Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MlfFa6hNnk89uKVnel8w7uiJQlk.roa
File: MlfFa6hNnk89uKVnel8w7uiJQlk.roa (raw, json)
Hash identifier: qbbu9u8kgIT/uYf29Q71Yu9ZJnr5dvWvsLklH8aMNRk=
Subject key identifier: 32:57:C5:6B:A8:4D:9E:4F:3D:B8:A5:67:7A:5F:30:EE:E8:89:42:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1F542777
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MlfFa6hNnk89uKVnel8w7uiJQlk.roa
Signing time: Tue 28 Jun 2022 14:25:02 +0000
ROA not before: Tue 28 Jun 2022 14:25:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
91.92.115.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
185.218.139.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.175.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.60.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 525608823 (0x1f542777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 28 14:25:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3257c56ba84d9e4f3db8a5677a5f30eee8894259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:be:d5:0e:52:3d:5e:e3:a7:d2:0b:57:f9:a2:
91:57:f5:cd:2d:b0:bc:3e:3d:9a:7b:b5:31:3c:0e:
c6:33:32:d1:2d:6b:d3:8d:ca:bf:5c:f2:87:1a:47:
12:9d:c6:82:5c:18:7a:98:42:a4:1d:d8:df:3b:ad:
cc:4a:21:72:a6:77:1c:2e:7f:bd:39:8a:cb:88:c9:
82:87:11:9d:64:41:2a:f8:b9:98:dc:01:bb:77:10:
82:31:9e:43:e0:87:27:43:de:60:0c:1f:30:95:14:
c9:41:b0:e6:98:7e:02:b8:b9:2c:36:8c:74:27:3f:
70:cd:a3:fb:d9:5a:81:f0:2d:7c:0f:db:00:0c:e2:
7d:33:86:42:fd:ca:e2:25:5f:f3:cd:af:c0:bd:a9:
1c:7c:90:9a:89:ec:7c:9e:d6:bc:30:a1:33:3a:7a:
4b:30:0d:51:38:eb:05:18:37:6b:48:b9:70:29:2a:
38:2f:5a:59:09:3d:9b:36:af:fc:e7:4a:14:7e:e8:
6e:1f:58:06:96:0d:c1:1a:2b:84:33:2a:d6:1c:ae:
1d:b8:0d:bd:ad:15:3d:a3:60:d2:eb:5b:55:62:cd:
00:f0:e5:aa:25:78:3b:c2:3f:34:e5:44:21:90:88:
8f:6d:fe:ef:33:a8:be:9e:63:c6:4f:96:fe:3c:90:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:57:C5:6B:A8:4D:9E:4F:3D:B8:A5:67:7A:5F:30:EE:E8:89:42:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MlfFa6hNnk89uKVnel8w7uiJQlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/24
79.110.50.0/24
79.110.60.0/23
79.110.63.0/24
80.76.48.0/23
83.219.97.0-83.219.98.255
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
91.92.115.0/24
94.154.172.0/24
94.154.174.0/23
109.206.239.0/24
178.215.224.0/22
178.215.236.0/22
185.216.69.0-185.216.70.255
185.218.136.0/23
185.218.139.0/24
185.246.221.0/24
185.252.176.0/24
193.35.18.0/23
193.37.42.0/24
193.37.44.0/24
193.37.47.0/24
