Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/x3doXCP-ksKSYnWVwzzv5GCt214.roa
File: x3doXCP-ksKSYnWVwzzv5GCt214.roa (raw, json)
Hash identifier: h0CYS2yNrDePGwKBZNIE7MytVreSTiH21yHP32aTzqw=
Subject key identifier: C7:77:68:5C:23:FE:92:C2:92:62:75:95:C3:3C:EF:E4:60:AD:DB:5E
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0181E20C920E2989EE804022425988F77814
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/x3doXCP-ksKSYnWVwzzv5GCt214.roa
Signing time: Sat 09 Jul 2022 08:21:23 +0000
ROA not before: Sat 09 Jul 2022 08:21:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
194.97.160.0/19 maxlen: 19
62.104.95.0/24 maxlen: 24
62.104.96.0/22 maxlen: 22
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
194.97.96.0/19 maxlen: 19
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e2:0c:92:0e:29:89:ee:80:40:22:42:59:88:f7:78:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jul 9 08:21:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c777685c23fe92c292627595c33cefe460addb5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:86:12:85:30:df:62:66:f7:05:c2:bd:8f:01:
e1:67:a7:60:97:a4:0a:99:f3:e8:90:9a:6f:c1:13:
8b:2d:64:5e:f0:c0:01:78:fd:69:89:ab:bc:31:59:
78:f3:e6:9f:67:98:7e:a1:1c:b3:96:c9:de:84:4d:
28:c6:fa:51:c6:52:29:f1:c5:65:d8:0e:e3:ee:b5:
90:46:7a:96:cd:d4:f4:70:85:5f:0c:f6:6a:ab:6d:
e1:e8:58:d0:a0:85:e1:34:8a:9e:14:3e:b3:e4:81:
26:dc:a7:f2:29:39:09:97:fd:78:9f:de:7e:d3:be:
91:2f:b3:05:59:a4:b8:af:15:f3:93:83:ca:25:41:
66:24:d5:a3:ff:c8:e9:9a:c9:44:49:a4:f5:d3:bd:
23:e6:f5:6b:bf:d0:00:3f:f9:ca:ba:d5:89:58:be:
de:1f:4e:73:16:a2:40:68:f1:72:ed:8f:e4:6e:0c:
b8:49:2f:e5:a6:50:11:b7:85:99:e6:56:4d:94:45:
e7:cb:8d:f5:ea:1c:85:f7:b5:f5:58:97:5a:ea:d7:
62:50:29:0d:04:40:f6:67:52:87:3d:a8:8b:0b:f4:
3b:cc:d6:2d:bd:7e:49:fb:57:a0:09:5c:f5:e7:64:
f8:48:1d:05:48:24:d7:bb:34:08:62:f2:75:8c:2c:
6e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:77:68:5C:23:FE:92:C2:92:62:75:95:C3:3C:EF:E4:60:AD:DB:5E
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/x3doXCP-ksKSYnWVwzzv5GCt214.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
26:bd:5b:96:35:bf:8b:e6:1d:72:12:5e:78:50:a3:79:3a:a1:
98:67:c3:2e:3d:b7:55:14:f8:8f:0f:5c:fc:7f:34:13:47:b6:
25:b4:8a:fa:b0:9c:c8:d3:f1:4d:49:37:3b:57:93:b2:05:ba:
9c:e4:33:43:8f:65:01:b0:1f:5c:13:f9:3d:e6:ca:87:61:78:
8b:23:7a:c7:c1:76:3d:aa:dc:d1:75:ab:5d:0a:1c:f4:33:c5:
ef:35:ff:0c:b8:c8:e9:ec:23:25:2a:53:18:26:28:0c:c3:c8:
ed:4d:c0:03:63:45:4b:1f:6a:a2:c6:a1:4b:33:d5:1f:57:88:
be:bd:04:db:ff:d6:d3:3e:17:63:f4:c2:ae:0b:3c:db:99:3e:
57:38:d9:e0:e1:e5:a4:d9:de:50:81:04:ba:44:27:c5:a5:ef:
80:52:47:3b:02:5b:bc:6a:8e:11:18:e0:b1:c9:2c:c4:48:0e:
98:39:6a:4b:c6:0b:3a:f8:ee:f2:fe:64:ed:6f:51:4c:5c:0e:
c8:83:3a:14:e1:68:94:c1:07:3e:16:8c:80:d3:68:13:c8:35:
e9:b4:e1:67:db:f1:06:66:ea:ff:c0:a9:5d:22:df:78:13:7d:
2b:99:ff:3c:27:80:7f:2b:e9:56:7c:4f:f9:3f:4e:bf:70:40:
93:d2:0b:62
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYHiDJIOKYnugEAiQlmI93gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjIwNzA5MDgyMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzc3Njg1YzIzZmU5MmMyOTI2Mjc1OTVjMzNjZWZlNDYwYWRkYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYYShTDfYmb3BcK9jwHhZ6dgl6QK
mfPokJpvwROLLWRe8MABeP1piau8MVl48+afZ5h+oRyzlsnehE0oxvpRxlIp8cVl
2A7j7rWQRnqWzdT0cIVfDPZqq23h6FjQoIXhNIqeFD6z5IEm3KfyKTkJl/14n95+
076RL7MFWaS4rxXzk4PKJUFmJNWj/8jpmslESaT1070j5vVrv9AAP/nKutWJWL7e
H05zFqJAaPFy7Y/kbgy4SS/lplARt4WZ5lZNlEXny4316hyF97X1WJda6tdiUCkN
BED2Z1KHPaiLC/Q7zNYtvX5J+1egCVz152T4SB0FSCTXuzQIYvJ1jCxuCwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFMd3aFwj/pLCkmJ1lcM87+RgrdteMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEveDNkb1hDUC1rc0tTWW5XVnd6enY1R0N0MjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYDALAwQFwmGgAwMBwmADAwDDBDANBAIAAjAHAwUAIAEHSDAN
BgkqhkiG9w0BAQsFAAOCAQEAJr1bljW/i+YdchJeeFCjeTqhmGfDLj23VRT4jw9c
/H80E0e2JbSK+rCcyNPxTUk3O1eTsgW6nOQzQ49lAbAfXBP5PebKh2F4iyN6x8F2
Parc0XWrXQoc9DPF7zX/DLjI6ewjJSpTGCYoDMPI7U3AA2NFSx9qosahSzPVH1eI
vr0E2//W0z4XY/TCrgs825k+VzjZ4OHlpNneUIEEukQnxaXvgFJHOwJbvGqOERjg
scksxEgOmDlqS8YLOvju8v5k7W9RTFwOyIM6FOFolMEHPhaMgNNoE8g16bThZ9vx
Bmbq/8CpXSLfeBN9K5n/PCeAfyvpVnxP+T9Ov3BAk9ILYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org