Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Np6W-dPkRA-2r76H3pSZY12NCSk.roa
File: Np6W-dPkRA-2r76H3pSZY12NCSk.roa (raw, json)
Hash identifier: td0NL/Q1gFw9C0/hjCIHQPo359B2rz241/hipzBeWpY=
Subject key identifier: 36:9E:96:F9:D3:E4:44:0F:B6:AF:BE:87:DE:94:99:63:5D:8D:09:29
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 34E70902
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Np6W-dPkRA-2r76H3pSZY12NCSk.roa
Signing time: Fri 04 Feb 2022 08:43:43 +0000
ROA not before: Fri 04 Feb 2022 08:43:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 89.48.0.0/13 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
194.97.0.0/18 maxlen: 18
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
62.104.75.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.167.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.20.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887556354 (0x34e70902)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 4 08:43:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=369e96f9d3e4440fb6afbe87de9499635d8d0929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3b:5d:f0:5e:91:b6:fc:a9:77:0b:b9:a0:7d:
79:15:9f:fa:98:12:b6:68:f9:45:cd:2f:46:55:92:
fa:96:d5:a1:f7:c2:5a:3b:83:c6:16:c8:92:13:06:
1a:80:63:d4:3b:64:fb:6d:26:36:94:7b:79:7f:15:
51:f1:1c:ff:d1:ef:36:ae:5b:4b:ef:9a:b1:95:83:
00:d3:7f:06:19:3e:21:b6:8b:86:82:9e:51:14:a9:
42:9f:ea:34:c4:37:e5:a7:dc:36:3d:5d:88:0c:f0:
c5:96:1c:ff:1b:99:0c:57:ee:c3:17:51:9a:5a:e2:
9b:de:a2:7f:30:2a:77:70:33:8f:56:5b:fd:95:cf:
28:29:4c:09:80:9f:e5:c1:41:96:49:5e:33:17:14:
41:ec:6a:b4:8b:71:ca:96:6a:60:a6:39:7f:52:f4:
d7:d9:2a:72:de:9f:bb:31:b8:ed:11:ea:2a:c6:25:
ee:82:b2:0a:f3:eb:1a:11:26:25:c0:3e:ae:98:b0:
04:fa:61:42:e6:d0:77:5a:74:dd:5e:40:5f:05:2d:
26:a4:5c:35:d5:54:dd:25:ab:ae:1d:5c:16:3e:fa:
e6:1f:a2:16:7e:04:eb:1b:f3:c6:22:d5:8e:6d:64:
74:b5:d3:5e:4f:60:6a:be:bc:e3:e3:cd:bf:d2:32:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9E:96:F9:D3:E4:44:0F:B6:AF:BE:87:DE:94:99:63:5D:8D:09:29
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Np6W-dPkRA-2r76H3pSZY12NCSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
52:91:d4:c4:60:91:72:81:01:fb:a2:52:2d:c5:f4:44:46:56:
34:d1:13:27:ac:0f:66:b6:06:d1:d4:1d:ae:85:3a:c1:3f:58:
2c:07:af:0f:f5:ee:43:82:23:1b:b0:3a:31:6d:27:45:7a:78:
c5:e9:71:b4:d2:cf:ef:f5:3b:96:6f:27:69:89:5e:3f:98:a7:
be:3d:90:a5:c7:5d:55:65:5a:97:e9:58:eb:80:58:62:80:ae:
81:76:15:83:d0:1e:6a:15:8d:fa:a6:1d:85:de:f3:4e:66:fa:
e3:b4:a7:28:98:90:0c:fc:f7:69:17:86:56:f8:c7:ed:67:4c:
74:64:2a:b8:92:22:63:5f:21:83:eb:01:a8:70:16:c3:2c:14:
0a:1c:f8:fe:ac:1a:8a:e1:a0:79:61:07:f8:32:9f:e3:1b:e1:
53:18:b0:79:bb:d9:a3:16:cc:a4:ac:4b:41:75:d6:2e:5e:1b:
23:c8:21:ee:6c:46:de:3d:59:d5:37:1e:65:48:80:88:b3:d7:
af:42:b2:c5:76:e9:37:fc:66:d1:22:f1:f2:45:02:34:20:6e:
38:b5:e7:d2:c5:8b:38:a7:ce:ee:13:ed:ae:28:b0:c5:71:0e:
2d:e3:a5:61:23:f8:b3:ac:89:7a:68:ce:9a:5f:1c:bc:ea:b4:
d5:2f:ee:33
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENOcJAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjgwMTk4NGNjMzhmMGE0ZmM1YWZlMWFkZWFiNjgwYzFiODllOTViMB4XDTIyMDIw
NDA4NDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY5ZTk2ZjlkM2U0
NDQwZmI2YWZiZTg3ZGU5NDk5NjM1ZDhkMDkyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKw7XfBekbb8qXcLuaB9eRWf+pgStmj5Rc0vRlWS+pbVoffC
WjuDxhbIkhMGGoBj1Dtk+20mNpR7eX8VUfEc/9HvNq5bS++asZWDANN/Bhk+IbaL
hoKeURSpQp/qNMQ35afcNj1diAzwxZYc/xuZDFfuwxdRmlrim96ifzAqd3Azj1Zb
/ZXPKClMCYCf5cFBlkleMxcUQexqtItxypZqYKY5f1L019kqct6fuzG47RHqKsYl
7oKyCvPrGhEmJcA+rpiwBPphQubQd1p03V5AXwUtJqRcNdVU3SWrrh1cFj765h+i
Fn4E6xvzxiLVjm1kdLXTXk9gar684+PNv9IyhHMCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBQ2npb50+RED7avvofelJljXY0JKTAfBgNVHSMEGDAWgBSvgBmEzDjwpPxa
/hreq2gMG4npWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I0QVpoTXc0OEtUOFd2NGEzcXRvREJ1SjZWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8x
L05wNlctZFBrUkEtMnI3NkgzcFNaWTEyTkNTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8xL3I0QVpoTXc0OEtU
OFd2NGEzcXRvREJ1SjZWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMDAD5oAwMDWTADBAbCYQADBAXCYWAw
CwMEBcJhoAMDAcJgAwMAwwQwDQQCAAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQAD
ggEBAFKR1MRgkXKBAfuiUi3F9ERGVjTREyesD2a2BtHUHa6FOsE/WCwHrw/17kOC
IxuwOjFtJ0V6eMXpcbTSz+/1O5ZvJ2mJXj+Yp749kKXHXVVlWpfpWOuAWGKAroF2
FYPQHmoVjfqmHYXe805m+uO0pyiYkAz892kXhlb4x+1nTHRkKriSImNfIYPrAahw
FsMsFAoc+P6sGorhoHlhB/gyn+Mb4VMYsHm72aMWzKSsS0F11i5eGyPIIe5sRt49
WdU3HmVIgIiz169CssV26Tf8ZtEi8fJFAjQgbji159LFizinzu4T7a4osMVxDi3j
pWEj+LOsiXpozppfHLzqtNUv7jM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org