Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/XWMh7GNTEkhakoY-Rnw-2jlgBYA.roa
File: XWMh7GNTEkhakoY-Rnw-2jlgBYA.roa (raw, json)
Hash identifier: Zihv1gRMlv81g82ShCr2gCY0i6toevOy5g7sE9UmYtA=
Subject key identifier: 5D:63:21:EC:63:53:12:48:5A:92:86:3E:46:7C:3E:DA:39:60:05:80
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01865EA2908E27DC18680C71CC6E27ECAB26
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/XWMh7GNTEkhakoY-Rnw-2jlgBYA.roa
Signing time: Fri 17 Feb 2023 09:09:17 +0000
ROA not before: Fri 17 Feb 2023 09:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:a2:90:8e:27:dc:18:68:0c:71:cc:6e:27:ec:ab:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 17 09:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d6321ec635312485a92863e467c3eda39600580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b9:07:f7:74:cb:92:7d:ce:d2:2e:a2:42:07:
a3:cd:54:d2:a6:5e:cd:42:f3:1a:47:d0:46:f2:c8:
6a:0e:72:7a:27:b7:55:56:22:4c:7c:28:48:82:3a:
73:db:c7:ae:05:bc:17:e5:c9:14:26:d5:a6:f0:07:
a8:46:b8:fa:e5:fb:ab:d4:4d:7c:c0:14:f7:28:ea:
dd:7e:0c:63:5d:83:d7:c3:28:08:3c:db:c8:f7:87:
59:fb:73:e3:9a:54:87:cd:8e:ff:aa:b3:8d:27:8c:
e2:5a:0f:ed:e7:7d:c2:35:e8:cc:b0:fc:e5:d5:df:
4f:1f:97:20:c3:0b:18:71:c8:5a:6a:0a:23:66:fb:
ea:6d:4f:1a:8d:de:7b:8a:f9:d0:f4:cc:3e:70:98:
fb:8c:59:51:ee:1b:e0:e6:7b:20:a5:4f:5a:4f:2c:
d5:da:9a:6c:e5:57:7c:7a:3b:16:c4:3b:14:2e:cb:
1b:70:69:fe:88:b2:ba:2f:9b:84:39:02:a4:fe:64:
b7:69:94:9b:1f:c9:f2:e4:5f:0a:58:18:61:d2:d7:
25:ab:ac:a8:01:dd:78:41:b4:d4:88:e3:52:a9:e9:
11:8c:5d:86:3a:dc:03:cd:f4:fc:3e:3e:8f:09:da:
0f:0a:02:52:a2:9c:b4:67:b4:2a:d5:57:c7:4d:67:
57:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:63:21:EC:63:53:12:48:5A:92:86:3E:46:7C:3E:DA:39:60:05:80
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/XWMh7GNTEkhakoY-Rnw-2jlgBYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
9d:2a:2b:ac:8c:c1:0f:c1:35:78:79:ff:fe:19:b5:7b:78:2c:
48:c6:2a:60:2b:5d:f6:63:6b:df:17:40:5b:93:d8:13:ed:24:
e5:ea:88:50:61:56:32:1d:f2:30:63:99:91:9d:12:66:55:77:
dc:77:d0:4c:f6:65:d0:71:88:68:89:97:1f:0f:89:08:d1:99:
de:45:79:c5:35:c8:4f:14:de:6c:e6:df:df:f4:09:f9:39:8b:
96:ce:88:10:53:f9:33:9a:9d:4a:70:7a:74:10:20:70:b7:58:
f0:7d:43:21:16:be:61:26:52:cd:1b:d7:42:12:71:80:b6:e5:
54:5b:8a:91:de:cd:55:be:ae:2e:40:aa:a5:1a:e4:5e:1e:24:
f2:50:e3:f2:1b:31:7a:72:54:76:ef:55:3f:82:0d:a3:c6:51:
68:3d:bf:97:79:e1:6f:61:ac:43:ae:bd:ad:b9:8c:19:88:80:
0a:ca:bc:33:ea:21:64:e4:8d:91:a8:f2:22:dd:4f:66:f9:fd:
6b:8b:3d:f2:6b:e6:8b:fa:53:29:59:ff:2e:94:37:66:ca:8c:
cf:b3:22:16:ca:2a:0a:ea:01:5d:af:89:e6:e5:f7:37:dd:94:
58:bc:fe:4a:95:d8:06:04:b5:c4:60:32:cb:8c:95:57:53:96:
8a:07:dd:9f
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYZeopCOJ9wYaAxxzG4n7KsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwMjE3MDkwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYzMjFlYzYzNTMxMjQ4NWE5Mjg2M2U0NjdjM2VkYTM5NjAwNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLkH93TLkn3O0i6iQgejzVTSpl7N
QvMaR9BG8shqDnJ6J7dVViJMfChIgjpz28euBbwX5ckUJtWm8AeoRrj65fur1E18
wBT3KOrdfgxjXYPXwygIPNvI94dZ+3PjmlSHzY7/qrONJ4ziWg/t533CNejMsPzl
1d9PH5cgwwsYcchaagojZvvqbU8ajd57ivnQ9Mw+cJj7jFlR7hvg5nsgpU9aTyzV
2pps5Vd8ejsWxDsULssbcGn+iLK6L5uEOQKk/mS3aZSbH8ny5F8KWBhh0tclq6yo
Ad14QbTUiONSqekRjF2GOtwDzfT8Pj6PCdoPCgJSopy0Z7Qq1VfHTWdXBQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFF1jIexjUxJIWpKGPkZ8Pto5YAWAMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvWFdNaDdHTlRFa2hha29ZLVJudy0yamxnQllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAnSorrIzBD8E1eHn//hm1e3gsSMYqYCtd9mNr3xdA
W5PYE+0k5eqIUGFWMh3yMGOZkZ0SZlV33HfQTPZl0HGIaImXHw+JCNGZ3kV5xTXI
TxTebObf3/QJ+TmLls6IEFP5M5qdSnB6dBAgcLdY8H1DIRa+YSZSzRvXQhJxgLbl
VFuKkd7NVb6uLkCqpRrkXh4k8lDj8hsxenJUdu9VP4INo8ZRaD2/l3nhb2GsQ669
rbmMGYiACsq8M+ohZOSNkajyIt1PZvn9a4s98mvmi/pTKVn/LpQ3ZsqMz7MiFsoq
CuoBXa+J5uX3N92UWLz+SpXYBgS1xGAyy4yVV1OWigfdnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org