Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/MJsF4fAW-FSZzcHsKUk1KIL5JWw.roa
File: MJsF4fAW-FSZzcHsKUk1KIL5JWw.roa (raw, json)
Hash identifier: XsBihUJcyNGrEDdZ53lfOkciTxt/aVmW5vbKH3v29V4=
Subject key identifier: 30:9B:05:E1:F0:16:F8:54:99:CD:C1:EC:29:49:35:28:82:F9:25:6C
Certificate issuer: /CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Certificate serial: 019146C220F436C04E78282C474FAC3B724F
Authority key identifier: 6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/MJsF4fAW-FSZzcHsKUk1KIL5JWw.roa
Signing time: Mon 12 Aug 2024 13:23:33 +0000
ROA not before: Mon 12 Aug 2024 13:23:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39582
IP address blocks: 77.79.64.0/18 maxlen: 24
77.79.64.0/24 maxlen: 24
77.79.65.0/24 maxlen: 24
77.79.66.0/24 maxlen: 24
77.79.67.0/24 maxlen: 24
77.79.68.0/24 maxlen: 24
77.79.69.0/24 maxlen: 24
77.79.70.0/24 maxlen: 24
77.79.71.0/24 maxlen: 24
77.79.72.0/24 maxlen: 24
77.79.73.0/24 maxlen: 24
77.79.74.0/24 maxlen: 24
77.79.76.0/24 maxlen: 24
77.79.77.0/24 maxlen: 24
77.79.78.0/24 maxlen: 24
77.79.79.0/24 maxlen: 24
77.79.80.0/24 maxlen: 24
77.79.81.0/24 maxlen: 24
77.79.83.0/24 maxlen: 24
77.79.84.0/24 maxlen: 24
77.79.85.0/24 maxlen: 24
77.79.86.0/24 maxlen: 24
77.79.87.0/24 maxlen: 24
77.79.88.0/24 maxlen: 24
77.79.90.0/24 maxlen: 24
77.79.91.0/24 maxlen: 24
77.79.92.0/24 maxlen: 24
77.79.93.0/24 maxlen: 24
77.79.94.0/24 maxlen: 24
77.79.95.0/24 maxlen: 24
77.79.96.0/20 maxlen: 24
77.79.97.0/24 maxlen: 24
77.79.98.0/24 maxlen: 24
77.79.106.0/24 maxlen: 24
77.79.111.0/24 maxlen: 24
77.79.112.0/21 maxlen: 24
77.79.120.0/21 maxlen: 24
89.106.0.0/19 maxlen: 24
89.106.0.0/24 maxlen: 24
89.106.1.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
89.106.3.0/24 maxlen: 24
89.106.4.0/24 maxlen: 24
89.106.5.0/24 maxlen: 24
89.106.6.0/24 maxlen: 24
89.106.7.0/24 maxlen: 24
89.106.8.0/24 maxlen: 24
89.106.9.0/24 maxlen: 24
89.106.10.0/24 maxlen: 24
89.106.11.0/24 maxlen: 24
89.106.12.0/24 maxlen: 24
89.106.15.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.17.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.19.0/24 maxlen: 24
89.106.20.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
89.106.24.0/24 maxlen: 24
89.106.25.0/24 maxlen: 24
89.106.26.0/24 maxlen: 24
89.106.27.0/24 maxlen: 24
89.106.28.0/24 maxlen: 24
89.106.29.0/24 maxlen: 24
89.106.30.0/24 maxlen: 24
89.106.31.0/24 maxlen: 24
2a02:4300::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:c2:20:f4:36:c0:4e:78:28:2c:47:4f:ac:3b:72:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b85894a84baa0eca0e6ef44a992fc2ba00f5277
Validity
Not Before: Aug 12 13:23:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309b05e1f016f85499cdc1ec2949352882f9256c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9c:5c:68:73:10:9d:52:e8:68:ce:7a:36:df:
46:b8:f7:61:f1:d5:13:45:62:8b:b0:7d:63:7a:42:
d5:53:20:d8:68:b1:84:d4:b6:41:79:a4:a6:fe:4f:
1a:2f:5a:8f:3e:3e:96:ed:6a:52:ff:0b:97:82:0b:
b9:51:68:a7:9a:94:7c:66:fd:99:90:d3:34:23:c5:
ee:25:c7:85:0e:0d:c0:83:3f:c3:13:61:8c:6b:fd:
06:6d:ec:fd:5d:40:19:02:3e:48:61:69:9f:dd:57:
82:d4:09:e5:7b:33:15:f1:b2:53:6c:2a:11:d4:60:
6c:c6:af:21:61:6e:cd:74:16:3b:a0:7f:84:bb:83:
ed:46:94:35:f5:0c:82:c4:3a:37:39:1f:aa:9b:f7:
fa:24:50:04:b9:f8:de:2c:3c:6d:ef:76:0e:6c:35:
