Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-mYkL1HeXFqkdRwUSHm5K12tmU.roa
File: m-mYkL1HeXFqkdRwUSHm5K12tmU.roa (raw, json)
Hash identifier: WzE/nPsKj60oIRE9eqAMtSQr5fyjphwiccegnV21U5I=
Subject key identifier: 9B:E9:98:90:BD:47:79:71:6A:91:D4:70:51:21:E6:E4:AD:76:B6:65
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 12A6AF12
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-mYkL1HeXFqkdRwUSHm5K12tmU.roa
Signing time: Sat 21 May 2022 07:22:29 +0000
ROA not before: Sat 21 May 2022 07:22:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 31.129.22.0/24 maxlen: 24
31.129.21.0/24 maxlen: 24
31.129.30.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
77.83.117.0/24 maxlen: 24
77.83.119.0/24 maxlen: 24
194.28.193.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312913682 (0x12a6af12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 21 07:22:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9be99890bd4779716a91d4705121e6e4ad76b665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:51:df:7e:5f:9d:d8:e0:5c:65:23:f5:d8:ee:
7c:27:9f:a6:b8:35:c1:87:2f:9d:4f:f6:fd:bc:cf:
a7:44:71:68:63:95:8c:4a:4e:1f:3c:6d:5c:37:81:
70:ed:7f:b1:74:d6:f2:f4:2a:17:bd:43:50:f2:f2:
ee:53:62:75:c3:09:4d:5a:71:09:65:b2:2f:7d:8c:
84:1d:c6:37:02:76:62:9a:21:bc:eb:2d:f3:ca:62:
81:97:0e:c8:9a:10:40:b6:6f:71:77:9a:62:6b:e3:
bc:21:b2:76:96:83:52:e0:f7:fa:e9:1f:42:5b:bf:
c2:d0:ab:6d:4e:2c:78:01:dd:56:dd:ff:72:13:5d:
55:f8:9d:c5:ac:19:83:44:c7:c5:43:73:75:ad:16:
2e:05:d6:e3:96:5e:5b:9f:5b:4a:d9:5f:bb:ae:1c:
60:d4:f4:2a:94:ad:ff:6c:89:f4:8e:86:f7:fd:d0:
0b:c4:eb:92:a6:52:5c:d2:d1:39:59:10:ac:3c:36:
fe:62:17:3c:45:d5:82:ae:4f:e5:55:b5:25:1a:9f:
5c:f3:55:3b:60:cc:6b:ba:16:97:e4:ba:12:35:2e:
bd:22:04:9f:c5:5b:56:b4:08:0e:ae:72:07:01:11:
1d:f8:ea:eb:ff:93:05:0e:bb:6e:99:0f:15:24:71:
1b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E9:98:90:BD:47:79:71:6A:91:D4:70:51:21:E6:E4:AD:76:B6:65
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/m-mYkL1HeXFqkdRwUSHm5K12tmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.21.0-31.129.22.255
31.129.30.0/24
45.8.99.0/24
45.129.184.0/24
77.83.116.0/23
77.83.119.0/24
194.28.193.0/24
195.80.48.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:e5:ae:d2:dc:26:9c:04:5f:9a:43:38:a4:24:18:f3:ac:b3:
06:eb:99:9c:f8:73:3e:e8:44:92:43:24:87:6b:42:68:73:ab:
44:b6:36:5a:26:f3:91:64:3c:02:7f:12:8b:94:5f:48:18:d1:
c3:1a:f9:50:a8:ba:f4:03:d1:53:ae:52:dd:75:28:78:89:47:
98:52:25:1c:aa:d0:08:4b:33:ca:d8:ad:cf:59:4a:b1:d7:21:
fb:09:ec:76:ff:04:bb:1c:57:71:ab:43:fb:62:27:a2:0b:ee:
67:91:80:3e:84:0c:af:b2:0c:da:4a:18:d2:6a:d4:69:f8:28:
ad:87:42:0a:15:79:32:0c:29:87:9f:76:d9:b3:6b:57:c5:46:
10:01:8a:7b:f9:70:8d:84:c2:b8:73:51:74:65:c4:80:87:a1:
e6:4d:ed:92:21:4a:e0:08:19:ea:38:0d:76:08:62:2a:07:c3:
8f:46:11:ac:46:37:91:b8:1a:6a:cc:9e:d1:5e:33:7f:b2:33:
41:a6:ff:fe:35:fe:01:fb:6c:4f:fe:82:cf:f4:e4:0b:cd:ae:
ba:fc:5e:e1:b1:32:d7:2a:34:5a:b8:cf:cf:c6:df:53:3b:6d:
a1:94:04:39:3e:40:23:6c:d0:83:3a:d8:77:64:bc:42:b7:ca:
f7:95:66:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEEqavEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWIxZDEzYzJlMjZlMTI3ODYyNDZhNWVjNGM1YmVhNjk4NjRiMjBmMB4XDTIyMDUy
MTA3MjIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJlOTk4OTBiZDQ3
Nzk3MTZhOTFkNDcwNTEyMWU2ZTRhZDc2YjY2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpR335fndjgXGUj9djufCefprg1wYcvnU/2/bzPp0RxaGOV
jEpOHzxtXDeBcO1/sXTW8vQqF71DUPLy7lNidcMJTVpxCWWyL32MhB3GNwJ2Ypoh
vOst88pigZcOyJoQQLZvcXeaYmvjvCGydpaDUuD3+ukfQlu/wtCrbU4seAHdVt3/
chNdVfidxawZg0THxUNzda0WLgXW45ZeW59bStlfu64cYNT0KpSt/2yJ9I6G9/3Q
C8TrkqZSXNLROVkQrDw2/mIXPEXVgq5P5VW1JRqfXPNVO2DMa7oWl+S6EjUuvSIE
n8VbVrQIDq5yBwERHfjq6/+TBQ67bpkPFSRxG/8CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSb6ZiQvUd5cWqR1HBRIebkrXa2ZTAfBgNVHSMEGDAWgBQFsdE8LibhJ4Yk
al7Exb6mmGSyDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JiSFJQQzRtNFNlR0pHcGV4TVctcHBoa3NnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvYzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8x
L20tbVlrTDFIZVhGcWtkUndVU0htNUsxMnRtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
YzYxMDkyLTczNGEtNGVlZi05ZDY3LTQ5MDUyNDNiYzgyOC8xL0JiSFJQQzRtNFNl
R0pHcGV4TVctcHBoa3NnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwODAMAwQAH4EVAwQAH4EWAwQAH4EeAwQA
LQhjAwQALYG4AwQBTVN0AwQATVN3AwQAwhzBAwQAw1AwMA0GCSqGSIb3DQEBCwUA
A4IBAQAt5a7S3CacBF+aQzikJBjzrLMG65mc+HM+6ESSQySHa0Joc6tEtjZaJvOR
ZDwCfxKLlF9IGNHDGvlQqLr0A9FTrlLddSh4iUeYUiUcqtAISzPK2K3PWUqx1yH7
Cex2/wS7HFdxq0P7YieiC+5nkYA+hAyvsgzaShjSatRp+Cith0IKFXkyDCmHn3bZ
s2tXxUYQAYp7+XCNhMK4c1F0ZcSAh6HmTe2SIUrgCBnqOA12CGIqB8OPRhGsRjeR
uBpqzJ7RXjN/sjNBpv/+Nf4B+2xP/oLP9OQLza66/F7hsTLXKjRauM/Pxt9TO22h
lAQ5PkAjbNCDOth3ZLxCt8r3lWbc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org