Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MLzyq1OKNY9ksKMExHZ8aBXUbyE.roa
File: MLzyq1OKNY9ksKMExHZ8aBXUbyE.roa (raw, json)
Hash identifier: gBsJ9/7IHmY0Pbcz1OTAlabsIJ5dNybYIN6nXBfE2qA=
Subject key identifier: 30:BC:F2:AB:53:8A:35:8F:64:B0:A3:04:C4:76:7C:68:15:D4:6F:21
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0185123D1E22CBD7973B19C9E14C98D4EE99
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MLzyq1OKNY9ksKMExHZ8aBXUbyE.roa
Signing time: Wed 14 Dec 2022 20:04:33 +0000
ROA not before: Wed 14 Dec 2022 20:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56630
IP address blocks: 45.141.8.0/22 maxlen: 24
185.224.248.0/22 maxlen: 24
185.6.12.0/23 maxlen: 24
185.6.14.0/23 maxlen: 24
45.150.232.0/22 maxlen: 24
195.238.124.0/22 maxlen: 24
185.140.209.0/24 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.66.0/24 maxlen: 24
185.131.65.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
88.218.240.0/22 maxlen: 24
217.30.8.0/22 maxlen: 24
194.59.46.0/24 maxlen: 24
185.140.12.0/22 maxlen: 24
194.59.59.0/24 maxlen: 24
194.59.155.0/24 maxlen: 24
91.201.64.0/22 maxlen: 24
194.59.142.0/24 maxlen: 24
213.183.36.0/24 maxlen: 24
213.183.38.0/24 maxlen: 24
213.183.37.0/24 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.32.0/24 maxlen: 24
5.182.228.0/22 maxlen: 24
213.183.39.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.40.0/24 maxlen: 24
213.183.43.0/24 maxlen: 24
213.183.42.0/24 maxlen: 24
213.183.44.0/24 maxlen: 24
213.183.50.0/24 maxlen: 24
213.183.49.0/24 maxlen: 24
88.210.38.0/24 maxlen: 24
213.183.51.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.46.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.47.0/24 maxlen: 24
213.183.52.0/24 maxlen: 24
88.210.39.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.58.0/24 maxlen: 24
77.72.16.0/23 maxlen: 24
213.183.59.0/24 maxlen: 24
213.183.60.0/24 maxlen: 24
213.183.62.0/24 maxlen: 24
213.183.61.0/24 maxlen: 24
77.72.18.0/23 maxlen: 24
77.72.20.0/23 maxlen: 24
77.72.22.0/23 maxlen: 24
213.183.63.0/24 maxlen: 24
92.119.88.0/22 maxlen: 24
91.192.83.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
91.192.80.0/24 maxlen: 24
5.188.172.0/24 maxlen: 24
5.188.173.0/24 maxlen: 24
5.188.180.0/22 maxlen: 24
185.246.152.0/24 maxlen: 24
185.246.153.0/24 maxlen: 24
185.246.155.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
45.135.120.0/22 maxlen: 24
31.40.216.0/22 maxlen: 24
213.226.68.0/22 maxlen: 24
93.189.58.0/24 maxlen: 24
185.135.84.0/22 maxlen: 24
