Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MYMJqhvBjAVBiOFLgPlWZKlUOMc.roa
File: MYMJqhvBjAVBiOFLgPlWZKlUOMc.roa (raw, json)
Hash identifier: Eea292FYtJY6Ed7HMg+ZERDncpOxE6rPD6bQfzuKLXY=
Subject key identifier: 31:83:09:AA:1B:C1:8C:05:41:88:E1:4B:80:F9:56:64:A9:54:38:C7
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018964FF7BC4158DF16062B4F48827D032BF
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MYMJqhvBjAVBiOFLgPlWZKlUOMc.roa
Signing time: Mon 17 Jul 2023 17:56:52 +0000
ROA not before: Mon 17 Jul 2023 17:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 192.6.64.0/22 maxlen: 22
198.151.94.0/24 maxlen: 24
198.151.92.0/24 maxlen: 24
192.6.172.0/22 maxlen: 22
198.151.64.0/24 maxlen: 24
198.151.66.0/24 maxlen: 24
198.151.70.0/24 maxlen: 24
198.151.68.0/24 maxlen: 24
198.151.78.0/24 maxlen: 24
198.151.76.0/24 maxlen: 24
198.151.74.0/24 maxlen: 24
198.151.72.0/24 maxlen: 24
198.151.84.0/24 maxlen: 24
198.151.82.0/24 maxlen: 24
198.151.80.0/24 maxlen: 24
198.151.90.0/24 maxlen: 24
198.151.88.0/24 maxlen: 24
198.151.86.0/24 maxlen: 24
155.193.229.0/24 maxlen: 24
155.193.248.0/24 maxlen: 24
155.193.250.0/24 maxlen: 24
155.193.251.0/24 maxlen: 24
155.193.249.0/24 maxlen: 24
158.120.58.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
192.25.232.0/22 maxlen: 22
158.120.54.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
192.137.24.0/22 maxlen: 22
158.120.62.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
192.25.244.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
155.193.32.0/19 maxlen: 19
155.193.48.0/21 maxlen: 21
205.149.36.0/22 maxlen: 22
205.149.32.0/22 maxlen: 22
205.149.44.0/22 maxlen: 22
205.149.40.0/22 maxlen: 22
205.149.48.0/22 maxlen: 22
205.149.56.0/22 maxlen: 22
205.149.52.0/22 maxlen: 22
205.149.60.0/22 maxlen: 22
155.193.163.0/24 maxlen: 24
155.193.161.0/24 maxlen: 24
155.193.162.0/24 maxlen: 24
155.193.160.0/24 maxlen: 24
192.6.252.0/22 maxlen: 22
166.108.24.0/24 maxlen: 24
166.108.23.0/24 maxlen: 24
166.108.21.0/24 maxlen: 24
166.108.22.0/24 maxlen: 24
166.108.20.0/24 maxlen: 24
166.108.26.0/24 maxlen: 24
166.108.27.0/24 maxlen: 24
166.108.25.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:ff:7b:c4:15:8d:f1:60:62:b4:f4:88:27:d0:32:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jul 17 17:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318309aa1bc18c054188e14b80f95664a95438c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:34:34:ff:a6:e3:69:bf:fa:09:b4:86:cc:
53:a4:19:d9:bb:10:14:de:ef:22:ce:d5:5d:d0:2a:
e2:30:c0:3b:ae:66:a5:ee:23:f1:0c:6b:9c:de:34:
86:60:66:ef:d1:a6:cc:3a:f4:f1:81:52:f8:c6:64:
11:2a:16:ef:68:13:b9:90:0c:05:7e:d1:02:8b:c8:
61:b0:f4:df:35:3e:db:5d:8b:20:bc:eb:34:24:24:
09:c8:b2:67:a7:7f:ac:62:f7:4d:04:c6:a1:d5:45:
d2:3d:07:65:76:f1:4f:58:63:df:91:d0:08:f2:0a:
29:6f:3e:b2:f3:f8:20:74:f7:ce:a0:d1:eb:a2:b6:
9e:8c:b3:07:58:92:1b:bd:48:35:0e:98:98:bd:6b:
b2:60:79:96:47:d6:da:ca:e0:ed:87:a8:fc:36:0e:
4e:3a:ec:7f:bd:95:55:9a:01:07:05:b8:65:aa:bd:
2c:e9:2d:40:c8:47:e4:d1:13:f5:7d:5e:c8:39:b4:
fc:07:a7:3c:eb:68:d8:78:73:38:6f:b2:59:03:c6:
83:e4:72:a6:50:87:d7:cc:f8:21:48:87:0b:49:2a:
e4:e5:00:99:cd:44:12:a7:a6:34:ed:8b:5a:66:87:
