Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Kaj8YZX3NwvIKxQqDGF1jbtZJIE.roa
File: Kaj8YZX3NwvIKxQqDGF1jbtZJIE.roa (raw, json)
Hash identifier: y2osLUcdyX/T9ICxDbS6+z3nPgjjqvPflZobHN2nr28=
Subject key identifier: 29:A8:FC:61:95:F7:37:0B:C8:2B:14:2A:0C:61:75:8D:BB:59:24:81
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018DF55423386A066579B390AE4FD8DEB798
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Kaj8YZX3NwvIKxQqDGF1jbtZJIE.roa
Signing time: Thu 29 Feb 2024 14:45:48 +0000
ROA not before: Thu 29 Feb 2024 14:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.96.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.182.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
89.49.126.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.6.0/24 maxlen: 24
195.4.12.0/23 maxlen: 23
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/24 maxlen: 24
195.4.234.0/23 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:54:23:38:6a:06:65:79:b3:90:ae:4f:d8:de:b7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 29 14:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a8fc6195f7370bc82b142a0c61758dbb592481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:20:12:60:7c:fc:5b:7e:f3:f3:89:20:ac:
ef:23:64:78:85:f5:de:f6:9b:03:82:f8:48:7f:97:
9a:91:da:e9:c2:d0:0f:f0:68:d9:bf:61:36:72:e6:
0b:3e:52:4e:c5:01:d3:60:f8:21:80:0d:bb:b3:3b:
40:11:25:dc:c8:a0:4d:2a:1b:43:81:bc:2a:4a:f8:
a8:69:54:f2:dc:00:99:19:be:5e:dc:2e:dc:23:a4:
3e:d3:16:1c:d0:d2:ba:67:b8:0f:ed:3c:8b:98:30:
ac:05:d5:91:c1:90:99:2a:fd:48:a1:c9:96:60:b0:
72:60:da:36:29:4f:50:4e:56:32:f2:d4:a2:93:d7:
76:28:b7:46:e2:1b:f0:0b:52:2e:b0:13:8f:97:fd:
a1:f2:5c:9d:33:67:fd:82:08:b6:52:ed:a9:a9:8a:
1e:4d:cc:0f:d5:48:d6:fb:c4:9d:15:12:3b:a2:65:
ab:e5:6b:05:7f:55:db:90:d6:b9:4e:e7:e6:d4:8c:
c0:bc:82:0d:cd:b0:7a:1d:82:6d:98:57:cb:ad:12:
6e:31:f7:3e:4a:04:2e:e9:ee:80:5e:38:7b:36:8a:
39:e5:75:b2:53:47:e1:70:f0:b3:a1:ae:bd:7e:32:
b8:e0:d4:de:a9:80:ac:eb:84:bd:29:24:b9:a6:6a:
14:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A8:FC:61:95:F7:37:0B:C8:2B:14:2A:0C:61:75:8D:BB:59:24:81
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Kaj8YZX3NwvIKxQqDGF1jbtZJIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
25:e4:d6:d2:30:24:12:1c:c1:f8:ae:a0:ba:0d:e0:73:ce:d8:
90:79:a1:dd:30:95:b1:84:65:68:89:c3:77:3a:e3:12:56:e6:
de:23:35:6c:7b:40:7e:79:06:3d:e4:41:8a:ec:70:9d:e9:81:
85:b6:c7:2d:d5:f7:2c:33:f5:eb:8b:06:fc:c1:03:bf:05:cc:
c5:84:3f:89:26:98:da:de:1b:1f:f0:5f:1d:8f:ab:d4:dc:ef:
91:aa:6b:7a:90:50:0f:63:8e:16:40:6a:fd:f0:10:fd:ff:81:
7d:5a:b1:d0:81:a8:f7:a5:11:ca:fd:ea:42:45:85:71:3f:06:
1e:1f:95:fa:17:76:97:85:98:8f:76:53:5a:3d:bf:0e:f6:e0:
87:6a:d9:25:ae:5e:58:6d:51:f6:92:23:1a:ef:08:51:88:4d:
fa:95:18:b8:f7:cf:38:13:5a:14:a6:cf:5f:be:9d:87:5a:67:
36:46:8e:c9:68:2e:3d:7f:82:25:6d:1a:21:fc:a4:00:e0:1d:
fe:e9:6b:12:bb:e5:bb:5d:22:ab:a9:8b:cf:2a:fe:02:f3:2e:
dd:59:8f:ea:c7:fa:c6:fd:ec:5d:1a:ed:13:67:4f:f4:f9:8d:
8f:8b:d2:d6:f0:c0:0d:8f:9c:92:26:08:e5:92:f2:d1:42:82:
22:40:41:44
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY31VCM4agZlebOQrk/Y3reYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwMjI5MTQ0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE4ZmM2MTk1ZjczNzBiYzgyYjE0MmEwYzYxNzU4ZGJiNTkyNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTcgEmB8/Ft+8/OJIKzvI2R4hfXe
9psDgvhIf5eakdrpwtAP8GjZv2E2cuYLPlJOxQHTYPghgA27sztAESXcyKBNKhtD
gbwqSvioaVTy3ACZGb5e3C7cI6Q+0xYc0NK6Z7gP7TyLmDCsBdWRwZCZKv1IocmW
YLByYNo2KU9QTlYy8tSik9d2KLdG4hvwC1IusBOPl/2h8lydM2f9ggi2Uu2pqYoe
TcwP1UjW+8SdFRI7omWr5WsFf1XbkNa5Tufm1IzAvIINzbB6HYJtmFfLrRJuMfc+
SgQu6e6AXjh7Noo55XWyU0fhcPCzoa69fjK44NTeqYCs64S9KSS5pmoUQwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFCmo/GGV9zcLyCsUKgxhdY27WSSBMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvS2FqOFlaWDNOd3ZJS3hRcURHRjFqYnRaSklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAJeTW0jAkEhzB+K6gug3gc87YkHmh3TCVsYRlaInD
dzrjElbm3iM1bHtAfnkGPeRBiuxwnemBhbbHLdX3LDP164sG/MEDvwXMxYQ/iSaY
2t4bH/BfHY+r1NzvkaprepBQD2OOFkBq/fAQ/f+BfVqx0IGo96URyv3qQkWFcT8G
Hh+V+hd2l4WYj3ZTWj2/Dvbgh2rZJa5eWG1R9pIjGu8IUYhN+pUYuPfPOBNaFKbP
X76dh1pnNkaOyWguPX+CJW0aIfykAOAd/ulrErvlu10iq6mLzyr+AvMu3VmP6sf6
xv3sXRrtE2dP9PmNj4vS1vDADY+ckiYI5ZLy0UKCIkBBRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org