Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKMVmYwjAFnmv-KFyaIVjq1X0Fs.roa
File: MKMVmYwjAFnmv-KFyaIVjq1X0Fs.roa (raw, json)
Hash identifier: aFAxl11ZRyRvs+Qglmd6Yyue4Yohn6sKdp1QtC6MaUI=
Subject key identifier: 30:A3:15:99:8C:23:00:59:E6:BF:E2:85:C9:A2:15:8E:AD:57:D0:5B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B915173740C5DDFD2009C4C90C30E1FF6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKMVmYwjAFnmv-KFyaIVjq1X0Fs.roa
Signing time: Thu 02 Nov 2023 18:35:16 +0000
ROA not before: Thu 02 Nov 2023 18:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 89.213.64.0/18 maxlen: 24
37.252.24.0/21 maxlen: 24
80.240.80.0/20 maxlen: 20
77.107.64.0/18 maxlen: 24
213.210.0.0/18 maxlen: 24
85.159.128.0/21 maxlen: 24
212.38.64.0/19 maxlen: 24
37.98.144.0/22 maxlen: 24
37.98.144.0/21 maxlen: 24
109.176.0.0/16 maxlen: 16
89.213.48.0/20 maxlen: 24
89.213.192.0/18 maxlen: 24
213.218.208.0/20 maxlen: 24
89.31.232.0/21 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
79.99.72.0/21 maxlen: 24
185.20.32.0/22 maxlen: 24
213.218.224.0/19 maxlen: 24
81.168.0.0/17 maxlen: 17
82.163.0.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
185.24.84.0/22 maxlen: 24
194.105.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
82.152.0.0/16 maxlen: 16
81.5.128.0/18 maxlen: 18
82.152.0.0/15 maxlen: 15
195.128.138.0/24 maxlen: 24
213.152.32.0/19 maxlen: 19
2a02:21f8::/32 maxlen: 32
2a00:c60::/32 maxlen: 32
2001:1a90::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:51:73:74:0c:5d:df:d2:00:9c:4c:90:c3:0e:1f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 2 18:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a315998c230059e6bfe285c9a2158ead57d05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:09:17:ff:ce:ef:70:3d:f2:0c:5f:88:f6:
97:47:58:59:a6:1f:b6:61:41:f7:6b:d4:5f:5c:e1:
79:7a:f0:13:56:29:a2:3f:b6:97:d2:92:a2:87:30:
0f:4f:c0:7c:25:ea:cb:4a:36:df:3a:60:7d:55:e3:
79:06:80:fc:38:98:05:f0:00:15:af:78:fa:88:d6:
b3:f3:0a:8a:e3:cd:bf:c4:33:c5:f3:16:9d:98:9d:
8e:5c:53:e7:fe:c2:cb:92:16:c5:79:8c:9c:71:c4:
ba:2c:48:28:14:18:da:36:02:17:c6:21:d6:77:1f:
c2:58:e1:11:61:30:18:4d:d8:f2:87:5d:12:d8:34:
b0:62:b3:26:b1:c0:d8:5e:b9:25:42:c9:40:83:61:
7d:0a:92:f4:ed:04:db:b3:92:9a:1a:29:ce:65:92:
d0:e7:08:23:ec:2e:90:c0:08:52:9f:3b:8e:60:fc:
2d:af:c4:ed:8e:41:05:de:3b:38:63:31:5d:1d:e6:
75:5c:d5:95:0c:39:07:1f:a8:07:16:c6:0e:56:a3:
29:34:10:a6:79:36:b9:c9:de:9c:45:06:c0:77:70:
4f:9c:59:76:07:b3:46:5b:44:0c:ca:82:95:54:9e:
c9:f7:e2:a3:39:09:ee:91:3c:51:a2:0c:b9:f2:2f:
85:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A3:15:99:8C:23:00:59:E6:BF:E2:85:C9:A2:15:8E:AD:57:D0:5B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MKMVmYwjAFnmv-KFyaIVjq1X0Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.107.64.0/18