0f:91:cc:4e:69:22:73:d3:0c:e9:ac:65:08:df:dc:
14:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:83:09:AA:1B:C1:8C:05:41:88:E1:4B:80:F9:56:64:A9:54:38:C7
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MYMJqhvBjAVBiOFLgPlWZKlUOMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.32.0/19
155.193.160.0/22
155.193.229.0/24
155.193.248.0/22
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
166.108.20.0-166.108.27.255
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
198.151.64.0/24
198.151.66.0/24
198.151.68.0/24
198.151.70.0/24
198.151.72.0/24
198.151.74.0/24
198.151.76.0/24
198.151.78.0/24
198.151.80.0/24
198.151.82.0/24
198.151.84.0/24
198.151.86.0/24
198.151.88.0/24
198.151.90.0/24
198.151.92.0/24
198.151.94.0/24
205.149.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:ea:09:8d:27:59:f4:b6:cf:e1:88:47:09:a3:44:0a:e1:04:
63:83:a0:ea:d5:dc:66:87:ae:03:56:50:85:59:9e:89:88:e9:
2b:de:30:d7:4c:76:87:62:4d:54:3e:d8:60:e9:e0:01:86:ec:
01:b3:ed:dc:1c:9f:c8:67:03:fa:ca:0c:09:08:95:a1:75:08:
bf:9d:c1:51:ca:29:7a:44:b8:a5:e1:eb:bb:89:b8:91:b6:87:
23:cf:9f:f7:17:d1:c3:ba:71:e0:a9:7d:07:b8:b2:1f:bc:3b:
0e:a0:45:f0:81:c7:14:1d:13:70:5e:a9:80:17:a4:fb:11:1b:
04:5e:b5:06:fb:a7:64:4b:c9:51:d5:f2:6c:f4:71:57:b2:a9:
9b:00:18:dc:9e:21:0d:c3:3b:54:88:1b:50:10:85:f3:db:c3:
26:98:0e:47:81:d4:f6:e7:91:ec:28:fb:01:f0:69:aa:35:15:
21:8f:ba:75:32:c9:16:35:21:e2:b0:4e:ab:c8:f4:5b:04:d9:
5b:0b:64:78:9b:3c:ac:1f:0e:a7:57:c8:94:b8:6e:0a:93:93:
33:ef:0d:80:0e:6c:18:5d:0e:d6:a3:91:8e:24:bc:a2:b5:1d:
88:58:1d:80:23:82:32:86:7f:80:bd:eb:de:b3:26:44:8a:a2:
ba:30:da:0d
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYlk/3vEFY3xYGK09Ign0DK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwNzE3MTc1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgzMDlhYTFiYzE4YzA1NDE4OGUxNGI4MGY5NTY2NGE5NTQzOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN40NP+m42m/+gm0hsxTpBnZuxAU
3u8iztVd0CriMMA7rmal7iPxDGuc3jSGYGbv0abMOvTxgVL4xmQRKhbvaBO5kAwF
ftECi8hhsPTfNT7bXYsgvOs0JCQJyLJnp3+sYvdNBMah1UXSPQdldvFPWGPfkdAI
8gopbz6y8/ggdPfOoNHroraejLMHWJIbvUg1DpiYvWuyYHmWR9bayuDth6j8Ng5O
Oux/vZVVmgEHBbhlqr0s6S1AyEfk0RP1fV7IObT8B6c862jYeHM4b7JZA8aD5HKm
UIfXzPghSIcLSSrk5QCZzUQSp6Y07YtaZocPkcxOaSJz0wzprGUI39wU3wIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFDGDCaobwYwFQYjhS4D5VmSpVDjHMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvTVlNSnFodkJqQVZCaU9GTGdQbFdaS2xVT01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQF
m8EgAwQCm8GgAwQAm8HlAwQCm8H4AwQAnngwAwQAnngyAwQAnng0AwQAnng2AwQA
nng4AwQAnng6AwQAnng8AwQAnng+MAwDBAKmbBQDBAKmbBgDBALABkADBALABqwD
BALABvwDBALAGbQDBALAGcgDBALAGdADBALAGegDBALAGfQDBALAiRgDBADGl0AD
BADGl0IDBADGl0QDBADGl0YDBADGl0gDBADGl0oDBADGl0wDBADGl04DBADGl1AD
BADGl1IDBADGl1QDBADGl1YDBADGl1gDBADGl1oDBADGl1wDBADGl14DBAXNlSAw
DQYJKoZIhvcNAQELBQADggEBAAzqCY0nWfS2z+GIRwmjRArhBGODoOrV3GaHrgNW
UIVZnomI6SveMNdMdodiTVQ+2GDp4AGG7AGz7dwcn8hnA/rKDAkIlaF1CL+dwVHK
KXpEuKXh67uJuJG2hyPPn/cX0cO6ceCpfQe4sh+8Ow6gRfCBxxQdE3BeqYAXpPsR
GwRetQb7p2RLyVHV8mz0cVeyqZsAGNyeIQ3DO1SIG1AQhfPbwyaYDkeB1Pbnkewo
+wHwaao1FSGPunUyyRY1IeKwTqvI9FsE2VsLZHibPKwfDqdXyJS4bgqTkzPvDYAO
bBhdDtajkY4kvKK1HYhYHYAjgjKGf4C9696zJkSKorow2g0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org