Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/pbYKl_6Tp2q-wmYk12YBXO_PTlo.roa
File: pbYKl_6Tp2q-wmYk12YBXO_PTlo.roa (raw, json)
Hash identifier: eeVvQrFBHhvGO8qzV8GhMJWdLteF15Pm4doCXbHUKIU=
Subject key identifier: A5:B6:0A:97:FE:93:A7:6A:BE:C2:66:24:D7:66:01:5C:EF:CF:4E:5A
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01869377D51645A30F581827C3306DC6A9B9
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/pbYKl_6Tp2q-wmYk12YBXO_PTlo.roa
Signing time: Mon 27 Feb 2023 15:22:29 +0000
ROA not before: Mon 27 Feb 2023 15:22:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.102.0/24 maxlen: 24
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:93:77:d5:16:45:a3:0f:58:18:27:c3:30:6d:c6:a9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 27 15:22:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b60a97fe93a76abec26624d766015cefcf4e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:22:02:c8:b8:c3:6d:6e:cf:0a:10:93:c5:81:
2c:43:5d:42:fc:7b:e4:c5:48:e3:a0:8a:7a:44:bf:
0f:c2:51:87:ea:65:ac:ec:90:8d:b8:ba:05:74:ba:
dc:f2:fd:67:35:a0:11:92:d7:45:1c:ea:7f:0e:b3:
a9:87:53:2b:89:da:15:14:b4:21:87:f8:cf:7b:76:
cd:92:bc:bb:24:24:ce:59:ab:c0:54:96:ff:9b:9d:
66:c6:4c:9c:07:44:95:09:d0:27:14:af:47:fd:89:
64:78:9a:5b:6f:11:88:69:8f:64:b5:ac:c5:f1:d0:
35:00:78:b8:ed:1c:3b:58:32:2b:e2:0b:b8:5e:5b:
0c:67:78:bb:1b:f6:72:e9:81:79:ea:04:ed:f1:a7:
cd:0c:53:d1:d4:9e:66:31:11:78:1e:ea:ad:31:61:
5e:15:f2:51:b1:79:37:b2:fc:0a:29:b9:9c:8a:9d:
e5:95:f7:11:16:91:ff:bb:06:1c:03:94:87:97:66:
67:1d:33:7a:0f:c9:bf:ce:be:0d:c6:f0:2b:6c:6f:
d5:4e:45:65:03:fc:ef:28:1e:d1:76:58:3d:94:d6:
65:ab:06:2d:14:8d:58:db:29:af:aa:35:a9:56:5e:
b3:ff:d7:bd:41:77:8b:23:91:7d:91:82:2b:43:eb:
9f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B6:0A:97:FE:93:A7:6A:BE:C2:66:24:D7:66:01:5C:EF:CF:4E:5A
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/pbYKl_6Tp2q-wmYk12YBXO_PTlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
3c:8a:de:73:c4:95:cb:4d:04:6c:6e:3d:1d:4c:29:e3:75:f3:
4a:f4:bc:3d:fb:ca:af:69:36:70:ae:03:f5:86:87:4b:c0:27:
57:75:c2:af:56:19:26:f8:ca:48:bc:b5:18:10:a9:85:c4:0d:
c7:47:9a:4a:e8:ad:75:ba:b5:ee:51:c7:eb:53:13:13:32:04:
05:24:79:e7:ac:3d:3c:c5:6e:e7:22:b8:37:81:7b:36:e9:5c:
22:00:5e:af:ef:70:2a:40:51:32:c8:9a:60:88:fa:31:b8:5d:
e0:40:4d:1d:97:20:ca:56:66:10:5a:cd:52:d6:b6:66:65:e0:
95:a8:d3:6a:2f:a5:50:6a:6e:1f:c8:9c:85:68:f7:2e:8a:50:
2a:f9:e7:c3:4f:d5:46:e1:d4:f1:18:e8:a0:de:0f:39:6d:30:
69:f2:4d:d5:33:e8:e4:08:e4:3d:e1:76:49:13:b4:4d:8c:89:
0e:9c:bc:cb:93:56:0c:33:d2:92:76:03:63:8d:9f:0c:86:27:
cb:f9:3f:fc:53:74:85:ba:a4:8e:0a:5d:25:f6:ea:ec:76:13:
18:ae:10:82:4b:f1:d9:e5:4a:0e:89:a5:78:b2:68:90:fa:23:
f7:2a:af:53:d2:39:21:02:b1:5d:38:cf:20:5c:a1:5e:54:0c:
9d:5d:2e:e9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYaTd9UWRaMPWBgnwzBtxqm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjMwMjI3MTUyMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI2MGE5N2ZlOTNhNzZhYmVjMjY2MjRkNzY2MDE1Y2VmY2Y0ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CICyLjDbW7PChCTxYEsQ11C/Hvk
xUjjoIp6RL8PwlGH6mWs7JCNuLoFdLrc8v1nNaARktdFHOp/DrOph1MridoVFLQh
h/jPe3bNkry7JCTOWavAVJb/m51mxkycB0SVCdAnFK9H/YlkeJpbbxGIaY9ktazF
8dA1AHi47Rw7WDIr4gu4XlsMZ3i7G/Zy6YF56gTt8afNDFPR1J5mMRF4HuqtMWFe
FfJRsXk3svwKKbmcip3llfcRFpH/uwYcA5SHl2ZnHTN6D8m/zr4NxvArbG/VTkVl
A/zvKB7Rdlg9lNZlqwYtFI1Y2ymvqjWpVl6z/9e9QXeLI5F9kYIrQ+ufSwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKW2Cpf+k6dqvsJmJNdmAVzvz05aMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvcGJZS2xfNlRwMnEtd21ZazEyWUJYT19QVGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAPIrec8SVy00EbG49HUwp43XzSvS8PfvKr2k2cK4D
9YaHS8AnV3XCr1YZJvjKSLy1GBCphcQNx0eaSuitdbq17lHH61MTEzIEBSR556w9
PMVu5yK4N4F7NulcIgBer+9wKkBRMsiaYIj6Mbhd4EBNHZcgylZmEFrNUta2ZmXg
lajTai+lUGpuH8ichWj3LopQKvnnw0/VRuHU8RjooN4POW0wafJN1TPo5AjkPeF2
SRO0TYyJDpy8y5NWDDPSknYDY42fDIYny/k//FN0hbqkjgpdJfbq7HYTGK4Qgkvx
2eVKDomleLJokPoj9yqvU9I5IQKxXTjPIFyhXlQMnV0u6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org