Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mGgug_YpHok6DPkIGS2MiAmo7QA.roa
File: mGgug_YpHok6DPkIGS2MiAmo7QA.roa (raw, json)
Hash identifier: ViS8Nnwbi9tMmnolnrN5CnN38AHxotXVvzhTibC1IKg=
Subject key identifier: 98:68:2E:83:F6:29:1E:89:3A:0C:F9:08:19:2D:8C:88:09:A8:ED:00
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 140ED1E2
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mGgug_YpHok6DPkIGS2MiAmo7QA.roa
Signing time: Mon 07 Mar 2022 14:12:42 +0000
ROA not before: Mon 07 Mar 2022 14:12:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 85.8.164.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
188.253.0.0/23 maxlen: 24
91.132.59.0/24 maxlen: 24
193.36.85.0/24 maxlen: 24
193.36.84.0/24 maxlen: 24
212.87.192.0/22 maxlen: 24
185.234.144.0/22 maxlen: 24
185.59.115.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336515554 (0x140ed1e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 7 14:12:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98682e83f6291e893a0cf908192d8c8809a8ed00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:e3:fc:ec:50:7e:45:93:75:6d:c6:89:6f:
1f:a9:2d:eb:c6:38:c3:88:6a:e2:7f:6a:31:94:25:
a0:44:f2:8f:78:c0:9e:db:f1:3d:c1:60:7a:d2:2b:
37:9a:b1:dc:dc:79:15:0c:57:7b:42:84:c3:f7:7b:
3e:ec:2e:e5:d2:1c:10:66:f8:1f:73:38:19:de:6c:
aa:f4:c8:bd:41:13:8d:5c:22:8e:a4:ea:d5:3d:f1:
d2:66:37:36:fe:55:66:4d:83:40:e1:70:3c:46:de:
f8:9c:22:97:12:29:6f:d7:a4:1c:b8:d3:af:6b:bc:
58:f3:ab:fc:c8:4b:81:01:21:6b:a3:8b:09:79:80:
0d:ed:f7:b9:ef:d5:d5:2d:62:54:60:e6:a4:9f:7f:
82:76:1e:b0:8e:4e:97:5a:4e:40:64:cb:4c:a1:f8:
7f:39:35:82:43:c3:a4:a6:69:23:61:cf:32:00:3f:
82:13:52:c1:c3:60:5c:18:21:a4:7b:54:48:00:32:
b7:3c:94:0b:73:41:39:9f:32:c6:4b:6b:8d:5c:9b:
ab:88:36:b7:fe:f1:96:96:55:3c:11:df:38:12:66:
51:90:b1:9a:ac:54:f9:04:6f:e2:c0:68:b5:ef:1d:
04:fd:f3:cb:ec:22:8f:bb:53:2e:4c:b8:65:55:89:
be:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:68:2E:83:F6:29:1E:89:3A:0C:F9:08:19:2D:8C:88:09:A8:ED:00
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mGgug_YpHok6DPkIGS2MiAmo7QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.20.0/23
82.115.24.0/22
85.8.164.0/22
91.132.59.0/24
185.59.115.0/24
185.129.108.0/23
185.220.236.0/22
185.234.144.0/22
185.248.184.0/22
188.253.0.0/23
193.36.84.0/23
212.87.192.0/22
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:1e:ee:fe:5f:3b:1c:a5:77:77:5a:c3:08:fc:5c:79:65:5b:
06:af:91:1b:d1:8c:76:50:eb:05:b7:8f:1d:e4:30:df:5a:39:
56:f9:06:8f:41:e0:ff:a3:7e:d2:54:94:1e:87:f1:17:97:5f:
7b:ad:c8:70:5f:bf:7b:5d:f3:b5:70:02:45:99:6b:73:09:66:
b8:02:96:b9:3b:39:f4:d4:7c:70:c4:af:c5:00:ad:30:ce:95:
03:57:0c:49:a3:b8:02:7d:8f:15:04:65:bb:93:0f:07:ec:db:
ea:bf:5b:51:d8:97:73:5f:ed:00:9a:6b:c4:02:ca:01:1f:de:
2b:71:70:2d:ef:f8:bd:fd:62:e6:cf:c6:48:09:26:d8:f8:a0:
56:80:4d:79:27:a0:a1:bb:70:50:b6:8d:9f:11:f2:7d:a8:3b:
0b:5a:bb:d0:aa:b5:00:e6:45:27:85:2f:29:54:d3:68:35:73:
86:66:bf:57:c0:97:8f:c0:1e:e1:21:28:4f:42:c3:2d:05:4e:
61:b6:70:88:3e:3d:93:3d:1b:d0:a1:6d:15:c8:6b:50:a2:74:
33:98:7c:19:d5:32:85:9a:12:66:2e:3c:20:f2:06:73:d0:7c:
9d:0b:02:ee:ea:11:95:14:67:39:34:18:a3:25:95:92:e1:70:
55:60:41:30
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEFA7R4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMw
NzE0MTI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTg2ODJlODNmNjI5
MWU4OTNhMGNmOTA4MTkyZDhjODgwOWE4ZWQwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALns4/zsUH5Fk3VtxolvH6kt68Y4w4hq4n9qMZQloETyj3jA
ntvxPcFgetIrN5qx3Nx5FQxXe0KEw/d7Puwu5dIcEGb4H3M4Gd5sqvTIvUETjVwi
jqTq1T3x0mY3Nv5VZk2DQOFwPEbe+JwilxIpb9ekHLjTr2u8WPOr/MhLgQEha6OL
CXmADe33ue/V1S1iVGDmpJ9/gnYesI5Ol1pOQGTLTKH4fzk1gkPDpKZpI2HPMgA/
ghNSwcNgXBghpHtUSAAytzyUC3NBOZ8yxktrjVybq4g2t/7xlpZVPBHfOBJmUZCx
mqxU+QRv4sBote8dBP3zy+wij7tTLky4ZVWJvqECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBSYaC6D9ikeiToM+QgZLYyICajtADAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L21HZ3VnX1lwSG9rNkRQa0lHUzJNaUFtbzdRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAVJzFAMEAlJzGAMEAlUIpAMEAFuE
OwMEALk7cwMEAbmBbAMEArnc7AMEArnqkAMEArn4uAMEAbz9AAMEAcEkVAMEAtRX
wAMEAtRaZDANBgkqhkiG9w0BAQsFAAOCAQEAwx7u/l87HKV3d1rDCPxceWVbBq+R
G9GMdlDrBbePHeQw31o5VvkGj0Hg/6N+0lSUHofxF5dfe63IcF+/e13ztXACRZlr
cwlmuAKWuTs59NR8cMSvxQCtMM6VA1cMSaO4An2PFQRlu5MPB+zb6r9bUdiXc1/t
AJprxALKAR/eK3FwLe/4vf1i5s/GSAkm2PigVoBNeSegobtwULaNnxHyfag7C1q7
0Kq1AOZFJ4UvKVTTaDVzhma/V8CXj8Ae4SEoT0LDLQVOYbZwiD49kz0b0KFtFchr
UKJ0M5h8GdUyhZoSZi48IPIGc9B8nQsC7uoRlRRnOTQYoyWVkuFwVWBBMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org