Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MPa_ELhGOGujeFeNmsnwwyvSzF8.roa
File: MPa_ELhGOGujeFeNmsnwwyvSzF8.roa (raw, json)
Hash identifier: ujCcwoLj+ro9xHguZGpr7FPrBqD+DEafW9TEnn/ZgW4=
Subject key identifier: 30:F6:BF:10:B8:46:38:6B:A3:78:57:8D:9A:C9:F0:C3:2B:D2:CC:5F
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0184EB65FC54184C7CE7014BF68B6C84EB5B
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MPa_ELhGOGujeFeNmsnwwyvSzF8.roa
Signing time: Wed 07 Dec 2022 07:04:00 +0000
ROA not before: Wed 07 Dec 2022 07:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205647
IP address blocks: 151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.205.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.224.0/22 maxlen: 22
94.182.72.0/21 maxlen: 21
151.247.248.0/22 maxlen: 22
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
151.240.240.0/21 maxlen: 21
31.59.12.0/22 maxlen: 22
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
94.182.116.0/22 maxlen: 22
94.182.114.0/23 maxlen: 23
94.182.120.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:65:fc:54:18:4c:7c:e7:01:4b:f6:8b:6c:84:eb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Dec 7 07:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30f6bf10b846386ba378578d9ac9f0c32bd2cc5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:a1:68:17:eb:5f:e3:cf:cc:4c:ec:61:33:
11:0e:76:91:dc:26:6c:b5:ea:80:9f:b7:ed:a1:38:
45:51:f7:6d:c3:87:69:60:a6:9c:b3:12:85:c0:66:
d3:d8:3c:f9:74:b8:40:c7:ad:41:21:2d:1f:18:83:
03:6b:93:ab:c5:ac:36:1a:ee:24:bf:dd:c0:c9:2b:
4e:b9:79:73:68:2b:8e:13:5c:b9:bf:bf:00:3a:2e:
6a:89:8d:33:aa:82:48:a5:05:58:e2:69:ec:67:c6:
c0:c9:ad:35:e9:71:17:82:8a:3c:72:b5:2e:55:fb:
88:52:34:7e:b5:df:01:53:62:c5:e3:0f:17:cd:33:
18:47:e3:b9:87:2d:3a:a3:2d:19:b1:e4:4a:fb:f6:
25:52:6d:f8:d4:9d:72:51:0b:67:1f:eb:cd:bd:e8:
0d:f4:99:5b:23:84:46:63:83:5c:ed:bc:98:fb:65:
71:e9:6e:60:91:ac:bf:84:03:e4:a2:9a:42:72:e2:
d4:92:27:e1:50:69:0a:0e:b3:56:74:a9:4e:27:de:
7c:9d:89:77:c9:6b:f4:5a:b5:f7:88:d2:0c:3e:cd:
37:d3:13:aa:87:67:ad:7b:a0:40:f9:8d:fc:d2:6e:
04:91:b2:b6:60:10:d1:b2:4f:ab:f6:cd:75:40:fd:
94:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F6:BF:10:B8:46:38:6B:A3:78:57:8D:9A:C9:F0:C3:2B:D2:CC:5F
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MPa_ELhGOGujeFeNmsnwwyvSzF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
31.59.12.0/22
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.72.0/21
94.182.114.0-94.182.127.255
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.247.214.0-151.247.227.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:04:a8:43:7e:dc:b1:5e:28:81:52:cc:97:75:a3:95:1e:38:
ae:f6:67:b0:ae:2a:23:88:19:eb:11:88:53:46:30:03:f3:34:
50:25:43:6f:6f:7e:ae:2e:90:f6:22:ae:03:30:a3:fd:cf:8b:
7d:4b:3c:8b:a7:85:ae:6c:83:34:ca:b1:27:f3:d3:0d:d5:22:
dc:e6:0a:33:92:d6:4e:f2:c0:1c:e4:97:06:0c:e8:25:f3:ac:
0b:aa:03:12:8f:18:83:a9:82:c6:83:9d:27:70:9c:cb:51:6a:
5c:8a:15:e1:e3:83:b3:bb:0d:86:70:59:83:0a:fd:b9:0d:aa:
38:d1:34:02:d2:61:85:14:97:b1:58:fe:34:ed:f3:40:f9:59:
90:f0:28:c7:d3:d6:b6:ab:d6:ab:75:b3:d8:62:a1:c2:9e:74:
c0:b1:1e:86:58:42:9b:2d:a3:2a:b1:25:8f:45:0b:2b:92:3f:
44:a2:08:f0:68:1d:c6:9a:90:76:a0:6b:7a:7d:0f:94:aa:49:
e9:a8:89:b0:ae:d4:24:05:a2:0e:f8:52:32:59:00:cb:d4:58:
8f:b8:42:d4:82:c2:6c:f9:ec:87:dc:a4:7e:07:75:f6:9d:fa:
77:9b:59:61:5a:cb:ac:b8:ac:20:0a:2d:8e:a5:3c:42:f5:76:
96:68:52:aa
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYTrZfxUGEx85wFL9otshOtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjIxMjA3MDcwNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY2YmYxMGI4NDYzODZiYTM3ODU3OGQ5YWM5ZjBjMzJiZDJjYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0WhaBfrX+PPzEzsYTMRDnaR3CZs
teqAn7ftoThFUfdtw4dpYKacsxKFwGbT2Dz5dLhAx61BIS0fGIMDa5Orxaw2Gu4k
v93AyStOuXlzaCuOE1y5v78AOi5qiY0zqoJIpQVY4mnsZ8bAya016XEXgoo8crUu
VfuIUjR+td8BU2LF4w8XzTMYR+O5hy06oy0ZseRK+/YlUm341J1yUQtnH+vNvegN
9JlbI4RGY4Nc7byY+2Vx6W5gkay/hAPkoppCcuLUkifhUGkKDrNWdKlOJ958nYl3
yWv0WrX3iNIMPs030xOqh2ete6BA+Y380m4EkbK2YBDRsk+r9s11QP2UXQIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFDD2vxC4Rjhro3hXjZrJ8MMr0sxfMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvTVBhX0VMaEdPR3VqZUZlTm1zbnd3eXZTekY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAEwgYkwCwMD
Ax84AwQEHzhgAwQAHzh0AwQCHzsMAwQBVQ8wAwQBXrYIAwQBXrYMAwQAXrYpAwQD
XrZIMAwDBAFetnIDBAdetgADBAJetswDBABettkDBABetuIDBAJetuQDBAOX8FAD
BAKX8KgDBAOX8MADBAOX8PAwDAMEAZf31gMEApf34AMEApf3+DANBgkqhkiG9w0B
AQsFAAOCAQEAvASoQ37csV4ogVLMl3WjlR44rvZnsK4qI4gZ6xGIU0YwA/M0UCVD
b29+ri6Q9iKuAzCj/c+LfUs8i6eFrmyDNMqxJ/PTDdUi3OYKM5LWTvLAHOSXBgzo
JfOsC6oDEo8Yg6mCxoOdJ3Ccy1FqXIoV4eODs7sNhnBZgwr9uQ2qONE0AtJhhRSX
sVj+NO3zQPlZkPAox9PWtqvWq3Wz2GKhwp50wLEehlhCmy2jKrElj0ULK5I/RKII
8GgdxpqQdqBren0PlKpJ6aiJsK7UJAWiDvhSMlkAy9RYj7hC1ILCbPnsh9ykfgd1
9p36d5tZYVrLrLisIAotjqU8QvV2lmhSqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:45 2024 by rpki-client on console-ams.rpki-client.org