Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/8BAXJJz2H_QQ5Ma-cI8flUrr9Ds.roa
File: 8BAXJJz2H_QQ5Ma-cI8flUrr9Ds.roa (raw, json)
Hash identifier: i59pg6u+znDKu8cCVt75uHvxeLBS5LCYOQBEjsxAZtw=
Subject key identifier: F0:10:17:24:9C:F6:1F:F4:10:E4:C6:BE:70:8F:1F:95:4A:EB:F4:3B
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0186555B9DB11302051F8F43B4D29FCE0AD6
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/8BAXJJz2H_QQ5Ma-cI8flUrr9Ds.roa
Signing time: Wed 15 Feb 2023 13:55:12 +0000
ROA not before: Wed 15 Feb 2023 13:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/22 maxlen: 22
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:5b:9d:b1:13:02:05:1f:8f:43:b4:d2:9f:ce:0a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 15 13:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f01017249cf61ff410e4c6be708f1f954aebf43b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b4:dc:aa:e9:48:17:bd:ee:e2:ab:e7:71:49:
e9:3f:92:47:2a:74:43:16:97:3f:67:f1:1b:eb:d1:
c4:49:44:42:27:b3:60:17:e3:11:1a:8f:78:1c:26:
72:51:7f:fe:f7:dd:62:a5:a9:53:73:69:1e:a2:31:
9d:8c:ce:0e:f7:ca:7b:7e:8d:71:e6:13:53:5c:bc:
de:95:d2:fb:b5:dd:34:bb:4b:1e:9a:93:6b:1c:a5:
79:a3:5d:d6:de:3a:4c:75:25:68:ea:33:5d:21:79:
13:6b:ad:6e:42:dd:02:4a:6d:db:37:59:1d:f2:3a:
c0:5a:ed:87:b6:d6:24:c0:ed:b5:dc:16:88:e7:9e:
02:f4:13:ac:57:02:ae:3d:45:72:41:c7:96:c6:f1:
94:df:75:f3:a4:9e:a5:5c:5e:4e:14:fd:97:a2:d4:
f9:11:38:18:05:a0:c9:68:19:21:16:43:d0:4e:df:
78:90:21:21:73:3d:33:be:f3:8e:5d:bb:b1:87:dc:
d0:9d:e6:76:be:2d:cd:a9:86:47:97:64:d5:d0:a7:
ef:d3:c1:06:35:e0:51:62:42:8c:32:83:1b:52:88:
9d:c6:3d:86:e3:7a:24:ce:d8:fb:cf:f2:1d:71:7b:
92:fc:be:b5:54:4c:b2:df:50:4b:f6:a4:1f:c3:ca:
a7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:10:17:24:9C:F6:1F:F4:10:E4:C6:BE:70:8F:1F:95:4A:EB:F4:3B
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/8BAXJJz2H_QQ5Ma-cI8flUrr9Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
75:85:de:2e:86:f0:ec:55:6d:21:d0:35:19:84:28:7a:ee:ee:
5a:3b:f8:dd:ac:66:d4:2c:87:b8:a1:16:a7:28:7f:9c:64:74:
82:ea:f3:58:75:f3:43:c6:b0:84:71:f4:0f:1f:81:b1:4f:75:
46:49:67:50:cd:b6:7a:64:36:78:41:b5:81:ad:01:ef:e8:4f:
4f:2f:35:56:4f:45:e6:48:36:b4:5e:69:c7:8b:e5:35:4e:a8:
9c:41:a6:fe:75:d1:99:c5:ca:32:ef:3b:d3:6f:5a:1c:6f:3f:
cd:48:ff:44:e7:50:63:f8:67:ed:2d:0e:3b:ab:4c:1e:7d:04:
d0:19:9a:bf:1c:59:8c:6d:b2:77:36:46:62:91:9d:b5:e9:72:
1f:8c:c7:f6:94:fb:5f:b1:05:2b:bf:cf:9f:cd:cc:b2:22:0b:
e7:82:4c:27:5a:84:be:81:b5:3b:7d:b5:1b:63:1c:b2:1f:53:
56:0c:eb:9c:c8:b2:41:d7:c2:43:fd:80:6f:cd:2a:e4:c3:bb:
e0:ee:02:95:9e:3e:e4:58:65:52:9a:62:24:c7:fa:9c:96:c7:
e3:42:56:45:cd:83:14:de:60:ec:ca:42:bd:11:e5:c0:d4:74:
07:c1:4f:88:c4:43:90:97:64:ac:03:42:09:c3:ba:42:ee:2d:
4e:c3:a8:34
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYZVW52xEwIFH49DtNKfzgrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwMjE1MTM1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDEwMTcyNDljZjYxZmY0MTBlNGM2YmU3MDhmMWY5NTRhZWJmNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLTcqulIF73u4qvncUnpP5JHKnRD
Fpc/Z/Eb69HESURCJ7NgF+MRGo94HCZyUX/+991ipalTc2keojGdjM4O98p7fo1x
5hNTXLzeldL7td00u0sempNrHKV5o13W3jpMdSVo6jNdIXkTa61uQt0CSm3bN1kd
8jrAWu2HttYkwO213BaI554C9BOsVwKuPUVyQceWxvGU33XzpJ6lXF5OFP2XotT5
ETgYBaDJaBkhFkPQTt94kCEhcz0zvvOOXbuxh9zQneZ2vi3NqYZHl2TV0Kfv08EG
NeBRYkKMMoMbUoidxj2G43okztj7z/IdcXuS/L61VEyy31BL9qQfw8qnaQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPAQFySc9h/0EOTGvnCPH5VK6/Q7MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvOEJBWEpKejJIX1FRNU1hLWNJOGZsVXJyOURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAdYXeLobw7FVtIdA1GYQoeu7uWjv43axm1CyHuKEW
pyh/nGR0gurzWHXzQ8awhHH0Dx+BsU91RklnUM22emQ2eEG1ga0B7+hPTy81Vk9F
5kg2tF5px4vlNU6onEGm/nXRmcXKMu87029aHG8/zUj/ROdQY/hn7S0OO6tMHn0E
0BmavxxZjG2ydzZGYpGdtelyH4zH9pT7X7EFK7/Pn83MsiIL54JMJ1qEvoG1O321
G2Mcsh9TVgzrnMiyQdfCQ/2Ab80q5MO74O4ClZ4+5FhlUppiJMf6nJbH40JWRc2D
FN5g7MpCvRHlwNR0B8FPiMRDkJdkrANCCcO6Qu4tTsOoNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org