Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NaxlY9ApmfKLkGizlt5RBTxMWJg.roa
File: NaxlY9ApmfKLkGizlt5RBTxMWJg.roa (raw, json)
Hash identifier: IdYYi4YM/PSPdo4Fzz16EaHxylIJIMcMSjmIDC+Fjtc=
Subject key identifier: 35:AC:65:63:D0:29:99:F2:8B:90:68:B3:96:DE:51:05:3C:4C:58:98
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0181D3BCB4D86B901A064A56DEEAB4295235
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NaxlY9ApmfKLkGizlt5RBTxMWJg.roa
Signing time: Wed 06 Jul 2022 13:39:28 +0000
ROA not before: Wed 06 Jul 2022 13:39:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.88.0/21 maxlen: 21
194.97.160.0/19 maxlen: 19
62.104.96.0/22 maxlen: 22
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/19 maxlen: 19
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.176.0/21 maxlen: 21
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
62.104.184.0/22 maxlen: 22
62.104.188.0/23 maxlen: 23
62.104.130.0/23 maxlen: 23
62.104.132.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
62.104.136.0/21 maxlen: 21
62.104.144.0/22 maxlen: 22
62.104.156.0/22 maxlen: 22
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d3:bc:b4:d8:6b:90:1a:06:4a:56:de:ea:b4:29:52:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jul 6 13:39:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35ac6563d02999f28b9068b396de51053c4c5898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d4:c5:58:b4:ab:10:7b:e8:98:ac:23:f2:57:
80:2e:46:84:dc:30:49:61:b4:99:5f:53:db:de:52:
f5:11:ef:f0:fd:35:ef:fb:35:62:77:f9:ad:a7:5d:
e7:09:cf:77:22:d0:39:3d:33:bc:ca:d2:43:5d:10:
06:93:49:a9:a2:72:d7:f8:d0:a0:76:13:c5:2d:ce:
44:a0:b1:52:cf:6a:66:34:b3:53:58:db:4f:0c:5d:
9c:2f:06:c7:fc:0d:c2:e0:05:ee:98:92:4e:37:bc:
62:fc:07:3c:64:96:ea:ad:1c:7d:14:66:c4:b1:82:
96:3b:40:06:e6:05:d0:2f:eb:8c:fe:e2:c5:50:cf:
e7:63:d5:9d:d3:1c:c8:d7:00:4b:1b:a6:10:e1:55:
94:e6:6a:af:56:91:ed:fa:f8:08:f0:25:0b:6a:0a:
a1:97:9c:ad:04:58:63:19:73:02:45:8a:c3:af:0f:
10:5a:95:11:da:1c:61:5a:20:07:3f:31:cd:a8:ab:
36:1c:b2:9c:cf:8c:39:35:c1:49:8e:51:13:6d:66:
28:5e:41:6e:f1:e1:6f:82:03:aa:57:c4:eb:bc:6d:
78:8a:e3:2b:23:28:fa:9a:c2:4b:69:75:f2:a4:0e:
a0:a2:2d:cb:89:af:2f:71:63:89:88:a8:63:fa:c4:
fa:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AC:65:63:D0:29:99:F2:8B:90:68:B3:96:DE:51:05:3C:4C:58:98
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/NaxlY9ApmfKLkGizlt5RBTxMWJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
11:d8:93:31:e5:2d:09:81:f4:17:84:a1:ee:a5:07:75:19:2a:
3d:1b:5b:58:fb:91:dc:fb:20:8e:08:54:73:94:63:0b:f9:ea:
29:f6:0f:ec:f7:69:32:76:5e:5c:6a:94:91:ff:44:0c:f3:b5:
35:57:ec:ce:7a:c4:f2:12:01:cc:d5:d5:c9:6f:d5:8c:e2:0a:
f8:49:41:b9:13:cf:ad:1b:12:58:de:9c:7a:73:c1:20:8b:b4:
f6:80:7c:46:5a:ed:80:ba:f0:92:50:9f:2d:ad:2e:3a:46:47:
ce:40:21:30:9e:1d:d7:a6:be:e5:0e:58:1c:74:48:32:0e:29:
6b:39:a9:05:cd:37:71:dc:db:f5:98:bc:e5:d4:32:78:0c:5c:
82:7e:7f:1e:52:80:97:17:d5:f6:8d:50:25:0a:18:4c:46:ce:
92:34:9b:3a:7f:f4:8f:4c:70:cb:a8:b7:8c:01:71:f4:29:f3:
55:90:c7:3d:dc:3f:c3:86:89:f2:8a:e9:a5:5f:7d:9e:25:dd:
47:92:b5:51:73:18:c0:44:e2:82:ba:a8:fe:ea:a3:24:60:bf:
7e:b3:46:34:f5:26:06:f5:fa:a1:e9:af:aa:70:c5:e5:9b:45:
a7:f3:5b:62:25:40:ac:e8:71:97:5e:04:fb:56:5c:6e:b5:37:
e7:36:8c:79
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYHTvLTYa5AaBkpW3uq0KVI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjIwNzA2MTMzOTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWFjNjU2M2QwMjk5OWYyOGI5MDY4YjM5NmRlNTEwNTNjNGM1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9TFWLSrEHvomKwj8leALkaE3DBJ
YbSZX1Pb3lL1Ee/w/TXv+zVid/mtp13nCc93ItA5PTO8ytJDXRAGk0mponLX+NCg
dhPFLc5EoLFSz2pmNLNTWNtPDF2cLwbH/A3C4AXumJJON7xi/Ac8ZJbqrRx9FGbE
sYKWO0AG5gXQL+uM/uLFUM/nY9Wd0xzI1wBLG6YQ4VWU5mqvVpHt+vgI8CULagqh
l5ytBFhjGXMCRYrDrw8QWpUR2hxhWiAHPzHNqKs2HLKcz4w5NcFJjlETbWYoXkFu
8eFvggOqV8TrvG14iuMrIyj6msJLaXXypA6goi3Lia8vcWOJiKhj+sT6CQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFDWsZWPQKZnyi5Bos5beUQU8TFiYMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvTmF4bFk5QXBtZktMa0dpemx0NVJCVHhNV0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAEdiTMeUtCYH0F4Sh7qUHdRkqPRtbWPuR3PsgjghU
c5RjC/nqKfYP7PdpMnZeXGqUkf9EDPO1NVfsznrE8hIBzNXVyW/VjOIK+ElBuRPP
rRsSWN6cenPBIIu09oB8RlrtgLrwklCfLa0uOkZHzkAhMJ4d16a+5Q5YHHRIMg4p
azmpBc03cdzb9Zi85dQyeAxcgn5/HlKAlxfV9o1QJQoYTEbOkjSbOn/0j0xwy6i3
jAFx9CnzVZDHPdw/w4aJ8orppV99niXdR5K1UXMYwETigrqo/uqjJGC/frNGNPUm
BvX6oemvqnDF5ZtFp/NbYiVArOhxl14E+1ZcbrU35zaMeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org