Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/D769wSC3_CBpRe-DxB0jSH9ApRs.roa
File: D769wSC3_CBpRe-DxB0jSH9ApRs.roa (raw, json)
Hash identifier: u4h1TzGhrkjbBxZ2gCHEeOksPZcXkHym4vLrPf2Rj+Y=
Subject key identifier: 0F:BE:BD:C1:20:B7:FC:20:69:45:EF:83:C4:1D:23:48:7F:40:A5:1B
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01850AF6EF0C1E2E3CC15E2351B0CFAC1F3C
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/D769wSC3_CBpRe-DxB0jSH9ApRs.roa
Signing time: Tue 13 Dec 2022 10:10:33 +0000
ROA not before: Tue 13 Dec 2022 10:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:f6:ef:0c:1e:2e:3c:c1:5e:23:51:b0:cf:ac:1f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Dec 13 10:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fbebdc120b7fc206945ef83c41d23487f40a51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:01:65:fc:1b:bc:53:3d:98:b2:d6:01:0e:2c:
0f:b4:66:b2:14:61:0e:67:23:d6:8f:10:8b:b9:c6:
9a:16:0a:74:45:25:c8:78:73:b8:ff:37:5c:50:68:
48:a5:21:63:dd:89:48:e5:a2:78:e1:36:d5:fa:a5:
4f:e5:20:95:f7:7d:e0:13:4e:ba:26:ec:9d:b3:b3:
24:cf:88:20:28:53:40:08:06:08:0b:98:db:6d:a5:
fa:ad:ee:08:fe:45:81:c4:f3:04:3f:d9:5d:61:8b:
a3:b2:7b:7d:2e:66:c8:ab:ef:8d:5e:8c:f0:34:ac:
5b:f4:9a:29:94:02:8b:c2:d4:c4:af:a8:95:34:bb:
b6:90:0d:35:ee:71:9b:9d:00:27:57:d4:d1:c1:ca:
da:65:a7:12:25:ee:ae:32:be:c6:80:4e:00:ae:ce:
0b:0c:69:8f:52:20:ac:83:2e:c7:94:6c:b1:e6:f1:
2f:fd:c1:32:12:d4:5e:16:44:4f:87:bc:d4:4b:bf:
a2:9f:ba:e0:40:50:8e:c6:31:55:ae:fb:24:83:0c:
2f:14:8a:fa:ab:33:9f:dd:36:fa:46:14:2e:3e:49:
4f:01:72:69:35:65:84:c2:c4:cf:fe:d7:78:a0:0d:
9e:d4:55:20:f4:24:7e:23:f5:e3:92:8b:5b:cf:44:
5c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BE:BD:C1:20:B7:FC:20:69:45:EF:83:C4:1D:23:48:7F:40:A5:1B
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/D769wSC3_CBpRe-DxB0jSH9ApRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
26:02:8c:75:0f:de:fb:23:dd:bc:5c:60:92:4b:c9:38:fb:da:
7f:93:1a:0d:6f:10:5b:85:60:ea:aa:eb:75:da:be:b1:9a:7f:
57:60:2e:ac:ab:11:d1:f3:ba:11:7b:4f:01:7a:b8:6e:52:d7:
7d:43:54:3a:7e:1d:2a:9a:20:81:bc:75:e2:ff:53:37:94:a3:
2c:89:b7:bd:54:77:65:af:be:2e:0d:fa:53:20:7b:a1:d3:27:
4a:9e:24:37:7e:33:9a:67:6d:21:4a:82:4e:c9:8f:38:ea:1a:
23:0e:9b:fb:16:04:86:5c:df:7f:5c:85:11:00:42:01:81:24:
ed:64:67:aa:ee:16:f7:78:d4:67:01:34:3b:c1:2c:7b:4f:5c:
e8:7c:07:ec:ba:ee:52:ab:89:0b:51:55:b8:f5:14:6e:4e:70:
45:ad:1a:ad:36:24:a8:06:a6:9f:32:a7:6e:7b:de:e8:d2:87:
82:1e:93:fc:6d:71:d9:68:c2:1f:96:10:d1:55:60:38:44:a6:
cb:36:5f:47:45:55:82:0d:23:3a:5c:cf:db:f5:be:ee:38:2b:
f8:f9:6b:d4:1b:ca:22:75:bc:85:9c:05:98:e4:db:5f:d7:31:
9f:60:af:d5:f3:a8:1f:ce:b1:54:51:8e:60:2c:e2:54:e8:d0:
9b:62:de:b0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYUK9u8MHi48wV4jUbDPrB88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjIxMjEzMTAxMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJlYmRjMTIwYjdmYzIwNjk0NWVmODNjNDFkMjM0ODdmNDBhNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAFl/Bu8Uz2YstYBDiwPtGayFGEO
ZyPWjxCLucaaFgp0RSXIeHO4/zdcUGhIpSFj3YlI5aJ44TbV+qVP5SCV933gE066
Juyds7Mkz4ggKFNACAYIC5jbbaX6re4I/kWBxPMEP9ldYYujsnt9LmbIq++NXozw
NKxb9JoplAKLwtTEr6iVNLu2kA017nGbnQAnV9TRwcraZacSJe6uMr7GgE4Ars4L
DGmPUiCsgy7HlGyx5vEv/cEyEtReFkRPh7zUS7+in7rgQFCOxjFVrvskgwwvFIr6
qzOf3Tb6RhQuPklPAXJpNWWEwsTP/td4oA2e1FUg9CR+I/Xjkotbz0RcdQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFA++vcEgt/wgaUXvg8QdI0h/QKUbMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvRDc2OXdTQzNfQ0JwUmUtRHhCMGpTSDlBcFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAJgKMdQ/e+yPdvFxgkkvJOPvaf5MaDW8QW4Vg6qrr
ddq+sZp/V2AurKsR0fO6EXtPAXq4blLXfUNUOn4dKpoggbx14v9TN5SjLIm3vVR3
Za++Lg36UyB7odMnSp4kN34zmmdtIUqCTsmPOOoaIw6b+xYEhlzff1yFEQBCAYEk
7WRnqu4W93jUZwE0O8Ese09c6HwH7LruUquJC1FVuPUUbk5wRa0arTYkqAamnzKn
bnve6NKHgh6T/G1x2WjCH5YQ0VVgOESmyzZfR0VVgg0jOlzP2/W+7jgr+Plr1BvK
InW8hZwFmOTbX9cxn2Cv1fOoH86xVFGOYCziVOjQm2LesA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org