Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Mmgy-rQfQeIvv3HBsHzg4lmv8PA.roa
File: Mmgy-rQfQeIvv3HBsHzg4lmv8PA.roa (raw, json)
Hash identifier: c2aIYgpUZ5x7zC/6DLO8l6Hcce0HAdd4yZfLmMlpEkU=
Subject key identifier: 32:68:32:FA:B4:1F:41:E2:2F:BF:71:C1:B0:7C:E0:E2:59:AF:F0:F0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01878364ECEADD0CAFEEBE735C2B32AD92E2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Mmgy-rQfQeIvv3HBsHzg4lmv8PA.roa
Signing time: Sat 15 Apr 2023 05:30:42 +0000
ROA not before: Sat 15 Apr 2023 05:30:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
194.4.159.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
192.166.208.0/22 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
185.121.230.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
178.239.192.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:83:64:ec:ea:dd:0c:af:ee:be:73:5c:2b:32:ad:92:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 15 05:30:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=326832fab41f41e22fbf71c1b07ce0e259aff0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:24:0d:da:d0:ae:70:61:9e:43:03:b1:49:d2:
20:39:59:79:4a:42:9b:34:17:ad:de:66:d9:56:20:
a4:16:64:b8:e6:e2:56:b3:88:19:4b:fb:87:8d:51:
a2:1b:92:2a:6b:9d:82:1c:7a:4f:fd:21:04:57:8e:
a2:56:ab:fb:44:f5:17:11:29:d4:90:58:a5:56:12:
19:98:79:ca:ea:71:00:b1:8a:9f:90:af:e6:9c:f2:
a9:22:bc:01:6d:4d:72:a5:a8:38:f6:89:3c:f0:43:
98:0a:0b:d4:6b:bb:89:e4:08:4b:7f:37:82:54:72:
95:86:b2:d1:d2:77:cb:91:c4:7c:86:8c:a9:3b:84:
7c:ec:45:30:09:db:78:0b:7a:fa:65:81:0f:95:8c:
52:e6:e6:39:b7:81:aa:96:a8:69:d2:00:ae:4d:95:
14:ce:aa:d5:a6:86:67:b6:32:1f:1c:c6:5a:16:9a:
42:b9:7d:a0:59:30:b8:b3:59:99:25:43:24:d0:c5:
78:fa:f0:80:f1:b7:ff:53:d4:d8:fe:3e:38:8c:5b:
c7:54:fe:24:4a:ca:cf:fd:78:e5:9c:cd:c9:6f:a9:
98:c8:cf:41:e9:37:21:72:82:b2:a7:49:80:f2:a3:
81:95:7f:a5:ac:65:0a:7d:98:9a:2e:96:4c:d7:a6:
2f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:68:32:FA:B4:1F:41:E2:2F:BF:71:C1:B0:7C:E0:E2:59:AF:F0:F0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Mmgy-rQfQeIvv3HBsHzg4lmv8PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0/24
45.159.154.0/24
62.197.135.0/24
78.142.242.0/23
89.43.208.0/24
178.239.192.0/24
178.239.203.0/24
185.9.54.0/24
185.103.75.0/24
185.121.230.0/23
185.229.104.0/24
185.229.106.0/24
185.230.248.0/23
185.245.237.0-185.245.238.255
192.166.208.0/22
194.4.159.0/24
Signature Algorithm: sha256WithRSAEncryption
06:af:a9:08:df:d5:1b:1f:e7:1e:9c:1e:a5:92:a4:8b:de:1b:
ba:05:32:36:cb:71:e6:1d:3c:52:9c:96:e5:3d:fd:a7:7a:5d:
f1:b1:88:0d:ad:bc:5f:f7:c0:68:18:0a:15:89:28:09:e1:f7:
22:6c:6f:5c:4d:87:9f:33:0b:8e:fe:7d:a0:45:b8:20:93:62:
ec:7d:7b:86:12:3a:36:24:f9:47:f4:db:fd:6b:5b:72:22:c6:
69:0d:16:b3:4d:62:31:71:77:86:1d:a3:ef:7c:fd:f6:a9:0c:
a6:56:d0:2f:34:a7:85:cc:04:0e:90:43:cf:b8:1f:3f:10:09:
28:0c:63:c0:e2:4a:49:e0:e7:f8:99:e9:7c:63:61:c9:4e:ea:
28:db:f6:49:53:fe:8f:e5:5b:f6:2f:4f:31:c6:cc:54:bf:47:
6a:78:8e:1b:da:37:32:37:14:86:34:27:86:d3:9a:b8:b6:00:
e0:7e:60:44:c9:72:fe:70:59:b0:98:99:1d:d3:f1:c3:e5:34:
de:62:9c:60:b3:4a:da:7c:0a:00:e0:91:af:d4:b0:ca:c5:2b:
b7:db:11:dd:43:58:d8:6e:ae:c5:0c:fb:34:ac:3c:b1:3e:33:
a4:50:3c:e0:8f:5d:aa:27:f8:bd:1d:e7:53:8e:1e:0b:8a:82:
53:49:44:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYeDZOzq3Qyv7r5zXCsyrZLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE1MDUzMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY4MzJmYWI0MWY0MWUyMmZiZjcxYzFiMDdjZTBlMjU5YWZmMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SQN2tCucGGeQwOxSdIgOVl5SkKb
NBet3mbZViCkFmS45uJWs4gZS/uHjVGiG5Iqa52CHHpP/SEEV46iVqv7RPUXESnU
kFilVhIZmHnK6nEAsYqfkK/mnPKpIrwBbU1ypag49ok88EOYCgvUa7uJ5AhLfzeC
VHKVhrLR0nfLkcR8hoypO4R87EUwCdt4C3r6ZYEPlYxS5uY5t4Gqlqhp0gCuTZUU
zqrVpoZntjIfHMZaFppCuX2gWTC4s1mZJUMk0MV4+vCA8bf/U9TY/j44jFvHVP4k
SsrP/XjlnM3Jb6mYyM9B6TchcoKyp0mA8qOBlX+lrGUKfZiaLpZM16Yv+QIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDJoMvq0H0HiL79xwbB84OJZr/DwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTW1neS1yUWZRZUl2djNIQnNIemc0bG12OFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAC2fmAME
AC2fmgMEAD7FhwMEAU6O8gMEAFkr0AMEALLvwAMEALLvywMEALkJNgMEALlnSwME
Abl55gMEALnlaAMEALnlagMEAbnm+DAMAwQAufXtAwQAufXuAwQCwKbQAwQAwgSf
MA0GCSqGSIb3DQEBCwUAA4IBAQAGr6kI39UbH+cenB6lkqSL3hu6BTI2y3HmHTxS
nJblPf2nel3xsYgNrbxf98BoGAoViSgJ4fcibG9cTYefMwuO/n2gRbggk2LsfXuG
Ejo2JPlH9Nv9a1tyIsZpDRazTWIxcXeGHaPvfP32qQymVtAvNKeFzAQOkEPPuB8/
EAkoDGPA4kpJ4Of4mel8Y2HJTuoo2/ZJU/6P5Vv2L08xxsxUv0dqeI4b2jcyNxSG
NCeG05q4tgDgfmBEyXL+cFmwmJkd0/HD5TTeYpxgs0rafAoA4JGv1LDKxSu32xHd
Q1jYbq7FDPs0rDyxPjOkUDzgj12qJ/i9HedTjh4LioJTSURM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org