193.47.62.0/23
193.222.96.0-193.222.98.255
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f8:9a:c5:8a:9d:2f:fb:0b:bd:27:53:76:f4:6e:5a:3c:63:
8e:37:15:49:29:55:64:2c:48:92:f1:54:fb:ed:ff:40:b8:cf:
1e:c0:0d:89:29:66:c9:82:db:83:8e:90:53:6f:3e:7e:1c:ff:
7b:ed:fa:60:e7:b3:47:1b:b3:b2:c0:90:23:b3:cf:a4:0d:c8:
05:f3:b9:a3:83:60:6e:6d:8a:26:27:ae:2f:af:b2:8b:0a:cf:
72:a8:06:7f:9c:62:5b:88:94:43:95:97:50:ec:18:3a:9a:2f:
14:0e:8a:b3:e4:db:91:7c:7f:de:39:21:b8:a1:af:c5:c2:c3:
08:9a:dd:0b:18:12:b3:fc:35:b7:80:c9:82:24:42:45:34:f9:
26:86:c4:4d:bf:f6:6f:19:e8:4a:e0:75:37:4d:c0:2d:a4:e6:
db:49:10:77:a1:4e:3e:7d:33:0b:c3:51:19:55:03:37:30:2f:
0e:8d:08:8c:e0:66:5c:fb:cd:20:56:ac:37:16:14:1f:3f:27:
cc:d2:5e:a1:5d:a9:fa:97:21:68:77:47:79:94:db:2c:e6:11:
12:f4:19:77:2f:6e:6c:7d:bf:f6:45:7d:30:08:f3:3c:62:2c:
1c:87:8a:75:2d:f1:c5:17:24:ec:47:89:3c:e6:a3:54:44:ab:
fc:b0:77:04
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIEH1QndzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDYy
ODE0MjUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI1N2M1NmJhODRk
OWU0ZjNkYjhhNTY3N2E1ZjMwZWVlODg5NDI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOK+1Q5SPV7jp9ILV/mikVf1zS2wvD49mnu1MTwOxjMy0S1r
043Kv1zyhxpHEp3GglwYephCpB3Y3zutzEohcqZ3HC5/vTmKy4jJgocRnWRBKvi5
mNwBu3cQgjGeQ+CHJ0PeYAwfMJUUyUGw5ph+Ari5LDaMdCc/cM2j+9lagfAtfA/b
AAzifTOGQv3K4iVf882vwL2pHHyQmonsfJ7WvDChMzp6SzANUTjrBRg3a0i5cCkq
OC9aWQk9mzav/OdKFH7obh9YBpYNwRorhDMq1hyuHbgNva0VPaNg0utbVWLNAPDl
qiV4O8I/NOVEIZCIj23+7zOovp5jxk+W/jyQLKUCAwEAAaOCAtowggLWMB0GA1Ud
DgQWBBQyV8VrqE2eTz24pWd6XzDu6IlCWTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L01sZkZhNmhObms4OXVLVm5lbDh3N3VpSlFsay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
7wYIKwYBBQUHAQcBAf8Egd8wgdwwgdkEAgABMIHSAwQBJYuCAwQAT24wAwQAT24y
AwQBT248AwQAT24/AwQBUEwwMAwDBABT22EDBABT22IDBABVHy8DBABV2ZADBABX
eFQDBABXeFcDBABbXHMDBABemqwDBAFemq4DBABtzu8DBAKy1+ADBAKy1+wwDAME
ALnYRQMEALnYRgMEAbnaiAMEALnaiwMEALn23QMEALn8sAMEAcEjEgMEAMElKgME
AMElLAMEAMElLwMEAcEvPjAMAwQFwd5gAwQAwd5iAwQAwqmvAwQAwrQyAwQA1FfN
MA0GCSqGSIb3DQEBCwUAA4IBAQCt+JrFip0v+wu9J1N29G5aPGOONxVJKVVkLEiS
8VT77f9AuM8ewA2JKWbJgtuDjpBTbz5+HP977fpg57NHG7OywJAjs8+kDcgF87mj
g2BubYomJ64vr7KLCs9yqAZ/nGJbiJRDlZdQ7Bg6mi8UDoqz5NuRfH/eOSG4oa/F
wsMImt0LGBKz/DW3gMmCJEJFNPkmhsRNv/ZvGehK4HU3TcAtpObbSRB3oU4+fTML
w1EZVQM3MC8OjQiM4GZc+80gVqw3FhQfPyfM0l6hXan6lyFod0d5lNss5hES9Bl3
L25sfb/2RX0wCPM8Yiwch4p1LfHFFyTsR4k85qNURKv8sHcE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org