Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Q3yaQwQoL53pYcgYmqeAuOnHXbc.roa
File: Q3yaQwQoL53pYcgYmqeAuOnHXbc.roa (raw, json)
Hash identifier: mpEjCkBPwlq311zTP9mYe6QlXttcX0MbzqeEk0A5Xqc=
Subject key identifier: 43:7C:9A:43:04:28:2F:9D:E9:61:C8:18:9A:A7:80:B8:E9:C7:5D:B7
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 3547E6E0
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Q3yaQwQoL53pYcgYmqeAuOnHXbc.roa
Signing time: Tue 22 Feb 2022 14:51:19 +0000
ROA not before: Tue 22 Feb 2022 14:51:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.68.0/22 maxlen: 22
62.104.72.0/21 maxlen: 21
62.104.80.0/21 maxlen: 21
62.104.88.0/21 maxlen: 21
194.97.160.0/19 maxlen: 19
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
62.104.28.0/22 maxlen: 22
194.97.96.0/19 maxlen: 19
62.104.32.0/21 maxlen: 21
62.104.40.0/22 maxlen: 22
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/21 maxlen: 21
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
62.104.184.0/22 maxlen: 22
62.104.188.0/23 maxlen: 23
62.104.130.0/23 maxlen: 23
62.104.132.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
62.104.136.0/21 maxlen: 21
62.104.144.0/22 maxlen: 22
62.104.156.0/22 maxlen: 22
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.27.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893904608 (0x3547e6e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 22 14:51:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=437c9a4304282f9de961c8189aa780b8e9c75db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:fa:25:fa:a1:f5:77:06:c2:59:57:e7:cc:
8e:6a:4d:ff:78:d5:73:a3:8d:41:1b:37:27:4a:f2:
52:93:d2:b9:72:a5:56:d2:d7:c4:ba:c9:a8:9f:e7:
70:99:48:f1:e2:a1:de:b7:e0:af:2b:64:bc:4b:d7:
6f:63:9a:f3:05:0a:83:03:ea:aa:37:88:ec:ac:a0:
f1:e9:a5:1b:ac:ac:f4:cb:6c:95:d7:56:89:c3:1a:
75:34:25:19:e7:a6:fd:86:fb:8f:d0:3c:66:16:f3:
72:8a:eb:2e:08:c8:57:09:ec:a9:97:3e:b0:2b:29:
79:79:67:f2:f6:1b:65:da:1a:6c:26:14:ef:f0:8b:
98:43:bb:3a:71:74:0e:65:dc:5e:80:c6:cb:98:7a:
4f:7c:20:b0:4d:da:86:04:cd:2b:0b:29:52:25:ea:
72:c0:83:b0:2b:c9:16:68:6f:f5:3f:89:2b:55:8b:
93:7a:7b:0c:bc:53:48:3d:64:21:2d:4e:36:b7:25:
50:11:3e:f3:03:53:a5:7d:71:4a:34:d8:e9:d2:ac:
bc:ea:67:b1:e4:f0:45:05:23:5a:6a:8d:6a:1c:75:
ee:53:5c:88:ec:86:f5:58:7b:4f:3f:87:72:10:b4:
40:cf:41:7d:2b:55:c0:36:8a:66:ff:a4:ba:b0:de:
df:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7C:9A:43:04:28:2F:9D:E9:61:C8:18:9A:A7:80:B8:E9:C7:5D:B7
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/Q3yaQwQoL53pYcgYmqeAuOnHXbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
