Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/DkgM4wehrp_T-fEfnpWa5co5D7A.roa
File: DkgM4wehrp_T-fEfnpWa5co5D7A.roa (raw, json)
Hash identifier: v9zShwigQhyX8WLOqT3RBuHexSFDRvpEL/xqNALu+3I=
Subject key identifier: 0E:48:0C:E3:07:A1:AE:9F:D3:F9:F1:1F:9E:95:9A:E5:CA:39:0F:B0
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 353EB04F
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/DkgM4wehrp_T-fEfnpWa5co5D7A.roa
Signing time: Sat 19 Feb 2022 10:44:12 +0000
ROA not before: Sat 19 Feb 2022 10:44:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.68.0/22 maxlen: 22
62.104.72.0/21 maxlen: 21
62.104.80.0/21 maxlen: 21
62.104.88.0/21 maxlen: 21
194.97.160.0/19 maxlen: 19
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
62.104.28.0/22 maxlen: 22
194.97.96.0/19 maxlen: 19
62.104.32.0/21 maxlen: 21
62.104.40.0/22 maxlen: 22
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.104.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/21 maxlen: 21
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
62.104.184.0/22 maxlen: 22
62.104.188.0/23 maxlen: 23
62.104.130.0/23 maxlen: 23
62.104.132.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
62.104.136.0/21 maxlen: 21
62.104.144.0/22 maxlen: 22
62.104.156.0/22 maxlen: 22
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893300815 (0x353eb04f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 19 10:44:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e480ce307a1ae9fd3f9f11f9e959ae5ca390fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:15:7d:2e:6a:7d:32:1b:5a:9c:db:bf:5a:58:
55:15:5f:5a:3b:ad:eb:a4:56:ca:b5:04:dd:3c:f8:
13:39:a1:b9:ff:bf:11:e3:3b:1d:f4:e5:9c:23:fb:
c7:1d:7b:12:7c:83:8e:12:7f:c2:29:de:d1:04:7e:
05:a5:81:1a:10:27:c5:50:5b:bd:5d:9c:b6:98:6c:
4c:70:a5:fd:e8:89:a4:87:4a:21:cc:48:5f:7d:b0:
90:cd:99:2d:8f:29:30:a7:7e:2d:2c:6c:06:2c:ed:
2d:fb:7b:6b:ad:93:1d:7d:29:b6:98:38:f7:a4:e5:
83:e8:d2:bd:98:25:5c:2c:f6:4c:a1:f7:c5:7b:b9:
f2:73:94:7e:68:b0:3c:e6:63:00:1e:55:3e:94:f0:
2c:0a:b9:6f:34:c4:eb:2e:2b:60:ef:f3:f5:4b:4b:
b8:d3:8e:b5:bf:f4:ca:81:5b:33:f8:a8:fe:8a:38:
b8:92:9e:3c:d3:b7:6d:7a:98:f4:f5:90:ce:ee:6f:
c8:ac:9b:57:55:86:83:25:0d:17:76:da:4b:04:1a:
1f:1c:38:73:f7:c7:4a:5a:22:5f:87:30:2e:20:ec:
6a:d9:c3:70:79:93:4e:4b:3b:54:05:cc:8b:c8:10:
41:7e:af:73:49:59:cb:f2:8b:85:cf:69:d8:23:32:
39:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:48:0C:E3:07:A1:AE:9F:D3:F9:F1:1F:9E:95:9A:E5:CA:39:0F:B0
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/DkgM4wehrp_T-fEfnpWa5co5D7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
