Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nc3q_AuqpRofUGj5ag1p11ckGMg.roa
File: nc3q_AuqpRofUGj5ag1p11ckGMg.roa (raw, json)
Hash identifier: 2QfTL44yY5h8ENj6X4hTnENCeCgioMpCUpITx8co0AM=
Subject key identifier: 9D:CD:EA:FC:0B:AA:A5:1A:1F:50:68:F9:6A:0D:69:D7:57:24:18:C8
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01885307F2B2F5709BD8B106A9FCE735CD0A
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nc3q_AuqpRofUGj5ag1p11ckGMg.roa
Signing time: Thu 25 May 2023 13:10:09 +0000
ROA not before: Thu 25 May 2023 13:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
46.16.12.0/24 maxlen: 24
46.16.15.0/24 maxlen: 24
46.16.14.0/24 maxlen: 24
31.129.0.0/20 maxlen: 24
85.92.110.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
94.198.220.0/23 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:07:f2:b2:f5:70:9b:d8:b1:06:a9:fc:e7:35:cd:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: May 25 13:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dcdeafc0baaa51a1f5068f96a0d69d7572418c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d5:89:d3:f8:14:87:df:1c:1e:3b:77:3c:10:
67:c1:22:5e:fd:b8:f6:8d:fd:3c:c7:c4:d6:99:8f:
04:d7:6d:e4:8e:f8:4d:e3:2b:b1:1f:65:fa:8b:7c:
aa:8d:66:36:3d:5b:3d:b1:1e:97:e0:63:81:95:96:
0f:c0:59:65:94:16:ae:33:f1:0a:78:f2:39:9b:ae:
15:0d:7c:2f:1e:37:d8:66:3f:5d:90:51:b6:b1:bc:
e2:fc:be:0f:4d:98:ae:d9:d6:21:4a:f0:b5:13:a6:
ce:b3:47:f4:43:fc:b2:a0:46:eb:9a:34:4e:c8:60:
8e:93:1a:45:8d:b1:85:b0:24:45:37:b7:79:2a:42:
6f:68:99:f2:1f:35:2f:64:94:bf:f0:c4:26:cf:5e:
15:88:fd:49:e6:56:30:41:25:83:b8:ae:6c:f2:a3:
c9:53:41:34:3f:f5:10:dc:51:b5:61:8e:f9:23:28:
03:ed:fe:2a:b8:f0:26:a2:a7:06:36:ae:ce:04:df:
73:33:26:55:a8:7e:06:9e:b3:04:ca:a2:09:2f:b1:
1c:56:f3:44:42:35:b3:bb:bc:cb:0f:ae:2d:4e:37:
9f:dc:f7:15:50:f6:6b:b9:25:7a:7f:7c:0d:8d:32:
68:3d:5e:71:10:1e:c8:f6:14:69:cf:3f:12:ce:90:
5e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CD:EA:FC:0B:AA:A5:1A:1F:50:68:F9:6A:0D:69:D7:57:24:18:C8
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nc3q_AuqpRofUGj5ag1p11ckGMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.16.12.0/24
46.16.14.0/23
46.19.64.0/22
81.200.144.0-81.200.157.255
85.92.110.0/24
94.198.216.0-94.198.221.255
141.98.233.0-141.98.234.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
34:78:1f:89:36:4a:19:1b:6a:14:2a:6f:42:6d:9f:ce:d9:5b:
45:4a:fe:3e:bd:db:cd:ed:df:5f:dc:f5:f2:24:24:99:9c:a6:
6b:8d:eb:ae:41:a2:08:33:c8:55:98:a1:eb:65:d5:22:90:07:
ad:90:c1:e9:0c:49:be:0b:84:cb:95:17:eb:d9:af:4a:a0:65:
ce:c6:67:e8:9c:50:33:e5:99:6f:38:98:2a:f2:59:79:d0:00:
65:14:eb:7e:83:72:51:8c:14:a3:85:f8:9b:39:08:4e:fd:a1:
56:83:57:90:87:7b:88:f7:ea:17:b8:15:9c:51:a0:83:5c:5c:
57:ec:0a:42:01:57:47:30:e1:a5:e6:7b:17:8e:7d:b5:25:b5:
67:54:d0:51:b8:96:8a:db:5d:0b:d0:cd:5e:15:e1:25:f6:ad:
eb:db:dc:aa:6a:f1:c0:a1:93:be:e7:1c:2f:41:fb:46:a5:19:
2c:52:cd:8a:0a:77:7d:67:97:19:f9:e3:ff:3e:c2:ef:ee:d9:
60:57:34:9c:5f:49:8b:b2:ed:d8:d0:e4:34:e8:a3:28:46:33:
7b:cd:1d:81:a9:20:95:b8:18:69:10:e2:e7:a1:d0:c9:d7:2b:
ff:ee:3d:13:bc:28:8b:75:35:8a:2f:e1:8e:28:ff:51:27:5b:
ca:1f:e3:8d
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYhTB/Ky9XCb2LEGqfznNc0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNTI1MTMxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNkZWFmYzBiYWFhNTFhMWY1MDY4Zjk2YTBkNjlkNzU3MjQxOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudWJ0/gUh98cHjt3PBBnwSJe/bj2
jf08x8TWmY8E123kjvhN4yuxH2X6i3yqjWY2PVs9sR6X4GOBlZYPwFlllBauM/EK
ePI5m64VDXwvHjfYZj9dkFG2sbzi/L4PTZiu2dYhSvC1E6bOs0f0Q/yyoEbrmjRO
yGCOkxpFjbGFsCRFN7d5KkJvaJnyHzUvZJS/8MQmz14ViP1J5lYwQSWDuK5s8qPJ
U0E0P/UQ3FG1YY75IygD7f4quPAmoqcGNq7OBN9zMyZVqH4GnrMEyqIJL7EcVvNE
QjWzu7zLD64tTjef3PcVUPZruSV6f3wNjTJoPV5xEB7I9hRpzz8SzpBeUQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFJ3N6vwLqqUaH1Bo+WoNaddXJBjIMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbmMzcV9BdXFwUm9mVUdqNWFnMXAxMWNrR01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwdQQCAAEwbzALAwMAH4ED
BAAfgRQwDAMEAB+BFwMEAR+BHAMEAB+BHwMEAiXcUAMEAC4QDAMEAS4QDgMEAi4T
QDAMAwQEUciQAwQBUcicAwQAVVxuMAwDBANextgDBAFextwwDAMEAI1i6QMEAI1i
6gMEAbmmxDANBgkqhkiG9w0BAQsFAAOCAQEANHgfiTZKGRtqFCpvQm2fztlbRUr+
Pr3bze3fX9z18iQkmZyma43rrkGiCDPIVZih62XVIpAHrZDB6QxJvguEy5UX69mv
SqBlzsZn6JxQM+WZbziYKvJZedAAZRTrfoNyUYwUo4X4mzkITv2hVoNXkId7iPfq
F7gVnFGgg1xcV+wKQgFXRzDhpeZ7F459tSW1Z1TQUbiWittdC9DNXhXhJfat69vc
qmrxwKGTvuccL0H7RqUZLFLNigp3fWeXGfnj/z7C7+7ZYFc0nF9Ji7Lt2NDkNOij
KEYze80dgakglbgYaRDi56HQydcr/+49E7woi3U1ii/hjij/USdbyh/jjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org