26:7f:c8:d8:48:ec:52:7e:a5:1f:d4:b0:86:78:68:41:96:5a:
35:52:7e:b4:5e:cc:f9:6f:dd:c8:39:c4:d2:c7:20:e0:c3:69:
a3:64:07:b8:e6:da:ed:e0:94:7c:d3:39:31:16:15:8b:a0:69:
b7:79:68:db:e3:63:64:b2:8d:d9:48:44:ca:de:4a:0b:ec:45:
ef:fd:39:4a:8c:af:47:e6:eb:15:4f:76:47:1e:c5:48:95:ed:
c6:b6:63:8d:78:19:20:e7:8a:2c:8d:5a:b8:65:fe:6c:de:e3:
c4:25:be:25:b8:0e:d0:86:0d:5c:de:d3:91:7c:ff:ef:17:ec:
02:e7:7f:fb:66:59:ea:97:d6:35:a6:04:6c:01:27:aa:70:f4:
0e:bb:ba:05:4c:92:04:92:e6:0d:57:f4:68:30:e8:f1:27:97:
98:92:26:7c:8b:5f:95:a4:7d:ef:d4:34:a2:11:4e:c0:1c:83:
26:18:57:24:38:40:8f:fa:fd:06:60:5c:83:23:5e:49:46:1d:
91:ba:25:c1:59:43:33:b4:96:12:61:4f:d2:97:30:aa:aa:7e:
8d:95:37:07:89:44:ea:ce:ca:9c:db:40:f0:d5:96:a2:1c:6b:
44:06:2c:d2:53:c1:04:24:88:78:6f:7b:15:6d:21:f5:13:4a:
40:2d:0d:a6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENUfm4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjgwMTk4NGNjMzhmMGE0ZmM1YWZlMWFkZWFiNjgwYzFiODllOTViMB4XDTIyMDIy
MjE0NTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM3YzlhNDMwNDI4
MmY5ZGU5NjFjODE4OWFhNzgwYjhlOWM3NWRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9l+iX6ofV3BsJZV+fMjmpN/3jVc6ONQRs3J0ryUpPSuXKl
VtLXxLrJqJ/ncJlI8eKh3rfgrytkvEvXb2Oa8wUKgwPqqjeI7Kyg8emlG6ys9Mts
lddWicMadTQlGeem/Yb7j9A8ZhbzcorrLgjIVwnsqZc+sCspeXln8vYbZdoabCYU
7/CLmEO7OnF0DmXcXoDGy5h6T3wgsE3ahgTNKwspUiXqcsCDsCvJFmhv9T+JK1WL
k3p7DLxTSD1kIS1ONrclUBE+8wNTpX1xSjTY6dKsvOpnseTwRQUjWmqNahx17lNc
iOyG9Vh7Tz+HchC0QM9BfStVwDaKZv+kurDe3+UCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRDfJpDBCgvnelhyBiap4C46cddtzAfBgNVHSMEGDAWgBSvgBmEzDjwpPxa
/hreq2gMG4npWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I0QVpoTXc0OEtUOFd2NGEzcXRvREJ1SjZWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8x
L1EzeWFRd1FvTDUzcFljZ1ltcWVBdU9uSFhiYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8xL3I0QVpoTXc0OEtU
OFd2NGEzcXRvREJ1SjZWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMDAD5oAwMDWTADBAbCYQADBAXCYWAw
CwMEBcJhoAMDAcJgAwMAwwQwDQQCAAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQAD
ggEBACZ/yNhI7FJ+pR/UsIZ4aEGWWjVSfrRezPlv3cg5xNLHIODDaaNkB7jm2u3g
lHzTOTEWFYugabd5aNvjY2SyjdlIRMreSgvsRe/9OUqMr0fm6xVPdkcexUiV7ca2
Y414GSDniiyNWrhl/mze48QlviW4DtCGDVze05F8/+8X7ALnf/tmWeqX1jWmBGwB
J6pw9A67ugVMkgSS5g1X9Ggw6PEnl5iSJnyLX5Wkfe/UNKIRTsAcgyYYVyQ4QI/6
/QZgXIMjXklGHZG6JcFZQzO0lhJhT9KXMKqqfo2VNweJROrOypzbQPDVlqIca0QG
LNJTwQQkiHhvexVtIfUTSkAtDaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org