Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/vzlGWByzlbPU5FFErYdlFDco19o.roa
File: vzlGWByzlbPU5FFErYdlFDco19o.roa (raw, json)
Hash identifier: UUA31vsL93acgWpL9m/ks3d6L4TDIe3dmOtHU5nsIlg=
Subject key identifier: BF:39:46:58:1C:B3:95:B3:D4:E4:51:44:AD:87:65:14:37:28:D7:DA
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01893EF328EC2A888B35C1039EE39FBD283A
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/vzlGWByzlbPU5FFErYdlFDco19o.roa
Signing time: Mon 10 Jul 2023 08:37:50 +0000
ROA not before: Mon 10 Jul 2023 08:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 31.129.22.0/24 maxlen: 24
212.60.23.0/24 maxlen: 24
5.44.44.0/24 maxlen: 24
5.44.42.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
45.129.187.0/24 maxlen: 24
91.107.116.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
195.80.49.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:f3:28:ec:2a:88:8b:35:c1:03:9e:e3:9f:bd:28:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jul 10 08:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf3946581cb395b3d4e45144ad8765143728d7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e9:ad:7f:34:d3:bf:ff:e5:3b:c1:3e:15:72:
66:87:f3:dc:64:1c:0a:fb:1d:0f:7e:5c:59:44:aa:
3a:f8:01:e9:d8:90:43:a2:8f:a4:65:6f:84:3e:e4:
f7:10:bc:8f:51:48:cb:fc:99:31:8e:bd:53:9e:b2:
dc:91:da:ee:8d:a5:89:e2:8a:de:1d:c2:8b:ea:7b:
6b:57:c6:40:0e:6b:70:93:c5:37:57:43:12:03:07:
40:45:fc:e9:ea:13:26:2c:39:54:e1:22:00:c6:fd:
75:0e:bd:41:bf:d3:c3:d4:43:b3:b1:16:8d:d1:00:
43:94:50:02:ce:a4:c3:07:6d:fb:e5:a1:4f:d5:b9:
0b:d6:d8:48:fa:40:8e:02:ca:ef:c9:57:7a:93:a2:
6d:8e:e6:09:ac:67:ce:09:61:5a:ed:82:4d:17:ce:
3a:43:dc:ae:06:66:a2:5f:22:a5:1e:06:66:e5:1f:
a6:7d:6d:c3:35:f6:57:50:7c:d7:1a:2d:db:68:85:
1c:63:10:8c:1d:f8:49:23:6d:85:17:f4:e3:a0:50:
d0:26:1a:88:54:2d:69:62:86:2c:d6:b1:1f:40:c6:
04:03:4d:b5:3c:eb:25:af:36:13:9e:3a:ab:42:7a:
47:ae:32:10:16:ec:93:dc:0c:2d:11:e0:a0:a1:bb:
43:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:39:46:58:1C:B3:95:B3:D4:E4:51:44:AD:87:65:14:37:28:D7:DA
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/vzlGWByzlbPU5FFErYdlFDco19o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
5.44.44.0/24
31.129.22.0/24
37.220.87.0/24
45.129.184.0/24
45.129.187.0/24
91.107.116.0/24
92.118.112.0/24
141.98.234.0/24
195.80.48.0/23
212.60.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:fa:b9:c4:e3:15:fc:0b:9d:6a:9f:43:d4:af:e8:e9:5b:8d:
21:2c:c5:b4:4f:d6:72:eb:0c:2d:c4:72:25:95:0e:75:4b:06:
c5:f4:aa:2a:16:83:99:0f:52:6d:63:8b:ed:c9:0b:5a:31:da:
07:72:a0:67:63:d1:53:8b:d7:fe:b5:72:a6:35:50:07:9e:2f:
6a:25:14:4f:73:18:b4:21:d5:33:4c:b0:38:fb:9e:46:d6:a0:
a2:25:ba:b7:4c:37:06:b4:28:96:68:a8:a0:17:be:ee:63:2e:
b4:fc:93:c5:6d:4b:c7:4b:e4:3c:47:3a:c0:0f:ba:b8:d4:5b:
a0:ce:34:51:f0:be:6e:a0:89:99:fd:91:ec:8c:e0:19:1d:88:
cf:53:47:db:cd:28:2e:b6:b3:ef:91:98:9d:96:c8:ce:d8:50:
84:e5:3e:b5:d7:ba:1f:f4:05:46:ab:84:c9:0b:93:f6:5e:8a:
c8:f1:6b:86:bc:19:b3:e3:a8:3b:97:f6:95:d4:ab:68:09:c6:
9f:12:3a:e2:42:cb:a6:31:ab:51:cd:f0:9b:25:0f:b6:08:0e:
1b:4a:6f:e0:b0:8a:fc:4c:ce:e9:98:8f:46:d1:50:af:2e:58:
49:77:54:4b:77:ad:8a:a1:fb:f2:43:2c:ed:5c:6b:bf:82:e4:
b8:1b:75:b5
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYk+8yjsKoiLNcEDnuOfvSg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzEwMDgzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM5NDY1ODFjYjM5NWIzZDRlNDUxNDRhZDg3NjUxNDM3MjhkN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOmtfzTTv//lO8E+FXJmh/PcZBwK
+x0PflxZRKo6+AHp2JBDoo+kZW+EPuT3ELyPUUjL/Jkxjr1TnrLckdrujaWJ4ore
HcKL6ntrV8ZADmtwk8U3V0MSAwdARfzp6hMmLDlU4SIAxv11Dr1Bv9PD1EOzsRaN
0QBDlFACzqTDB2375aFP1bkL1thI+kCOAsrvyVd6k6JtjuYJrGfOCWFa7YJNF846
Q9yuBmaiXyKlHgZm5R+mfW3DNfZXUHzXGi3baIUcYxCMHfhJI22FF/TjoFDQJhqI
VC1pYoYs1rEfQMYEA021POslrzYTnjqrQnpHrjIQFuyT3AwtEeCgobtD3wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFL85Rlgcs5Wz1ORRRK2HZRQ3KNfaMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvdnpsR1dCeXpsYlBVNUZGRXJZZGxGRGNvMTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABSwqAwQA
BSwsAwQAH4EWAwQAJdxXAwQALYG4AwQALYG7AwQAW2t0AwQAXHZwAwQAjWLqAwQB
w1AwAwQA1DwXMA0GCSqGSIb3DQEBCwUAA4IBAQCO+rnE4xX8C51qn0PUr+jpW40h
LMW0T9Zy6wwtxHIllQ51SwbF9KoqFoOZD1JtY4vtyQtaMdoHcqBnY9FTi9f+tXKm
NVAHni9qJRRPcxi0IdUzTLA4+55G1qCiJbq3TDcGtCiWaKigF77uYy60/JPFbUvH
S+Q8RzrAD7q41FugzjRR8L5uoImZ/ZHsjOAZHYjPU0fbzSgutrPvkZidlsjO2FCE
5T6117of9AVGq4TJC5P2XorI8WuGvBmz46g7l/aV1KtoCcafEjriQsumMatRzfCb
JQ+2CA4bSm/gsIr8TM7pmI9G0VCvLlhJd1RLd62KofvyQyztXGu/guS4G3W1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:15 2024 by rpki-client on console-ams.rpki-client.org