Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/kQ7yD_SFJHyVXsCShKRwhMVfvuQ.roa
File: kQ7yD_SFJHyVXsCShKRwhMVfvuQ.roa (raw, json)
Hash identifier: bjQcwuFqIaZtKph9iV/JpXApdxZaWoWhXLHSXgmSFvY=
Subject key identifier: 91:0E:F2:0F:F4:85:24:7C:95:5E:C0:92:84:A4:70:84:C5:5F:BE:E4
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0187988F0180FFE2B64DB6B5ACE6BB07E2C5
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/kQ7yD_SFJHyVXsCShKRwhMVfvuQ.roa
Signing time: Wed 19 Apr 2023 08:08:41 +0000
ROA not before: Wed 19 Apr 2023 08:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.120.0/23 maxlen: 23
194.97.119.0/24 maxlen: 24
194.97.122.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.18.0/24 maxlen: 24
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.6.0/24 maxlen: 24
195.4.0.0/16 maxlen: 16
195.4.12.0/23 maxlen: 23
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:8f:01:80:ff:e2:b6:4d:b6:b5:ac:e6:bb:07:e2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 19 08:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=910ef20ff485247c955ec09284a47084c55fbee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:05:3c:74:06:4d:a6:9c:ee:5f:d3:4f:99:06:
6f:0e:01:31:1a:72:38:95:64:f5:4e:7c:85:f6:37:
33:85:de:18:22:47:c6:2e:56:dc:8a:c5:10:1a:73:
46:03:05:88:6b:3f:87:d1:42:a8:3a:eb:3b:fe:4d:
11:7a:73:c1:86:db:42:5a:18:94:80:b2:6f:f0:46:
e6:72:50:d7:6c:be:12:fd:dc:dc:cf:ef:1e:d9:1c:
fb:ed:f2:7e:06:58:1f:26:84:d4:c4:7d:a7:55:fc:
1f:4e:00:5c:4e:d0:07:8a:67:c8:31:cb:17:76:20:
a5:06:0a:b0:22:8c:5a:cb:f7:a8:8c:46:7e:9d:1e:
a6:bd:59:ac:c1:19:5d:fe:19:24:fb:3a:d3:d7:7c:
18:c4:62:66:c6:6d:33:a6:e8:04:70:12:7d:03:80:
fa:e4:7f:4d:ea:5f:09:5f:d2:01:4f:06:59:3a:1c:
ec:18:7d:c2:ad:cd:b3:96:60:75:fb:af:31:9f:94:
86:b4:27:8b:7a:5d:e7:6b:7f:a4:c2:18:95:f2:4f:
67:99:57:a9:d0:62:85:eb:ac:66:3f:30:d5:1a:15:
61:22:ab:79:23:52:b9:a3:64:e4:cb:ac:10:98:29:
ed:a7:58:70:0e:11:ff:54:72:21:7a:ca:4d:c8:73:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0E:F2:0F:F4:85:24:7C:95:5E:C0:92:84:A4:70:84:C5:5F:BE:E4
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/kQ7yD_SFJHyVXsCShKRwhMVfvuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
53:7f:16:03:0d:77:7e:de:a6:d7:2f:6b:c8:54:7e:bc:c0:f7:
0e:bf:66:b6:ba:6b:af:52:17:c5:0e:dd:d4:66:9b:5f:3e:42:
41:62:e2:f6:41:d7:01:c4:ab:63:4f:cf:e3:97:ac:c2:c4:a3:
b1:31:bb:71:0d:02:8d:e3:e6:bc:46:e6:d3:6a:a2:1d:96:a6:
ea:af:46:5d:90:46:1f:71:38:09:96:f5:b6:78:db:cb:45:25:
2b:09:dc:97:5d:e5:ec:af:bf:e4:bb:65:03:7c:81:36:f9:cf:
78:9c:6f:32:0f:8c:f7:1f:30:96:67:6d:99:66:6c:0a:37:20:
dd:4c:1f:07:77:f1:91:3e:1c:26:1b:37:f3:e1:00:e0:a8:15:
e0:50:6e:9c:a2:c1:eb:57:71:b5:96:d9:c1:9a:69:89:c3:e7:
ca:c2:5a:39:be:71:fa:af:02:a7:cf:d0:97:39:9e:48:94:6f:
28:19:77:37:6c:3c:57:0d:b9:03:a1:8a:bd:d9:15:90:9f:7a:
dd:74:88:9c:18:17:17:e3:9f:e6:d8:99:11:44:24:67:10:05:
3d:c8:a3:7a:fb:4e:9c:bd:1a:80:cd:20:39:32:58:87:15:b7:
d7:6e:a4:d0:74:db:c9:0a:f2:e2:2c:cf:85:55:a2:20:38:cd:
78:91:71:eb
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYeYjwGA/+K2Tba1rOa7B+LFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwNDE5MDgwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBlZjIwZmY0ODUyNDdjOTU1ZWMwOTI4NGE0NzA4NGM1NWZiZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAU8dAZNppzuX9NPmQZvDgExGnI4
lWT1TnyF9jczhd4YIkfGLlbcisUQGnNGAwWIaz+H0UKoOus7/k0RenPBhttCWhiU
gLJv8EbmclDXbL4S/dzcz+8e2Rz77fJ+BlgfJoTUxH2nVfwfTgBcTtAHimfIMcsX
diClBgqwIoxay/eojEZ+nR6mvVmswRld/hkk+zrT13wYxGJmxm0zpugEcBJ9A4D6
5H9N6l8JX9IBTwZZOhzsGH3Crc2zlmB1+68xn5SGtCeLel3na3+kwhiV8k9nmVep
0GKF66xmPzDVGhVhIqt5I1K5o2Tky6wQmCntp1hwDhH/VHIhespNyHOdAQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFJEO8g/0hSR8lV7AkoSkcITFX77kMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEva1E3eURfU0ZKSHlWWHNDU2hLUndoTVZmdnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAU38WAw13ft6m1y9ryFR+vMD3Dr9mtrprr1IXxQ7d
1GabXz5CQWLi9kHXAcSrY0/P45eswsSjsTG7cQ0CjePmvEbm02qiHZam6q9GXZBG
H3E4CZb1tnjby0UlKwncl13l7K+/5LtlA3yBNvnPeJxvMg+M9x8wlmdtmWZsCjcg
3UwfB3fxkT4cJhs38+EA4KgV4FBunKLB61dxtZbZwZppicPnysJaOb5x+q8Cp8/Q
lzmeSJRvKBl3N2w8Vw25A6GKvdkVkJ963XSInBgXF+Of5tiZEUQkZxAFPcijevtO
nL0agM0gOTJYhxW3126k0HTbyQry4izPhVWiIDjNeJFx6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org