Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/VEqx4VUkfxponONiyPweJPbnHG8.roa
File: VEqx4VUkfxponONiyPweJPbnHG8.roa (raw, json)
Hash identifier: Ozewb60tbyL1ugFzvITkO1lO8STydJzTODPavX7c/lI=
Subject key identifier: 54:4A:B1:E1:55:24:7F:1A:68:9C:E3:62:C8:FC:1E:24:F6:E7:1C:6F
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0186971D9C91F4A95010B828ACA364C2D22B
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/VEqx4VUkfxponONiyPweJPbnHG8.roa
Signing time: Tue 28 Feb 2023 08:22:25 +0000
ROA not before: Tue 28 Feb 2023 08:22:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/22 maxlen: 22
62.104.96.0/21 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
62.104.18.0/24 maxlen: 24
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:1d:9c:91:f4:a9:50:10:b8:28:ac:a3:64:c2:d2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 28 08:22:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=544ab1e155247f1a689ce362c8fc1e24f6e71c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:ca:75:19:1a:0f:75:31:3c:81:ee:be:d5:
64:8c:5d:d9:56:c6:2e:da:3d:59:0a:06:9d:57:91:
d1:aa:89:2b:7d:fe:41:7f:77:4b:d5:b0:f0:74:97:
ee:a5:68:47:00:e4:41:a4:f5:f8:31:0a:8b:7c:f3:
6b:e2:b6:86:a6:aa:4e:1e:ed:e0:3c:2d:9b:5d:66:
3e:86:d2:54:56:80:0b:b9:26:cc:fb:61:18:c3:5b:
06:cf:55:ed:64:8b:1e:2e:73:3a:c3:fe:d2:35:d1:
1a:97:e0:3f:f6:fb:b6:93:53:04:b1:b1:1f:fb:c3:
ef:8a:32:1c:95:44:30:a3:f6:42:34:5b:21:f3:33:
92:8e:8f:13:fc:6b:0d:9d:9e:17:c1:2a:ac:90:13:
a6:fc:9a:c1:a7:a9:10:08:6a:ae:61:da:3f:35:7a:
f9:fe:ed:6a:44:4a:a3:0f:64:3b:59:b5:1d:06:88:
a3:8e:48:0c:c5:ed:72:a7:a4:af:6f:81:7b:d8:bd:
25:61:b4:a3:12:17:06:af:d7:81:c2:a3:4f:95:7b:
b8:29:ee:77:18:f6:e8:df:70:82:4c:1e:a9:32:70:
0d:a6:bb:44:03:df:39:e2:b8:a8:26:92:d3:1f:ad:
79:76:63:20:37:43:e8:b5:d1:04:6a:e7:02:1e:1e:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4A:B1:E1:55:24:7F:1A:68:9C:E3:62:C8:FC:1E:24:F6:E7:1C:6F
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/VEqx4VUkfxponONiyPweJPbnHG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
92:c6:c0:48:f1:1f:ca:b2:67:0b:55:74:75:a0:c8:6c:ac:81:
84:b9:fc:26:63:73:c7:f0:81:47:b5:24:b8:43:47:a5:a1:92:
49:9e:e3:6b:35:4c:01:12:8e:97:38:06:ab:85:75:9b:9c:db:
7f:55:c3:1f:8b:2c:e6:7e:e6:b3:af:b7:d8:37:57:e5:55:a5:
af:b3:00:a9:38:05:06:26:9e:9b:08:ac:b2:48:75:20:4a:c5:
06:a7:c3:b6:c1:70:aa:50:b1:ee:71:6c:92:25:c0:a8:fd:f9:
b4:13:f9:31:04:7a:f7:ab:86:b2:b3:3e:8f:9e:ac:67:06:b0:
88:c9:e0:27:80:6a:90:23:20:48:6e:89:2c:af:3e:06:ba:9a:
cb:49:1d:70:f0:c8:51:f5:cb:e7:cd:c0:78:2f:a1:c6:40:d5:
d0:b5:8e:9d:5b:bc:2a:34:bb:12:93:60:c7:cf:8c:34:8e:2b:
ed:b7:d3:f8:c1:d4:25:1f:3c:d9:34:69:22:1e:9e:d8:7a:88:
3f:99:ab:3b:ce:ef:b4:d4:f0:da:8b:f4:53:1f:40:11:1f:f7:
54:2a:45:60:da:a2:ff:6e:b9:77:84:77:c2:20:b3:a2:99:6d:
b0:d3:2f:42:8e:d2:15:51:78:04:ed:b0:7e:5c:4a:5b:e0:23:
e4:ff:5d:b9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYaXHZyR9KlQELgorKNkwtIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwMjI4MDgyMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDRhYjFlMTU1MjQ3ZjFhNjg5Y2UzNjJjOGZjMWUyNGY2ZTcxYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFLKdRkaD3UxPIHuvtVkjF3ZVsYu
2j1ZCgadV5HRqokrff5Bf3dL1bDwdJfupWhHAORBpPX4MQqLfPNr4raGpqpOHu3g
PC2bXWY+htJUVoALuSbM+2EYw1sGz1XtZIseLnM6w/7SNdEal+A/9vu2k1MEsbEf
+8PvijIclUQwo/ZCNFsh8zOSjo8T/GsNnZ4XwSqskBOm/JrBp6kQCGquYdo/NXr5
/u1qREqjD2Q7WbUdBoijjkgMxe1yp6Svb4F72L0lYbSjEhcGr9eBwqNPlXu4Ke53
GPbo33CCTB6pMnANprtEA9854rioJpLTH615dmMgN0PotdEEaucCHh5FvQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFRKseFVJH8aaJzjYsj8HiT25xxvMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvVkVxeDRWVWtmeHBvbk9OaXlQd2VKUGJuSEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAksbASPEfyrJnC1V0daDIbKyBhLn8JmNzx/CBR7Uk
uENHpaGSSZ7jazVMARKOlzgGq4V1m5zbf1XDH4ss5n7ms6+32DdX5VWlr7MAqTgF
Biaemwisskh1IErFBqfDtsFwqlCx7nFskiXAqP35tBP5MQR696uGsrM+j56sZwaw
iMngJ4BqkCMgSG6JLK8+Brqay0kdcPDIUfXL583AeC+hxkDV0LWOnVu8KjS7EpNg
x8+MNI4r7bfT+MHUJR882TRpIh6e2HqIP5mrO87vtNTw2ov0Ux9AER/3VCpFYNqi
/265d4R3wiCzopltsNMvQo7SFVF4BO2wflxKW+Aj5P9duQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org