBZ3p6ZVYGd7m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMjI4MTUyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmUyMjk3MDFlNjkzN2U4YTc0MDJhMWQ5OWZiMGU1NmViMWQ1NDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRO88qH2WxyaFQ+DksmJsS02VqQe
mp4UPhYrbIG8uUixwq7BCLmQIWEHSSrFHzbMLjkYSB8RTiq29OyLac5LCP/QCXlk
e3b2efU9mGGT6ofUEr3xEUyiMN0nn26RnP/cEA8QiKT+F0APEdfYUnl2PfUE8pqB
G4qvBXog6522SmwenQEX+kYe3UqcNHZVDup3StBcAwV5S1nLJRhzsriR9PVU9gMa
q1BMXGVbH982gY2vZQniZqeJCP98zP3/86EjgMFJDyvvMFf+/bE6aItcVa62mgJo
nRVCmjAPV62FNaWPcjhlji+USG5KOJNB1DF+SOOsGbSwQmk+DC2rtw1sfwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFJviKXAeaTfop0AqHZn7DlbrHVRWMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbS1JcGNCNXBOLWluUUNvZG1mc09WdXNkVkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAAUsKgME
AAUsLAMEAB+BFgMEASXcVgMEAS1f6AMEAC2BuAMEAC2BuwMEAE1TdAMEAFVcbQME
AFm/6AMEAFtrdAMEAFx2cDAMAwQAjWLpAwQAjWLqAwQAuabHAwQAufe4AwQAwhzA
AwQBw1AwAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQA/NIZQ+P3ECKeQdTnBSBE1
WCl1MxY8qMJlBEyYtgWFdpCNic8frT/z81LNheiSFhy69H80BgTvHH7br0iS4D2p
6TZC5jIaU/ok8Ho2ZO17tfumSfnL8Nm3LFJkbSUicfHBpFAjUTokOap94N9ZCTFI
YLFFJXjK6hJi/aLNA6TZxLUCqRjKgcN7U6sZ96MUaBEIPfjge2q9cKwiNlOTGOc9
UczDTCJFPG33w6igw4gqC7Z06ltiTOsbGH4yAXqXY9tgoQ2KNx7fjqiQQJQcUhS2
BaqCvvOVPHtAJYjbAQViNeOYiqYCqH5aSoEt74VRGoh2zUFyk0ZhlcA6uWe4td/C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org