93.189.57.0/24 maxlen: 24
93.189.56.0/24 maxlen: 24
93.189.61.0/24 maxlen: 24
93.189.60.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
93.189.62.0/24 maxlen: 24
2a06:f906::/36 maxlen: 36
2a06:f903::/36 maxlen: 36
2a06:f905::/36 maxlen: 36
2a06:f900::/36 maxlen: 36
2a06:f900:4000::/36 maxlen: 36
2a06:f902::/36 maxlen: 36
2a06:f904::/36 maxlen: 36
2a06:f907::/36 maxlen: 36
2a06:f907:4000::/36 maxlen: 36
2a06:f901::/36 maxlen: 36
2a0d:8400::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:12:3d:1e:22:cb:d7:97:3b:19:c9:e1:4c:98:d4:ee:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Dec 14 20:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30bcf2ab538a358f64b0a304c4767c6815d46f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fe:b4:ed:54:b4:61:74:68:d2:57:95:e3:c5:
fa:e6:bc:72:fe:82:c6:7a:31:c9:7b:b0:23:60:e0:
34:f1:7e:2f:98:9a:5e:e6:e4:c3:fd:ad:92:f5:bd:
56:0a:f6:a6:05:3a:d1:70:a3:31:76:af:0e:8d:a9:
09:17:50:a5:65:1d:a5:a8:b6:10:a4:09:e1:70:9e:
be:ca:9c:bc:de:f1:b7:fb:1a:24:69:41:79:11:48:
d4:24:f3:da:0d:3f:2b:ef:13:48:66:e0:8b:0e:5b:
dd:d4:9d:11:02:fe:87:98:da:92:2e:88:4a:24:fd:
ca:12:43:f6:22:ae:84:ef:14:f7:a2:0d:76:38:b4:
24:90:51:6f:9d:52:aa:21:94:9c:50:d6:6c:88:f8:
2a:7c:e1:c3:b4:ba:8c:d8:c3:13:3c:a8:69:c9:e5:
83:60:c4:55:50:7f:96:5f:0c:9f:11:94:11:bd:da:
b5:36:ea:91:4c:e4:d3:b7:08:7a:b2:a0:27:a7:74:
1b:ee:62:85:40:da:9e:fd:16:77:4b:59:39:54:4b:
c7:f8:f1:aa:82:e9:e8:2f:89:3e:56:d3:9a:ad:96:
4c:de:3d:be:9c:aa:e4:d6:97:69:70:9a:7c:da:fd:
41:ea:db:3d:7e:d6:5b:42:a6:41:a9:ff:a7:1b:b1:
3d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BC:F2:AB:53:8A:35:8F:64:B0:A3:04:C4:76:7C:68:15:D4:6F:21
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MLzyq1OKNY9ksKMExHZ8aBXUbyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.228.0/22
5.188.172.0/23
5.188.180.0/22
31.40.216.0/22
45.135.120.0/22
45.141.8.0/22
45.150.232.0/22
77.72.16.0/21
88.210.38.0/23
88.218.240.0/22
91.192.80.0/23
91.192.83.0/24
91.201.64.0/22
92.119.88.0/22
93.189.56.0-93.189.58.255
93.189.60.0/22
185.6.12.0/22
185.131.64.0/22
185.135.84.0/22
185.140.12.0/22
185.140.209.0/24
185.224.248.0/22
185.246.152.0/22
194.59.46.0/24
194.59.59.0/24
194.59.142.0/24
194.59.155.0/24
195.238.124.0/22
213.183.32.0/23
213.183.36.0-213.183.63.255
213.226.68.0/22
217.30.8.0/22
IPv6:
2a06:f900::/36
2a06:f900:4000::/36
2a06:f901::/36
2a06:f902::/36
2a06:f903::/36
2a06:f904::/36
2a06:f905::/36
2a06:f906::/36
2a06:f907::/36
2a06:f907:4000::/36
2a0d:8400::/32
Signature Algorithm: sha256WithRSAEncryption
