Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/QUoSMKQlkp0nvHDXCQNH_eujADA.roa
File: QUoSMKQlkp0nvHDXCQNH_eujADA.roa (raw, json)
Hash identifier: ggKK7eF5736XbJXJ0hsQysA7yMB9HTWfEjdQ+raLm3o=
Subject key identifier: 41:4A:12:30:A4:25:92:9D:27:BC:70:D7:09:03:47:FD:EB:A3:00:30
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018EC79CE6963FAEFF62A41CDAEBC8DD53AB
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/QUoSMKQlkp0nvHDXCQNH_eujADA.roa
Signing time: Wed 10 Apr 2024 10:45:32 +0000
ROA not before: Wed 10 Apr 2024 10:45:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.182.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
89.49.126.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.0.0/17 maxlen: 17
195.4.6.0/24 maxlen: 24
195.4.12.0/23 maxlen: 23
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 21
195.4.176.0/24 maxlen: 24
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:9c:e6:96:3f:ae:ff:62:a4:1c:da:eb:c8:dd:53:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 10 10:45:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=414a1230a425929d27bc70d7090347fdeba30030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:06:d1:8f:53:0d:f6:15:ea:be:a8:87:72:
af:f1:72:95:73:25:47:bd:cf:79:0b:e7:99:e5:99:
ca:fa:51:32:45:ea:7d:2a:6f:96:10:2f:35:85:e7:
fb:0e:87:96:56:ed:ea:03:e3:cd:b8:7f:ca:25:12:
2c:b2:be:72:c3:50:4b:e5:ea:c7:75:f2:ac:26:33:
0c:09:4f:cc:54:82:4c:90:7f:50:da:0c:78:b6:14:
ea:02:8a:e3:ca:46:37:b9:4d:13:0f:25:22:a7:ef:
1d:ce:88:d6:cb:e7:1d:0d:d2:76:cc:a6:61:d6:5e:
1b:04:34:f8:02:92:43:88:73:66:2a:ee:d8:01:22:
55:b6:c0:96:79:40:8b:e7:77:5b:d3:fc:e5:33:7b:
97:18:ff:8e:1c:d3:b3:18:ab:ed:9a:7f:6a:a9:97:
53:6c:f8:71:1f:00:46:d6:6d:c6:54:0d:15:77:e9:
94:b3:3a:1d:33:62:f0:af:26:3d:b8:e8:40:89:5b:
0d:e3:10:ba:bb:d5:cd:a3:c7:91:88:66:a3:59:70:
79:59:37:6c:47:59:a7:90:c3:86:03:68:75:0b:28:
a0:9d:93:d9:c4:a7:d3:60:56:10:d0:22:f7:1b:eb:
e5:bb:dd:d2:87:68:7e:51:00:91:65:26:05:10:93:
3d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:4A:12:30:A4:25:92:9D:27:BC:70:D7:09:03:47:FD:EB:A3:00:30
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/QUoSMKQlkp0nvHDXCQNH_eujADA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
9e:6e:4d:ea:f6:3b:c5:e0:64:0d:50:5f:44:aa:ca:7b:9d:e8:
cc:57:78:a3:3d:6b:a8:8a:8d:81:57:b7:8e:7c:93:ed:6e:06:
b0:55:60:fc:f1:75:ee:5d:1e:59:74:24:27:d7:51:56:12:6e:
8e:f6:95:45:88:48:f8:0e:17:10:74:9a:42:75:9f:a6:be:92:
ff:f2:cd:97:6a:35:17:86:cd:be:8e:f5:d0:02:d9:51:e6:00:
5b:d2:64:6e:08:13:a7:be:2c:9a:a3:a3:dd:e9:f2:31:a1:33:
e9:99:fc:89:87:d4:52:82:b2:41:0b:0b:33:fd:43:41:e5:25:
a4:f6:d4:d6:22:41:bb:45:22:e2:65:ba:41:13:2a:d7:95:8d:
54:04:3b:f0:cd:cc:0f:69:85:f5:f1:76:7f:9f:ce:0a:13:c7:
38:93:51:5d:15:52:57:bc:1a:39:1f:58:79:13:af:50:bc:13:
ad:e9:79:8c:59:d9:25:9d:47:eb:76:29:cf:c2:a2:34:43:f0:
ea:6a:a3:ef:b6:ac:19:c2:b6:7b:e2:1a:f0:79:3c:c2:51:8c:
2e:e5:67:cb:91:72:79:86:2d:2d:d7:d0:aa:3e:ec:40:43:b4:
05:e5:30:54:1e:38:44:5a:05:98:b2:52:fe:6b:22:df:97:06:
ad:67:62:56
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY7HnOaWP67/YqQc2uvI3VOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNDEwMTA0NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTRhMTIzMGE0MjU5MjlkMjdiYzcwZDcwOTAzNDdmZGViYTMwMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7QG0Y9TDfYV6r6oh3Kv8XKVcyVH
vc95C+eZ5ZnK+lEyRep9Km+WEC81hef7DoeWVu3qA+PNuH/KJRIssr5yw1BL5erH
dfKsJjMMCU/MVIJMkH9Q2gx4thTqAorjykY3uU0TDyUip+8dzojWy+cdDdJ2zKZh
1l4bBDT4ApJDiHNmKu7YASJVtsCWeUCL53db0/zlM3uXGP+OHNOzGKvtmn9qqZdT
bPhxHwBG1m3GVA0Vd+mUszodM2LwryY9uOhAiVsN4xC6u9XNo8eRiGajWXB5WTds
R1mnkMOGA2h1CyignZPZxKfTYFYQ0CL3G+vlu93Sh2h+UQCRZSYFEJM9dQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFEFKEjCkJZKdJ7xw1wkDR/3rowAwMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvUVVvU01LUWxrcDBudkhEWENRTkhfZXVqQURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAnm5N6vY7xeBkDVBfRKrKe53ozFd4oz1rqIqNgVe3
jnyT7W4GsFVg/PF17l0eWXQkJ9dRVhJujvaVRYhI+A4XEHSaQnWfpr6S//LNl2o1
F4bNvo710ALZUeYAW9JkbggTp74smqOj3enyMaEz6Zn8iYfUUoKyQQsLM/1DQeUl
pPbU1iJBu0Ui4mW6QRMq15WNVAQ78M3MD2mF9fF2f5/OChPHOJNRXRVSV7waOR9Y
eROvULwTrel5jFnZJZ1H63Ypz8KiNEPw6mqj77asGcK2e+Ia8Hk8wlGMLuVny5Fy
eYYtLdfQqj7sQEO0BeUwVB44RFoFmLJS/msi35cGrWdiVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org