Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/BVLlNq1AH4NyIMK1SgJh-5tHyvU.roa
File: BVLlNq1AH4NyIMK1SgJh-5tHyvU.roa (raw, json)
Hash identifier: WV4BZ+7yG5QNArl2wSZP0wnshcwQ+yGYEl3alTG7ixU=
Subject key identifier: 05:52:E5:36:AD:40:1F:83:72:20:C2:B5:4A:02:61:FB:9B:47:CA:F5
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018CC6B8AC543A697611EB5E867EE795491B
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/BVLlNq1AH4NyIMK1SgJh-5tHyvU.roa
Signing time: Mon 01 Jan 2024 20:30:40 +0000
ROA not before: Mon 01 Jan 2024 20:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.120.0/23 maxlen: 23
194.97.119.0/24 maxlen: 24
194.97.122.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.18.0/24 maxlen: 24
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.6.0/24 maxlen: 24
195.4.0.0/16 maxlen: 16
195.4.12.0/23 maxlen: 23
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ac:54:3a:69:76:11:eb:5e:86:7e:e7:95:49:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jan 1 20:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0552e536ad401f837220c2b54a0261fb9b47caf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:74:e9:18:12:57:15:6b:2d:95:f0:7f:98:63:
fe:14:9d:0f:2f:9a:ab:d3:63:45:dd:80:d9:d9:b2:
f0:9d:56:72:25:32:f7:ff:18:b7:5b:20:38:5b:98:
4e:c7:4a:7e:78:60:bb:43:2e:4a:83:e5:51:0b:00:
23:70:7d:b4:0e:11:ae:4c:6f:79:34:2e:db:31:51:
94:92:1e:e9:e8:2c:51:1c:61:dd:e0:a1:34:8b:87:
47:ad:44:a0:64:c6:cb:6f:15:bb:a8:5c:8d:42:3f:
38:8f:4f:f4:ed:14:8a:56:45:89:d2:39:c2:69:71:
16:dd:f4:59:0b:3e:a8:0c:84:6b:78:6a:cb:04:2d:
41:4b:f1:9e:98:62:2d:6e:f5:f8:58:69:4e:45:2c:
89:bf:ec:45:69:b1:bf:43:36:f4:32:3c:03:ea:d2:
08:c4:26:7c:4e:f0:81:ef:ad:67:60:33:ca:96:5d:
3c:fd:8a:20:a7:1a:9f:b0:8c:6b:bf:9a:d4:60:d4:
a9:0c:bb:13:c7:f5:4a:33:7f:77:16:38:80:f5:b7:
81:29:35:0f:23:9a:0f:2b:b6:4e:6d:0c:25:3e:a9:
d6:15:6f:18:9d:66:72:45:2e:98:39:e2:73:73:1c:
16:5d:0e:d9:03:60:dd:57:ac:2f:24:08:92:24:b8:
f9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:52:E5:36:AD:40:1F:83:72:20:C2:B5:4A:02:61:FB:9B:47:CA:F5
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/BVLlNq1AH4NyIMK1SgJh-5tHyvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
4f:26:39:a6:94:6b:5e:c2:7f:07:1d:2f:a2:a3:26:ae:44:c6:
2f:46:d6:9b:09:cf:14:fe:61:c8:b8:69:02:d1:43:b3:7a:62:
bb:ff:97:27:f6:d6:96:98:c4:5d:eb:68:21:99:27:54:88:f1:
6c:15:2b:87:2f:44:82:97:b8:6c:c0:7c:39:d6:5d:52:81:72:
d7:97:83:7d:70:43:db:58:cb:82:78:b3:16:68:0b:e0:21:3e:
dd:82:90:de:64:e9:45:2e:65:7c:7c:57:e9:a5:bc:40:94:ac:
b4:cb:f4:d7:55:d5:ae:e3:54:06:64:c5:b0:2e:91:05:95:27:
02:a5:13:72:8e:24:ec:ea:7b:e5:64:7d:4a:72:ca:9e:2f:bd:
cf:5c:9b:17:de:6c:23:be:d0:58:5d:3b:a9:e9:3d:83:cb:50:
04:50:ce:ee:98:1d:d7:fa:6c:64:3c:a4:37:9c:98:4f:dd:eb:
20:2a:44:1e:b5:3a:c2:35:c4:94:06:9b:8f:ca:97:0a:87:97:
93:d1:c4:01:7c:74:35:14:38:eb:f4:cf:44:f8:fe:d4:ca:ef:
3d:d3:0b:f5:86:1e:ae:90:96:e4:a3:92:93:60:b2:d2:35:90:
67:ee:29:71:ff:a5:fd:a1:99:ef:1e:45:2d:0b:8f:44:a4:3b:
66:f0:e6:4a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzGuKxUOml2Eetehn7nlUkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwMTAxMjAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUyZTUzNmFkNDAxZjgzNzIyMGMyYjU0YTAyNjFmYjliNDdjYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3TpGBJXFWstlfB/mGP+FJ0PL5qr
02NF3YDZ2bLwnVZyJTL3/xi3WyA4W5hOx0p+eGC7Qy5Kg+VRCwAjcH20DhGuTG95
NC7bMVGUkh7p6CxRHGHd4KE0i4dHrUSgZMbLbxW7qFyNQj84j0/07RSKVkWJ0jnC
aXEW3fRZCz6oDIRreGrLBC1BS/GemGItbvX4WGlORSyJv+xFabG/Qzb0MjwD6tII
xCZ8TvCB761nYDPKll08/YogpxqfsIxrv5rUYNSpDLsTx/VKM393FjiA9beBKTUP
I5oPK7ZObQwlPqnWFW8YnWZyRS6YOeJzcxwWXQ7ZA2DdV6wvJAiSJLj5VwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAVS5TatQB+DciDCtUoCYfubR8r1MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvQlZMbE5xMUFINE55SU1LMVNnSmgtNXRIeXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEATyY5ppRrXsJ/Bx0voqMmrkTGL0bWmwnPFP5hyLhp
AtFDs3piu/+XJ/bWlpjEXetoIZknVIjxbBUrhy9Egpe4bMB8OdZdUoFy15eDfXBD
21jLgnizFmgL4CE+3YKQ3mTpRS5lfHxX6aW8QJSstMv011XVruNUBmTFsC6RBZUn
AqUTco4k7Op75WR9SnLKni+9z1ybF95sI77QWF07qek9g8tQBFDO7pgd1/psZDyk
N5yYT93rICpEHrU6wjXElAabj8qXCoeXk9HEAXx0NRQ46/TPRPj+1MrvPdML9YYe
rpCW5KOSk2Cy0jWQZ+4pcf+l/aGZ7x5FLQuPRKQ7ZvDmSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org