16:ba:11:da:c7:fc:e5:64:db:57:3d:fb:20:51:25:85:ed:67:
b8:c2:fd:b0:58:e4:fd:d7:86:c3:bf:5f:67:23:a5:fb:3c:c1:
12:5e:ea:1d:ad:c0:77:38:79:32:e8:61:af:07:e5:b6:90:c1:
d0:69:77:43:8a:d5:60:6b:9a:35:ec:74:a4:ec:8d:dc:8b:d3:
29:99:9f:4d:b8:d4:7f:4f:47:ab:ea:e8:0b:ee:c9:fd:ca:ed:
6a:4f:2f:66:59:cf:85:0c:eb:10:0f:48:14:f1:78:c5:76:83:
46:fb:ee:5b:2a:f8:37:a1:e1:64:0a:4f:b5:f2:60:a9:7f:8c:
69:c6:2c:c1:57:69:39:a1:64:c5:6a:f5:a8:a3:42:d1:fb:ef:
4b:71:f6:ff:be:a0:bc:4e:c0:3d:a8:9e:e0:8c:f8:b3:cf:76:
1f:54:2c:4d:8a:d0:5b:2f:9b:a4:12:66:f4:f7:f2:d9:f2:39:
98:11:19:05:2b:61:be:49:98:b9:9b:b2:8b:50:ad:81:2c:0d:
5d:93:7e:b0:18:1e:7f:64:8b:39:2d:19:05:01:12:95:c7:ad:
51:94:3f:9e:af:f2:d7:b0:8e:2b:0b:54:65:9a:90:af:36:82:
1e:5d:be:bb:72:5d:9e:dd:05:5d:63:5a:5a:5f:8d:40:37:5f:
e0:a2:0c:60
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAYUSPR4iy9eXOxnJ4UyY1O6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjIxMjE0MjAwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGJjZjJhYjUzOGEzNThmNjRiMGEzMDRjNDc2N2M2ODE1ZDQ2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv607VS0YXRo0leV48X65rxy/oLG
ejHJe7AjYOA08X4vmJpe5uTD/a2S9b1WCvamBTrRcKMxdq8OjakJF1ClZR2lqLYQ
pAnhcJ6+ypy83vG3+xokaUF5EUjUJPPaDT8r7xNIZuCLDlvd1J0RAv6HmNqSLohK
JP3KEkP2Iq6E7xT3og12OLQkkFFvnVKqIZScUNZsiPgqfOHDtLqM2MMTPKhpyeWD
YMRVUH+WXwyfEZQRvdq1NuqRTOTTtwh6sqAnp3Qb7mKFQNqe/RZ3S1k5VEvH+PGq
gunoL4k+VtOarZZM3j2+nKrk1pdpcJp82v1B6ts9ftZbQqZBqf+nG7E9+QIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFDC88qtTijWPZLCjBMR2fGgV1G8hMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvTUx6eXExT0tOWTlrc0tNRXhIWjhhQlhVYnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCB1wQCAAEwgdAD
BAIFtuQDBAEFvKwDBAIFvLQDBAIfKNgDBAIth3gDBAItjQgDBAItlugDBANNSBAD
BAFY0iYDBAJY2vADBAFbwFADBABbwFMDBAJbyUADBAJcd1gwDAMEA129OAMEAF29
OgMEAl29PAMEArkGDAMEArmDQAMEArmHVAMEArmMDAMEALmM0QMEArng+AMEArn2
mAMEAMI7LgMEAMI7OwMEAMI7jgMEAMI7mwMEAsPufAMEAdW3IDAMAwQC1bckAwQG
1bcAAwQC1eJEAwQC2R4IMF0EAgACMFcDBgQqBvkAAAMGBCoG+QBAAwYEKgb5AQAD
BgQqBvkCAAMGBCoG+QMAAwYEKgb5BAADBgQqBvkFAAMGBCoG+QYAAwYEKgb5BwAD
BgQqBvkHQAMFACoNhAAwDQYJKoZIhvcNAQELBQADggEBABa6EdrH/OVk21c9+yBR
JYXtZ7jC/bBY5P3XhsO/X2cjpfs8wRJe6h2twHc4eTLoYa8H5baQwdBpd0OK1WBr
mjXsdKTsjdyL0ymZn0241H9PR6vq6Avuyf3K7WpPL2ZZz4UM6xAPSBTxeMV2g0b7
7lsq+Deh4WQKT7XyYKl/jGnGLMFXaTmhZMVq9aijQtH770tx9v++oLxOwD2onuCM
+LPPdh9ULE2K0Fsvm6QSZvT38tnyOZgRGQUrYb5JmLmbsotQrYEsDV2TfrAYHn9k
izktGQUBEpXHrVGUP56v8tewjisLVGWakK82gh5dvrtyXZ7dBV1jWlpfjUA3X+Ci
DGA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org