Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/c_MRVcIkSI72pVr7D0eTbt62veE.roa
File: c_MRVcIkSI72pVr7D0eTbt62veE.roa (raw, json)
Hash identifier: NiiaOAfLpkvcDeC4R/vWZgwDGV+zFTwPzYfdWErXEXo=
Subject key identifier: 73:F3:11:55:C2:24:48:8E:F6:A5:5A:FB:0F:47:93:6E:DE:B6:BD:E1
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0189A9A92863C1D0724F70B6F87601AB1E0E
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/c_MRVcIkSI72pVr7D0eTbt62veE.roa
Signing time: Mon 31 Jul 2023 01:56:22 +0000
ROA not before: Mon 31 Jul 2023 01:56:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
88.106.0.0/15 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
88.108.0.0/14 maxlen: 24
62.3.192.0/18 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a9:a9:28:63:c1:d0:72:4f:70:b6:f8:76:01:ab:1e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jul 31 01:56:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73f31155c224488ef6a55afb0f47936edeb6bde1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:8e:62:0a:85:7c:8b:6f:cf:ba:62:64:21:
e2:3a:96:2b:32:3a:2b:56:d7:44:38:d0:3b:b8:74:
38:2e:13:3f:81:58:5f:49:d9:59:fc:c9:83:2f:91:
16:33:15:bb:b5:e0:82:f9:d5:b0:28:da:6b:49:6d:
f7:64:25:d3:49:8c:04:8a:55:57:10:18:6f:5b:a9:
88:2b:1f:17:95:b3:3d:e9:b2:e3:f4:7b:86:fa:37:
90:24:61:22:8a:40:78:8d:89:28:20:22:88:d0:b5:
13:b4:5c:f7:bf:d9:d3:a8:bf:9a:f6:f4:b5:7b:d5:
d1:22:1e:f6:58:ab:7e:92:6e:dc:20:73:8c:6a:90:
ff:6b:59:41:c3:84:30:7a:b2:4e:9a:cf:6b:98:27:
b9:6f:4f:bc:10:37:ac:42:c0:35:0b:b6:65:bd:d0:
03:12:cc:61:ed:38:ba:be:6b:40:7f:21:90:36:6e:
e3:1b:3e:45:a0:76:0e:85:75:3d:88:85:8a:1e:45:
4b:3e:a7:bd:6f:6d:9d:da:e1:87:b8:f8:2b:a4:52:
16:ac:0d:97:93:d6:63:ba:1e:77:14:be:66:0b:4c:
d9:3b:79:0d:fc:3c:5a:b6:56:0f:cf:f9:20:ae:27:
6e:94:ed:5e:8b:63:57:4f:0e:72:ca:2b:b0:8c:2c:
d4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F3:11:55:C2:24:48:8E:F6:A5:5A:FB:0F:47:93:6E:DE:B6:BD:E1
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/c_MRVcIkSI72pVr7D0eTbt62veE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.192.0/18
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
88.106.0.0-88.111.255.255
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
67:d6:e4:e6:47:11:ff:a5:e3:99:81:d9:35:98:c4:8d:ca:28:
c9:84:44:e0:0f:43:ee:56:dd:69:1d:cc:30:ea:19:b4:9d:72:
47:49:45:5c:5c:7b:61:20:da:4c:ca:8d:20:d3:d3:fa:74:20:
3c:ec:46:1d:52:99:ef:1b:25:45:a7:0a:c5:c8:63:f2:d9:11:
a1:70:63:5e:f5:8b:4e:70:38:63:3b:be:70:d2:28:e8:a9:6e:
e9:2b:94:3f:a1:52:df:56:c4:47:3c:79:2a:50:d7:21:ba:19:
74:9c:fb:8e:6b:12:6d:b3:0c:42:83:ff:d0:8b:e1:f5:e0:cf:
46:c4:b7:16:a3:f4:29:c0:2e:07:18:38:cb:27:82:6a:c1:6f:
37:21:da:a8:c3:ed:23:a3:3b:40:b8:0d:5d:fb:7a:1a:3d:e0:
a7:91:a7:af:1d:df:8f:f4:5f:8b:dd:ea:d7:27:f1:e9:09:7b:
5d:1b:c9:c8:be:6c:77:8e:6d:34:34:4c:a5:18:e6:6b:3e:1d:
3f:03:9f:10:9d:a5:24:90:7a:76:3c:75:ea:4f:a2:ab:02:cf:
69:b2:23:9a:d2:dd:50:f7:e4:e6:87:28:f2:9f:6a:27:ee:b2:
38:2f:c1:a2:b2:51:7e:f9:5b:fe:98:03:6d:a2:b8:aa:db:eb:
e0:af:38:25
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYmpqShjwdByT3C2+HYBqx4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwNzMxMDE1NjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2YzMTE1NWMyMjQ0ODhlZjZhNTVhZmIwZjQ3OTM2ZWRlYjZiZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1mOYgqFfItvz7piZCHiOpYrMjor
VtdEONA7uHQ4LhM/gVhfSdlZ/MmDL5EWMxW7teCC+dWwKNprSW33ZCXTSYwEilVX
EBhvW6mIKx8XlbM96bLj9HuG+jeQJGEiikB4jYkoICKI0LUTtFz3v9nTqL+a9vS1
e9XRIh72WKt+km7cIHOMapD/a1lBw4QwerJOms9rmCe5b0+8EDesQsA1C7ZlvdAD
Esxh7Ti6vmtAfyGQNm7jGz5FoHYOhXU9iIWKHkVLPqe9b22d2uGHuPgrpFIWrA2X
k9Zjuh53FL5mC0zZO3kN/DxatlYPz/kgridulO1ei2NXTw5yyiuwjCzUswIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFHPzEVXCJEiO9qVa+w9Hk27etr3hMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvY19NUlZjSWtTSTcycFZyN0QwZVRidDYydmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBnAQCAAEwgZUDBAY+
A8ADAwJPTAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KFAAMD
AFNDAwMAVAwwCgMDAVhqAwMEWGADBAdZqIADBAK5r5ADBADB2mMDBAXCaiADBAXC
9+ADBAbDcAADBAfDiQADBAbDlQADBAXUAYADBAXUSmADAwDUiwMEBtSfgAMEBtXQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAZ9bk5kcR/6XjmYHZNZjEjcooyYRE4A9D7lbd
aR3MMOoZtJ1yR0lFXFx7YSDaTMqNINPT+nQgPOxGHVKZ7xslRacKxchj8tkRoXBj
XvWLTnA4Yzu+cNIo6Klu6SuUP6FS31bERzx5KlDXIboZdJz7jmsSbbMMQoP/0Ivh
9eDPRsS3FqP0KcAuBxg4yyeCasFvNyHaqMPtI6M7QLgNXft6Gj3gp5Gnrx3fj/Rf
i93q1yfx6Ql7XRvJyL5sd45tNDRMpRjmaz4dPwOfEJ2lJJB6djx16k+iqwLPabIj
mtLdUPfk5oco8p9qJ+6yOC/BorJRfvlb/pgDbaK4qtvr4K84JQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:47 2025 by rpki-client