79.99.72.0/21
80.240.80.0/20
81.5.128.0/18
81.168.0.0/17
82.152.0.0/15
82.163.0.0/19
85.159.128.0/21
89.31.232.0/21
89.213.48.0-89.213.127.255
89.213.192.0/18
109.176.0.0/16
185.20.32.0/22
185.24.84.0/22
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.152.32.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
IPv6:
2001:1a90::/32
2a00:c60::/32
2a02:21f8::/32
Signature Algorithm: sha256WithRSAEncryption
3c:39:79:4c:cb:de:81:60:85:5d:51:0e:e1:61:2b:53:8a:fa:
9c:78:62:3e:ed:fe:e5:32:70:b7:51:5a:ea:a4:1a:90:c1:20:
56:6b:99:6b:4f:e6:fb:33:a1:c2:c5:64:bb:a8:40:16:8f:fd:
63:2e:41:ac:54:72:03:f7:98:bc:7c:e6:ef:15:60:83:7a:4a:
5b:16:73:ab:e3:d1:78:57:1f:e7:7e:8b:59:32:f9:5b:61:73:
2c:df:06:f2:4a:c2:3d:11:f6:60:23:e0:e9:b2:46:2a:8d:16:
05:72:28:f4:b6:57:f3:d8:d7:2d:7b:3e:4e:fc:eb:15:7e:0d:
a0:66:9c:ba:3a:a7:26:a7:57:02:17:2e:da:e8:5f:44:1b:4e:
ec:cd:2a:b0:b6:f6:c4:42:24:af:99:97:55:05:bf:5d:c2:6f:
dc:c1:d1:bc:d9:ce:71:c4:cd:3d:43:a7:12:70:4f:d6:6e:7d:
29:ae:06:9d:f3:8b:5c:fb:b9:de:30:1f:eb:0c:9f:5c:bb:fe:
74:16:e8:d7:88:4a:21:ac:6e:be:60:ee:69:28:9f:fd:c1:b0:
67:a1:06:50:5a:b1:da:58:e6:b6:32:31:15:6d:62:bf:ca:9c:
77:72:30:30:15:2f:8b:a6:6a:28:a6:0c:f4:7b:3f:1d:49:e2:
2d:38:66:6c
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYuRUXN0DF3f0gCcTJDDDh/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTAyMTgzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGEzMTU5OThjMjMwMDU5ZTZiZmUyODVjOWEyMTU4ZWFkNTdkMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0sJF//O73A98gxfiPaXR1hZph+2
YUH3a9RfXOF5evATVimiP7aX0pKihzAPT8B8JerLSjbfOmB9VeN5BoD8OJgF8AAV
r3j6iNaz8wqK482/xDPF8xadmJ2OXFPn/sLLkhbFeYycccS6LEgoFBjaNgIXxiHW
dx/CWOERYTAYTdjyh10S2DSwYrMmscDYXrklQslAg2F9CpL07QTbs5KaGinOZZLQ
5wgj7C6QwAhSnzuOYPwtr8TtjkEF3js4YzFdHeZ1XNWVDDkHH6gHFsYOVqMpNBCm
eTa5yd6cRQbAd3BPnFl2B7NGW0QMyoKVVJ7J9+KjOQnukTxRogy58i+F8wIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFDCjFZmMIwBZ5r/ihcmiFY6tV9BbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTUtNVm1Zd2pBRm5tdi1LRnlhSVZqcTFYMEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBqgQCAAEwgaMDBAMl
YpADBAMl/BgDBAZNa0ADBANPY0gDBARQ8FADBAZRBYADBAdRqAADAwFSmAMEBVKj
AAMEA1WfgAMEA1kf6DAMAwQEWdUwAwQHWdUAAwQGWdXAAwMAbbADBAK5FCADBAK5
GFQDBAXCaUADBADDgIoDBAXUJkADBAXVgoADBAXVmCADBAbV0gAwCwMEBNXa0AMD
ANXaAwQE2ZCQAwQE2ZFAMBsEAgACMBUDBQAgARqQAwUAKgAMYAMFACoCIfgwDQYJ
KoZIhvcNAQELBQADggEBADw5eUzL3oFghV1RDuFhK1OK+px4Yj7t/uUycLdRWuqk
GpDBIFZrmWtP5vszocLFZLuoQBaP/WMuQaxUcgP3mLx85u8VYIN6SlsWc6vj0XhX
H+d+i1ky+VthcyzfBvJKwj0R9mAj4OmyRiqNFgVyKPS2V/PY1y17Pk786xV+DaBm
nLo6pyanVwIXLtroX0QbTuzNKrC29sRCJK+Zl1UFv13Cb9zB0bzZznHEzT1DpxJw
T9ZufSmuBp3zi1z7ud4wH+sMn1y7/nQW6NeISiGsbr5g7mkon/3BsGehBlBasdpY
5rYyMRVtYr/KnHdyMDAVL4umaiimDPR7Px1J4i04Zmw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:04 2025 by rpki-client