Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MpSkNKer4tAJEzbnWtK4NAzIPpE.roa
File: MpSkNKer4tAJEzbnWtK4NAzIPpE.roa (raw, json)
Hash identifier: at7lKhy5loYkCTvcH1QsYvEGJ13KvJbzWOGOlpUvNDk=
Subject key identifier: 32:94:A4:34:A7:AB:E2:D0:09:13:36:E7:5A:D2:B8:34:0C:C8:3E:91
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 3847178E
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MpSkNKer4tAJEzbnWtK4NAzIPpE.roa
Signing time: Mon 09 May 2022 07:48:14 +0000
ROA not before: Mon 09 May 2022 07:48:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56582
IP address blocks: 185.33.61.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.91.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
31.169.64.0/24 maxlen: 24
2a00:5740::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944183182 (0x3847178e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: May 9 07:48:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3294a434a7abe2d0091336e75ad2b8340cc83e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a3:5b:1b:1a:d4:f2:09:1d:96:16:0c:46:94:
26:59:ab:d1:f6:31:d2:cf:34:09:fb:f5:86:95:9c:
bc:0b:ce:8c:8d:7c:87:ee:2e:a2:fb:e4:f0:83:4a:
2e:4e:76:2e:b5:c4:59:34:c4:77:ca:7c:16:8c:cb:
91:c1:14:29:c2:a9:fb:01:e4:0a:cf:77:54:6a:f1:
1f:66:65:7c:a1:24:55:d2:b7:29:7c:97:0e:cf:bc:
f5:3c:67:10:f3:6c:0b:37:eb:54:64:e2:5b:e3:85:
15:ee:b8:15:6e:63:5c:c9:dc:41:64:8b:db:27:82:
1a:1c:15:73:d2:18:61:58:e5:05:47:d3:a6:3b:c0:
70:24:1a:fb:aa:c5:1b:f0:1c:3e:d0:35:97:32:5d:
9c:32:80:26:ff:e3:0b:ba:9c:e1:54:b7:8d:d8:48:
5d:05:27:aa:97:16:6e:20:c3:d5:c9:d8:58:54:a5:
9f:9c:27:37:91:c5:e4:fe:59:ca:c2:dc:d9:0a:3a:
57:9b:cf:e3:f7:9b:84:cc:d6:a9:8f:4a:42:2a:4d:
85:05:aa:11:9e:5f:b6:e3:71:63:b7:b7:7d:bf:a6:
43:70:6d:c8:bd:df:b0:ba:db:1b:17:ab:f2:6f:7b:
a9:e5:dd:d2:eb:c8:f4:f2:d9:23:f4:7f:e2:63:92:
80:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:94:A4:34:A7:AB:E2:D0:09:13:36:E7:5A:D2:B8:34:0C:C8:3E:91
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MpSkNKer4tAJEzbnWtK4NAzIPpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0/24
31.169.88.0/24
31.169.90.0-31.169.95.255
185.33.61.0/24
185.33.63.0/24
IPv6:
2a00:5740::/32
Signature Algorithm: sha256WithRSAEncryption
18:08:19:c1:4a:4e:00:ae:45:83:d1:c6:bf:ad:cc:69:88:12:
8e:c2:0a:93:58:c0:bb:1a:76:62:7f:41:44:66:1a:d0:30:8f:
57:9f:b3:43:e6:c5:31:dc:d2:f5:9c:dd:36:73:3a:59:2f:f3:
