Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MMwa7e8hSNvQFnT1V-md0k6fgio.roa
File: MMwa7e8hSNvQFnT1V-md0k6fgio.roa (raw, json)
Hash identifier: X/mSN3fW3dBHM3kebNGAs3dpuAr3oQ1JV+h3O+w9Ohg=
Subject key identifier: 30:CC:1A:ED:EF:21:48:DB:D0:16:74:F5:57:E9:9D:D2:4E:9F:82:2A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019289F5AE458BA6CC4982A0C82F3756C753
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MMwa7e8hSNvQFnT1V-md0k6fgio.roa
Signing time: Mon 14 Oct 2024 07:37:12 +0000
ROA not before: Mon 14 Oct 2024 07:37:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.4.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:f5:ae:45:8b:a6:cc:49:82:a0:c8:2f:37:56:c7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 07:37:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30cc1aedef2148dbd01674f557e99dd24e9f822a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8b:e2:8b:b1:d8:d4:2e:77:22:d9:28:b9:d6:
c6:6d:9e:2a:27:20:1b:62:a6:0d:59:f7:0e:72:3d:
8c:02:30:3d:71:a6:5c:31:f8:f9:e2:e2:14:7f:c0:
b6:59:b4:10:60:ef:66:6a:66:b8:94:fc:0e:ea:b2:
08:4d:cf:e8:5c:61:a8:bf:5b:73:44:5c:a5:98:a7:
41:77:73:9e:39:50:23:40:4d:c9:36:89:55:00:95:
68:76:8b:f9:ec:8c:32:74:77:89:e5:da:10:a0:75:
17:24:83:65:63:cf:8a:fa:e4:72:2e:8a:e1:44:bf:
5f:3d:34:b2:76:ba:54:44:ff:13:a9:49:f7:63:28:
60:70:da:98:e5:f4:d3:2e:5f:f1:3c:f2:23:c3:9d:
30:23:fc:d7:37:3d:7e:d3:46:5e:12:97:d7:90:a2:
d0:b8:f8:8e:20:c6:bb:a2:58:88:1f:4d:ed:e3:04:
cb:22:2b:a0:d7:1b:e0:6b:04:75:43:d4:55:c5:44:
02:57:38:52:03:a1:85:80:2c:13:30:69:ac:5c:15:
5f:dc:7a:65:68:ea:26:34:28:9e:ac:a9:ba:99:e1:
8c:54:42:2d:b2:14:1b:98:9e:a2:9e:fd:a9:44:ee:
b8:d5:c7:c2:51:e0:fd:fb:c6:f9:3f:22:f1:16:30:
09:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:CC:1A:ED:EF:21:48:DB:D0:16:74:F5:57:E9:9D:D2:4E:9F:82:2A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MMwa7e8hSNvQFnT1V-md0k6fgio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/23
185.72.10.0/24
192.124.181.0-192.124.182.255
192.124.188.0/24
192.124.190.0/24
193.124.4.0/24
194.87.3.0/24
194.87.24.0/24
194.87.33.0/24
194.87.36.0/24
194.87.90.0/24
194.87.165.0-194.87.166.255
194.87.229.0/24
194.87.231.0/24
195.133.35.0/24
212.192.8.0/24
212.192.242.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:f1:b0:93:92:27:93:70:e8:b1:30:de:59:82:31:4c:fc:a7:
35:3e:ad:aa:7f:b8:b8:3e:75:23:ba:ff:44:37:78:79:64:24:
db:94:7b:fb:4a:33:96:a3:17:54:b5:33:6f:ba:f3:73:ff:61:
24:04:80:4c:9d:81:a7:8b:a3:03:a4:f8:96:b3:a8:91:86:99:
e3:f7:e3:fb:80:87:28:9c:1a:45:b9:4e:5d:46:a1:9b:ae:82:
fa:89:64:bf:b7:f9:f7:86:b8:e5:90:be:55:9b:7d:42:93:58:
33:58:ec:1b:29:18:29:e0:db:57:2d:b0:e7:06:eb:7e:bc:85:
57:00:8c:2b:a4:38:03:07:51:22:2d:8f:61:28:28:57:6b:24:
fb:2a:25:f2:2f:d2:6d:98:63:e3:e3:7d:88:0f:59:14:99:5f:
9d:07:80:b8:2f:bf:45:37:cd:c9:e2:8d:80:91:b2:ab:25:9b:
84:bb:d4:02:f1:c0:3e:ff:40:08:48:cd:63:fb:62:95:de:74:
c2:04:54:54:c3:f2:06:3e:3e:13:ce:d6:17:2b:90:8f:20:e2:
95:d2:4f:ca:4d:d6:25:51:9b:83:af:6d:c8:43:14:0b:8e:e8:
ad:96:e5:84:c4:92:19:4f:62:75:d2:88:94:7e:a1:48:d7:df:
6a:9c:c6:14
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZKJ9a5Fi6bMSYKgyC83VsdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMDE0MDczNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGNjMWFlZGVmMjE0OGRiZDAxNjc0ZjU1N2U5OWRkMjRlOWY4MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYvii7HY1C53ItkoudbGbZ4qJyAb
YqYNWfcOcj2MAjA9caZcMfj54uIUf8C2WbQQYO9mama4lPwO6rIITc/oXGGov1tz
RFylmKdBd3OeOVAjQE3JNolVAJVodov57IwydHeJ5doQoHUXJINlY8+K+uRyLorh
RL9fPTSydrpURP8TqUn3YyhgcNqY5fTTLl/xPPIjw50wI/zXNz1+00ZeEpfXkKLQ
uPiOIMa7oliIH03t4wTLIiug1xvgawR1Q9RVxUQCVzhSA6GFgCwTMGmsXBVf3Hpl
aOomNCierKm6meGMVEItshQbmJ6inv2pRO641cfCUeD9+8b5PyLxFjAJfQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFDDMGu3vIUjb0BZ09VfpndJOn4IqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTU13YTdlOGhTTnZRRm5UMVYtbWQwazZmZ2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAE+TOID
BAC5SAowDAMEAMB8tQMEAMB8tgMEAMB8vAMEAMB8vgMEAMF8BAMEAMJXAwMEAMJX
GAMEAMJXIQMEAMJXJAMEAMJXWjAMAwQAwlelAwQAwlemAwQAwlflAwQAwlfnAwQA
w4UjAwQA1MAIAwQA1MDyMA0GCSqGSIb3DQEBCwUAA4IBAQAO8bCTkieTcOixMN5Z
gjFM/Kc1Pq2qf7i4PnUjuv9EN3h5ZCTblHv7SjOWoxdUtTNvuvNz/2EkBIBMnYGn
i6MDpPiWs6iRhpnj9+P7gIconBpFuU5dRqGbroL6iWS/t/n3hrjlkL5Vm31Ck1gz
WOwbKRgp4NtXLbDnBut+vIVXAIwrpDgDB1EiLY9hKChXayT7KiXyL9JtmGPj432I
D1kUmV+dB4C4L79FN83J4o2AkbKrJZuEu9QC8cA+/0AISM1j+2KV3nTCBFRUw/IG
Pj4TztYXK5CPIOKV0k/KTdYlUZuDr23IQxQLjuitluWExJIZT2J10oiUfqFI199q
nMYU
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:43 2025 by rpki-client