e5:56:e4:f8:26:63:9f:e4:08:7b:ed:af:99:cb:ee:
46:4e:d4:3c:6e:28:54:a5:68:5e:fa:cc:5d:e3:53:
32:f4:d8:aa:10:17:71:96:13:5d:5f:b7:fc:37:75:
59:6a:46:2a:54:23:28:ae:09:f5:a4:0c:67:a6:83:
d1:7a:9d:26:35:8f:35:02:ec:33:d7:ea:fe:d1:bd:
35:22:db:ef:80:23:d4:a8:ee:66:5b:9e:9e:b8:60:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9B:05:E1:F0:16:F8:54:99:CD:C1:EC:29:49:35:28:82:F9:25:6C
X509v3 Authority Key Identifier:
keyid:6B:85:89:4A:84:BA:A0:EC:A0:E6:EF:44:A9:92:FC:2B:A0:0F:52:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4WJSoS6oOyg5u9EqZL8K6APUnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/MJsF4fAW-FSZzcHsKUk1KIL5JWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f5c020-e1d7-4fe9-83c0-a3be63b8572f/1/a4WJSoS6oOyg5u9EqZL8K6APUnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.64.0/18
89.106.0.0/19
IPv6:
2a02:4300::/32
Signature Algorithm: sha256WithRSAEncryption
25:78:30:b2:8d:66:7f:15:89:1e:00:06:aa:17:94:97:4f:0f:
40:d0:30:12:41:77:6e:ab:92:63:51:32:d7:4f:e5:76:cd:35:
1a:28:66:fe:7b:67:61:56:5e:74:71:aa:17:ba:eb:c1:7a:06:
3e:c3:d1:d9:14:59:f3:63:70:ff:28:07:5a:34:d3:48:82:87:
6c:b3:13:ed:94:3d:71:52:f2:0d:9c:d5:ce:0d:e5:08:be:84:
91:47:b6:74:40:2a:6d:5c:4b:0b:7e:88:b2:f2:6a:c2:18:c9:
b3:55:d9:aa:d2:d4:9a:38:01:d9:55:0a:f1:a5:e4:9c:36:fe:
c8:4c:9f:36:fa:9b:6e:f2:85:1c:92:d3:55:47:10:c8:eb:eb:
1d:cd:90:3a:64:4f:9b:18:5f:dd:75:08:1d:1e:41:f7:ce:40:
b0:d1:a0:98:e9:9c:3a:4a:97:10:db:2e:46:29:92:79:b9:a8:
4c:0a:24:81:31:2e:1c:82:0f:64:5f:93:ea:92:ab:d2:e5:ae:
17:6d:a6:c2:36:d6:b6:49:7e:da:6d:af:ea:b2:d6:38:3a:f1:
6d:64:71:b6:0c:8f:c6:63:39:8e:ca:3f:5a:a0:8f:8f:89:31:
0a:be:18:37:6e:bf:d6:d7:84:ff:a9:d8:88:ee:9e:6d:5d:89:
ca:39:ce:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFGwiD0NsBOeCgsR0+sO3JPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODU4OTRhODRiYWEwZWNhMGU2ZWY0NGE5OTJmYzJiYTAw
ZjUyNzcwHhcNMjQwODEyMTMyMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDliMDVlMWYwMTZmODU0OTljZGMxZWMyOTQ5MzUyODgyZjkyNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5xcaHMQnVLoaM56Nt9GuPdh8dUT
RWKLsH1jekLVUyDYaLGE1LZBeaSm/k8aL1qPPj6W7WpS/wuXggu5UWinmpR8Zv2Z
kNM0I8XuJceFDg3Agz/DE2GMa/0Gbez9XUAZAj5IYWmf3VeC1AnlezMV8bJTbCoR
1GBsxq8hYW7NdBY7oH+Eu4PtRpQ19QyCxDo3OR+qm/f6JFAEufjeLDxt73YObDXl
VuT4JmOf5Ah77a+Zy+5GTtQ8bihUpWhe+sxd41My9NiqEBdxlhNdX7f8N3VZakYq
VCMorgn1pAxnpoPRep0mNY81Auwz1+r+0b01ItvvgCPUqO5mW56euGCKjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDCbBeHwFvhUmc3B7ClJNSiC+SVsMB8GA1UdIwQY
MBaAFGuFiUqEuqDsoObvRKmS/CugD1J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAt
YTNiZTYzYjg1NzJmLzEvTUpzRjRmQVctRlNaemNIc0tVazFLSUw1Sld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mNWMwMjAtZTFkNy00ZmU5LTgzYzAtYTNiZTYzYjg1NzJm
LzEvYTRXSlNvUzZvT3lnNXU5RXFaTDhLNkFQVW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGTU9AAwQF
WWoAMA0EAgACMAcDBQAqAkMAMA0GCSqGSIb3DQEBCwUAA4IBAQAleDCyjWZ/FYke
AAaqF5SXTw9A0DASQXduq5JjUTLXT+V2zTUaKGb+e2dhVl50caoXuuvBegY+w9HZ
FFnzY3D/KAdaNNNIgodssxPtlD1xUvINnNXODeUIvoSRR7Z0QCptXEsLfoiy8mrC
GMmzVdmq0tSaOAHZVQrxpeScNv7ITJ82+ptu8oUcktNVRxDI6+sdzZA6ZE+bGF/d
dQgdHkH3zkCw0aCY6Zw6SpcQ2y5GKZJ5uahMCiSBMS4cgg9kX5PqkqvS5a4XbabC
Nta2SX7aba/qstY4OvFtZHG2DI/GYzmOyj9aoI+PiTEKvhg3br/W14T/qdiI7p5t
XYnKOc58
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:17:34 2024 by rpki-client on console-ams.rpki-client.org