Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/MWEapfopBrooZSm9FGmKi0GGvHU.roa
File: MWEapfopBrooZSm9FGmKi0GGvHU.roa (raw, json)
Hash identifier: fQET01Tlw3j9GKO0nZ4+0QERynpIV0WuzYDQlb2OJkM=
Subject key identifier: 31:61:1A:A5:FA:29:06:BA:28:65:29:BD:14:69:8A:8B:41:86:BC:75
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29E7513D
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/MWEapfopBrooZSm9FGmKi0GGvHU.roa
Signing time: Sat 01 Jan 2022 13:54:20 +0000
ROA not before: Sat 01 Jan 2022 13:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 93.179.64.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.68.0/24 maxlen: 24
93.179.67.0/24 maxlen: 24
79.133.98.0/23 maxlen: 23
79.133.98.0/24 maxlen: 24
79.133.106.0/24 maxlen: 24
2a02:d0c0::/32 maxlen: 32
2a02:ec40::/29 maxlen: 29
2a02:ec40::/32 maxlen: 32
2a02:d0c1::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703025469 (0x29e7513d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31611aa5fa2906ba286529bd14698a8b4186bc75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:b1:02:6f:2c:2e:1e:04:23:be:05:d4:08:
47:cc:66:fc:61:22:ce:fb:7b:9c:7f:07:13:38:b5:
5d:bb:8d:f4:5b:57:fa:42:97:01:f6:5c:61:80:09:
1f:ca:9a:f0:a6:0c:c9:55:9d:fa:63:27:0a:7e:a6:
ec:ba:ac:9a:6e:20:11:e8:13:91:3c:56:00:1c:10:
f2:bc:ee:a2:c4:03:0f:1b:ce:0b:37:0f:47:41:33:
db:11:14:af:b1:c7:3f:ec:ce:2d:cf:75:61:bf:03:
dd:86:3f:53:2b:e9:aa:60:70:ba:ea:e1:f7:08:84:
79:c7:a1:1a:49:d7:30:ed:cd:90:ae:9f:4a:33:41:
f8:a5:ed:d2:18:a3:09:19:0b:c3:fd:96:24:30:5b:
80:e1:d5:11:26:45:69:ac:20:77:ed:03:54:20:27:
0e:45:01:b2:02:a9:d3:eb:2a:97:ee:fa:a9:95:20:
4c:fa:70:1d:db:02:fb:ef:e0:32:d4:61:1b:0b:05:
df:da:72:cd:af:a6:03:00:69:a7:dd:49:af:36:4d:
14:df:8d:f2:63:8c:36:29:0b:93:6c:25:6c:3d:b9:
28:50:c3:8a:71:ee:96:3b:3b:ac:c4:d4:3a:d1:dd:
0f:2a:01:28:b4:0e:bd:e1:8e:a0:85:ac:f9:e5:c5:
e3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:61:1A:A5:FA:29:06:BA:28:65:29:BD:14:69:8A:8B:41:86:BC:75
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/MWEapfopBrooZSm9FGmKi0GGvHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/23
79.133.106.0/24
93.179.64.0/23
93.179.67.0-93.179.69.255
IPv6:
2a02:d0c0::/31
2a02:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
8c:b1:6f:89:9e:ef:d8:7b:f0:eb:84:95:90:53:f1:43:11:f3:
a9:cf:29:7b:5a:25:b9:38:69:c2:f9:30:2e:56:e6:ed:ca:a1:
20:11:3b:67:de:56:01:4a:03:d3:de:e1:87:75:33:66:86:46:
d3:c0:01:bc:65:03:89:8b:53:98:65:af:22:21:0f:12:bb:53:
2b:ab:e6:0d:62:09:72:7f:be:22:fa:e6:fb:99:82:d6:9a:73:
4f:6d:1d:63:31:46:79:d3:8b:3d:ff:76:e4:18:00:88:1e:1d:
03:5f:14:8a:91:fa:d6:d8:2f:8c:08:28:1a:40:86:86:68:82:
a7:f7:33:5b:f6:80:4f:3b:ea:ae:26:13:5c:c1:44:98:bf:a7:
f6:20:2d:94:5f:a9:c0:8c:0c:0b:33:cf:03:0c:ba:08:07:5a:
75:d4:12:d7:28:dd:4b:13:f6:b4:a3:49:6a:23:e5:02:b6:2f:
54:e6:04:b8:38:33:09:d7:2b:f2:63:5f:f7:92:d6:96:b9:3e:
cb:e1:e6:17:da:9f:47:8f:b9:0f:4a:1c:09:ae:db:61:84:55:
5a:f4:93:cd:0c:cc:40:ce:b8:7c:c4:b6:f5:69:23:ba:fb:e0:
b7:71:b9:d4:b2:ba:6e:18:d3:be:68:91:80:a6:c5:60:e3:7e:
79:6e:03:65
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEKedRPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE2MTFhYTVmYTI5
MDZiYTI4NjUyOWJkMTQ2OThhOGI0MTg2YmM3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMwsQJvLC4eBCO+BdQIR8xm/GEizvt7nH8HEzi1XbuN9FtX
+kKXAfZcYYAJH8qa8KYMyVWd+mMnCn6m7Lqsmm4gEegTkTxWABwQ8rzuosQDDxvO
CzcPR0Ez2xEUr7HHP+zOLc91Yb8D3YY/UyvpqmBwuurh9wiEecehGknXMO3NkK6f
SjNB+KXt0hijCRkLw/2WJDBbgOHVESZFaawgd+0DVCAnDkUBsgKp0+sql+76qZUg
TPpwHdsC++/gMtRhGwsF39pyza+mAwBpp91JrzZNFN+N8mOMNikLk2wlbD25KFDD
inHuljs7rMTUOtHdDyoBKLQOveGOoIWs+eXF49MCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQxYRql+ikGuihlKb0UaYqLQYa8dTAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L01XRWFwZm9wQnJvb1pTbTlGR21LaTBHR3ZIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJgQCAAEwIAMEAU+FYgMEAE+FagMEAV2zQDAMAwQA
XbNDAwQBXbNEMBQEAgACMA4DBQEqAtDAAwUDKgLsQDANBgkqhkiG9w0BAQsFAAOC
AQEAjLFviZ7v2Hvw64SVkFPxQxHzqc8pe1oluThpwvkwLlbm7cqhIBE7Z95WAUoD
097hh3UzZoZG08ABvGUDiYtTmGWvIiEPErtTK6vmDWIJcn++Ivrm+5mC1ppzT20d
YzFGedOLPf925BgAiB4dA18UipH61tgvjAgoGkCGhmiCp/czW/aATzvqriYTXMFE
mL+n9iAtlF+pwIwMCzPPAwy6CAdaddQS1yjdSxP2tKNJaiPlArYvVOYEuDgzCdcr
8mNf95LWlrk+y+HmF9qfR4+5D0ocCa7bYYRVWvSTzQzMQM64fMS29Wkjuvvgt3G5
1LK6bhjTvmiRgKbFYON+eW4DZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org