31:12:6b:64:a1:18:70:03:ea:93:c5:58:65:ca:88:b4:dd:71:
c1:29:e9:66:83:2b:f2:26:0e:75:d2:45:5a:39:69:a8:f7:4d:
c1:b2:24:8e:ed:07:49:14:9a:43:e5:39:2c:14:4a:81:4a:71:
a0:a3:97:65:7f:8e:ab:b2:f0:59:55:57:76:56:37:89:7f:26:
97:00:5f:4f:95:9f:56:8c:4b:05:8e:8c:d1:e0:60:ca:c7:44:
63:49:b4:05:92:5a:1b:d4:58:f5:5f:0f:ff:2c:8d:23:92:e9:
bc:db:e1:72:a3:5a:6b:47:54:0e:d5:83:8c:59:49:27:c5:ce:
20:72:a6:39:cb:24:73:d9:d2:13:f4:64:48:17:4a:60:71:fd:
6c:be:59:e5:0b:d7:df:56:2e:60:21:ad:36:be:f5:18:7f:58:
10:59:10:51:fd:61:70:c0:af:5b:56:14:23:b4:8b:7e:b8:26:
01:8e:39:f0:08:00:8f:8b:e0:2a:6f:14:a8:20:fe:25:07:69:
57:e8:b9:49
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIEOEcXjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDY5ZGE0NGFlMDY3ZmMxYTk4YTVmNmYwNWYxMmU1NDVkMGZjNjJhMB4XDTIyMDUw
OTA3NDgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI5NGE0MzRhN2Fi
ZTJkMDA5MTMzNmU3NWFkMmI4MzQwY2M4M2U5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALujWxsa1PIJHZYWDEaUJlmr0fYx0s80Cfv1hpWcvAvOjI18
h+4uovvk8INKLk52LrXEWTTEd8p8FozLkcEUKcKp+wHkCs93VGrxH2ZlfKEkVdK3
KXyXDs+89TxnEPNsCzfrVGTiW+OFFe64FW5jXMncQWSL2yeCGhwVc9IYYVjlBUfT
pjvAcCQa+6rFG/AcPtA1lzJdnDKAJv/jC7qc4VS3jdhIXQUnqpcWbiDD1cnYWFSl
n5wnN5HF5P5ZysLc2Qo6V5vP4/ebhMzWqY9KQipNhQWqEZ5ftuNxY7e3fb+mQ3Bt
yL3fsLrbGxer8m97qeXd0uvI9PLZI/R/4mOSgDcCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBQylKQ0p6vi0AkTNuda0rg0DMg+kTAfBgNVHSMEGDAWgBRtadpErgZ/wamK
X28F8S5UXQ/GKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JXbmFSSzRHZjhHcGlsOXZCZkV1VkYwUHhpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8x
L01wU2tOS2VyNHRBSkV6Ym5XdEs0TkF6SVBwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YjFhODJhLTQ5MGYtNDNmYi05ODZlLTI2MTcwZGE0YTBiMS8xL2JXbmFSSzRHZjhH
cGlsOXZCZkV1VkYwUHhpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEAh+pQDAMAwQAH6lFAwQAH6lIAwQA
H6lKMAwDBAIfqUwDBAAfqU4DBAAfqVEDBAAfqVgwDAMEAR+pWgMEBR+pQAMEALkh
PQMEALkhPzANBAIAAjAHAwUAKgBXQDANBgkqhkiG9w0BAQsFAAOCAQEAGAgZwUpO
AK5Fg9HGv63MaYgSjsIKk1jAuxp2Yn9BRGYa0DCPV5+zQ+bFMdzS9ZzdNnM6WS/z
MRJrZKEYcAPqk8VYZcqItN1xwSnpZoMr8iYOddJFWjlpqPdNwbIkju0HSRSaQ+U5
LBRKgUpxoKOXZX+Oq7LwWVVXdlY3iX8mlwBfT5WfVoxLBY6M0eBgysdEY0m0BZJa
G9RY9V8P/yyNI5LpvNvhcqNaa0dUDtWDjFlJJ8XOIHKmOcskc9nSE/RkSBdKYHH9
bL5Z5QvX31YuYCGtNr71GH9YEFkQUf1hcMCvW1YUI7SLfrgmAY458AgAj4vgKm8U
qCD+JQdpV+i5SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org