5b:13:46:c6:9c:11:9d:85:d9:f7:9c:12:ad:29:cb:ab:9a:1b:
ae:fb:79:43:37:f6:67:35:de:72:11:61:99:94:24:0e:75:0d:
d2:3e:5e:9f:c1:5d:d9:70:8e:e0:e5:65:55:a5:81:7c:b0:97:
f8:f8:fc:87:bd:9e:7a:8d:ad:4a:01:03:83:d3:b1:9c:df:dd:
c5:b3:ed:c2:ab:fa:c5:e2:98:88:a8:0d:f7:14:2e:41:c8:83:
e0:49:f8:2a:da:43:e8:d0:d5:39:67:3e:dd:47:da:35:ba:f2:
fe:53:46:eb:11:bc:d3:de:04:bd:16:b6:bb:6e:75:e5:05:fa:
52:a3:5e:82:6b:88:77:34:77:81:51:24:66:fe:21:5b:cb:ed:
17:9c:74:85:5b:85:81:b0:c0:bf:d3:75:c8:d8:da:51:53:f7:
c4:2a:0a:40:8b:f3:f4:15:c3:19:4e:36:7f:b6:cf:24:fe:5f:
09:2c:3d:4a:14:ca:26:32:8a:b4:ef:0f:08:1c:18:1c:08:aa:
aa:b5:63:a9:d9:cb:f0:96:0f:45:26:a7:ba:bd:8f:38:15:05:
f9:ef:c1:64:ad:ea:28:79:a0:70:66:7a:e6:a8:59:11:8f:6c:
63:ba:5e:fc:50:14:ac:7b:65:9a:fe:3c:66:8a:6e:1e:14:fa:
a3:64:39:6b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENT6wTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjgwMTk4NGNjMzhmMGE0ZmM1YWZlMWFkZWFiNjgwYzFiODllOTViMB4XDTIyMDIx
OTEwNDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU0ODBjZTMwN2Ex
YWU5ZmQzZjlmMTFmOWU5NTlhZTVjYTM5MGZiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwVfS5qfTIbWpzbv1pYVRVfWjut66RWyrUE3Tz4Ezmhuf+/
EeM7HfTlnCP7xx17EnyDjhJ/wine0QR+BaWBGhAnxVBbvV2ctphsTHCl/eiJpIdK
IcxIX32wkM2ZLY8pMKd+LSxsBiztLft7a62THX0ptpg496Tlg+jSvZglXCz2TKH3
xXu58nOUfmiwPOZjAB5VPpTwLAq5bzTE6y4rYO/z9UtLuNOOtb/0yoFbM/io/oo4
uJKePNO3bXqY9PWQzu5vyKybV1WGgyUNF3baSwQaHxw4c/fHSloiX4cwLiDsatnD
cHmTTks7VAXMi8gQQX6vc0lZy/KLhc9p2CMyOfECAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBQOSAzjB6Gun9P58R+elZrlyjkPsDAfBgNVHSMEGDAWgBSvgBmEzDjwpPxa
/hreq2gMG4npWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I0QVpoTXc0OEtUOFd2NGEzcXRvREJ1SjZWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8x
L0RrZ000d2VocnBfVC1mRWZucFdhNWNvNUQ3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8xL3I0QVpoTXc0OEtU
OFd2NGEzcXRvREJ1SjZWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMDAD5oAwMDWTADBAbCYQADBAXCYWAw
CwMEBcJhoAMDAcJgAwMAwwQwDQQCAAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQAD
ggEBAFsTRsacEZ2F2fecEq0py6uaG677eUM39mc13nIRYZmUJA51DdI+Xp/BXdlw
juDlZVWlgXywl/j4/Ie9nnqNrUoBA4PTsZzf3cWz7cKr+sXimIioDfcULkHIg+BJ
+CraQ+jQ1TlnPt1H2jW68v5TRusRvNPeBL0WtrtudeUF+lKjXoJriHc0d4FRJGb+
IVvL7RecdIVbhYGwwL/TdcjY2lFT98QqCkCL8/QVwxlONn+2zyT+XwksPUoUyiYy
irTvDwgcGBwIqqq1Y6nZy/CWD0Ump7q9jzgVBfnvwWSt6ih5oHBmeuaoWRGPbGO6
XvxQFKx7ZZr+PGaKbh4U+qNkOWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org