Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/3ciZcOyOh2reEgb6IrVLT0QCVwA.roa
File: 3ciZcOyOh2reEgb6IrVLT0QCVwA.roa (raw, json)
Hash identifier: FICM9dSrLB8abhnq6wERgfaGUPPVmDtUyN8voNVP8cI=
Subject key identifier: DD:C8:99:70:EC:8E:87:6A:DE:12:06:FA:22:B5:4B:4F:44:02:57:00
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0181D2DD5162A397E67AC52A06D508137529
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/3ciZcOyOh2reEgb6IrVLT0QCVwA.roa
Signing time: Wed 06 Jul 2022 09:35:28 +0000
ROA not before: Wed 06 Jul 2022 09:35:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.88.0/21 maxlen: 21
194.97.160.0/19 maxlen: 19
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/19 maxlen: 19
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/21 maxlen: 21
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
62.104.184.0/22 maxlen: 22
62.104.188.0/23 maxlen: 23
62.104.130.0/23 maxlen: 23
62.104.132.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
62.104.136.0/21 maxlen: 21
62.104.144.0/22 maxlen: 22
62.104.156.0/22 maxlen: 22
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d2:dd:51:62:a3:97:e6:7a:c5:2a:06:d5:08:13:75:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jul 6 09:35:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddc89970ec8e876ade1206fa22b54b4f44025700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a1:b9:58:8e:e5:27:64:60:5b:09:1a:8c:05:
2b:ac:27:9b:f9:9b:22:2d:93:d0:fb:d9:ad:b7:05:
66:ce:11:24:55:5e:32:8c:fe:0c:df:4d:1a:4a:42:
20:35:0a:62:2a:37:49:db:bb:5d:75:2a:95:50:1e:
58:20:7c:b4:79:4d:72:b1:47:db:10:43:b2:1c:a7:
68:35:87:44:d6:8b:40:86:15:b8:86:eb:a6:1a:3e:
42:ab:23:7c:45:b7:70:71:39:db:73:9c:09:d0:29:
90:fb:18:85:7c:69:dd:53:c5:fa:b4:99:8d:a2:49:
b9:af:1b:3c:03:d5:f6:d2:70:15:84:0e:f7:17:82:
6e:58:d0:5a:5a:60:3f:88:76:a7:69:af:49:d2:c6:
e9:f4:5e:5c:15:e3:48:d5:92:ce:f2:f8:06:d4:09:
3b:b3:a9:96:8a:e2:68:87:a5:ff:a3:20:39:81:a2:
67:55:9d:bb:4b:dc:02:70:0f:3f:bb:0e:48:e0:a5:
f2:56:59:0b:15:7f:ce:05:b9:8c:59:da:1e:f9:07:
ea:1c:65:a6:7c:9f:1c:b8:8f:5b:42:a4:3c:6e:9b:
c8:75:dc:42:6a:dc:c6:d6:cb:95:b4:15:f6:55:a7:
b4:d8:6f:70:70:10:8b:9c:45:ef:f7:bf:9c:3e:c5:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:99:70:EC:8E:87:6A:DE:12:06:FA:22:B5:4B:4F:44:02:57:00
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/3ciZcOyOh2reEgb6IrVLT0QCVwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
03:0c:7c:f1:a5:18:98:13:5a:91:7f:26:2f:7d:7a:b2:c7:5a:
5a:9c:c7:d4:33:12:b3:a6:55:2b:b1:c9:75:ed:52:8e:3a:6d:
24:0e:5d:51:4c:4a:0a:47:57:08:48:0a:d2:a5:8d:02:3e:13:
80:2b:a5:2a:aa:47:5a:39:82:20:b8:fb:d9:15:77:ee:29:9c:
cb:f7:03:c8:f6:b0:c2:5d:a7:01:e7:32:36:8d:a3:45:b3:b7:
04:dc:c1:20:9b:77:c4:d7:7b:15:c0:94:66:7b:0d:74:d1:fd:
ec:7f:af:f7:fa:90:35:7f:1c:ee:90:65:03:79:12:f7:04:77:
70:a4:32:1d:66:eb:09:85:de:fd:ac:67:6d:1a:16:c1:f9:7f:
26:c7:81:91:b7:2f:87:6a:f4:55:2e:89:ce:9e:22:f8:91:36:
b1:6a:d2:16:f2:56:81:ef:ff:ae:77:0c:2c:5f:b0:b0:ba:ae:
93:e9:9c:91:76:ab:eb:64:e6:6e:d3:44:1c:8f:b1:25:a2:4a:
10:6c:52:f0:f9:86:fd:28:2b:ef:71:c5:d0:15:02:1f:45:f7:
f5:84:71:e8:62:9c:a2:56:66:6e:20:d4:ec:28:19:ef:a6:fa:
8f:2c:3a:6a:91:02:0d:ee:6d:0b:a8:93:35:46:e8:9e:a3:fb:
87:a2:86:54
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYHS3VFio5fmesUqBtUIE3UpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjIwNzA2MDkzNTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM4OTk3MGVjOGU4NzZhZGUxMjA2ZmEyMmI1NGI0ZjQ0MDI1NzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqG5WI7lJ2RgWwkajAUrrCeb+Zsi
LZPQ+9mttwVmzhEkVV4yjP4M300aSkIgNQpiKjdJ27tddSqVUB5YIHy0eU1ysUfb
EEOyHKdoNYdE1otAhhW4huumGj5CqyN8RbdwcTnbc5wJ0CmQ+xiFfGndU8X6tJmN
okm5rxs8A9X20nAVhA73F4JuWNBaWmA/iHanaa9J0sbp9F5cFeNI1ZLO8vgG1Ak7
s6mWiuJoh6X/oyA5gaJnVZ27S9wCcA8/uw5I4KXyVlkLFX/OBbmMWdoe+QfqHGWm
fJ8cuI9bQqQ8bpvIddxCatzG1suVtBX2Vae02G9wcBCLnEXv97+cPsX85QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFN3ImXDsjodq3hIG+iK1S09EAlcAMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvM2NpWmNPeU9oMnJlRWdiNklyVkxUMFFDVndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAAwx88aUYmBNakX8mL316ssdaWpzH1DMSs6ZVK7HJ
de1SjjptJA5dUUxKCkdXCEgK0qWNAj4TgCulKqpHWjmCILj72RV37imcy/cDyPaw
wl2nAecyNo2jRbO3BNzBIJt3xNd7FcCUZnsNdNH97H+v9/qQNX8c7pBlA3kS9wR3
cKQyHWbrCYXe/axnbRoWwfl/JseBkbcvh2r0VS6Jzp4i+JE2sWrSFvJWge//rncM
LF+wsLquk+mckXar62TmbtNEHI+xJaJKEGxS8PmG/Sgr73HF0BUCH0X39YRx6GKc
olZmbiDU7CgZ76b6jyw6apECDe5tC6iTNUbonqP7h6KGVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org