Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yFJWk8F8wu7dXf-UPfk6oTMFn3s.roa
File: yFJWk8F8wu7dXf-UPfk6oTMFn3s.roa (raw, json)
Hash identifier: eBro7EnYUY6iz6F0eQaJPpFDB2Aa2hhym3enirRxsls=
Subject key identifier: C8:52:56:93:C1:7C:C2:EE:DD:5D:FF:94:3D:F9:3A:A1:33:05:9F:7B
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 3505058C
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yFJWk8F8wu7dXf-UPfk6oTMFn3s.roa
Signing time: Tue 15 Feb 2022 15:55:24 +0000
ROA not before: Tue 15 Feb 2022 15:55:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 89.48.0.0/13 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
194.97.192.0/18 maxlen: 18
194.97.0.0/18 maxlen: 18
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
62.104.75.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.167.0/24 maxlen: 24
62.104.8.0/21 maxlen: 21
62.104.0.0/16 maxlen: 16
62.104.20.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889521548 (0x3505058c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 15 15:55:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8525693c17cc2eedd5dff943df93aa133059f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:51:a9:2d:0c:ae:e9:53:5d:dd:6e:76:f4:3b:
01:d1:e5:53:8c:40:d0:c5:fd:71:7f:3b:23:7b:10:
fe:5e:d3:f7:59:e6:57:d9:7d:d0:d3:47:01:42:e3:
64:f2:12:38:93:e3:e6:f6:33:e6:c3:18:6e:e8:57:
42:67:23:e1:99:db:20:ea:59:3f:bf:a2:29:1c:a0:
8b:5c:08:93:8c:0f:3f:80:6c:e9:b9:40:c2:ea:4c:
4d:89:4d:b5:29:a9:5f:90:7a:a5:c7:a3:ec:90:8e:
f9:38:9f:9e:2b:dc:cf:36:3f:18:49:d2:e2:7f:ea:
76:7f:d6:d9:d3:e4:eb:cd:44:92:83:22:ff:ae:16:
e2:20:28:80:b5:33:5d:2e:c9:5e:01:90:94:a2:28:
19:be:94:3d:ff:8c:15:47:58:5f:f7:f9:8d:6a:ce:
c9:2a:ba:68:f2:b2:9d:d9:34:75:47:6e:0d:38:72:
15:a1:c5:96:73:73:75:38:63:46:a3:a4:8d:95:41:
82:1d:9b:98:85:93:82:4a:ae:5a:02:85:f5:f4:b7:
80:37:3c:81:8f:86:96:20:bc:99:f8:11:50:7c:ac:
74:3b:75:f2:16:9c:7b:32:00:dc:a6:bf:62:b0:6c:
22:26:17:6f:82:36:e3:b9:31:ef:23:66:ea:bc:9f:
7a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:52:56:93:C1:7C:C2:EE:DD:5D:FF:94:3D:F9:3A:A1:33:05:9F:7B
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yFJWk8F8wu7dXf-UPfk6oTMFn3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
42:84:7b:30:b0:4e:61:cd:e3:df:a2:7d:40:f0:29:29:26:01:
e4:57:7f:e7:0c:21:43:97:b8:f5:db:c4:ea:df:2c:b8:0c:75:
b6:12:00:84:6a:43:89:ca:f6:85:83:f7:5d:30:a5:28:fc:07:
c7:96:3f:b9:f8:2a:e5:67:6a:21:48:ce:ea:23:30:29:01:93:
75:c1:89:8f:83:92:49:5a:60:5d:b0:b4:58:95:8d:2a:c2:30:
83:ec:e2:19:cf:5f:41:a9:e6:05:6d:b6:41:6f:86:2e:b0:93:
68:9c:6d:fd:c3:5b:29:1b:5f:cb:26:40:03:53:3a:f8:79:bc:
48:3e:c7:69:44:44:cf:5d:32:fb:da:aa:d2:6b:6c:51:64:20:
aa:eb:3c:b4:88:19:00:5b:e8:81:67:b6:e8:c2:7d:46:e4:a7:
84:c1:3a:4d:fa:2f:ae:6b:18:15:70:af:d5:59:7b:39:e0:c2:
e0:36:db:45:e0:02:d0:b3:df:43:8c:85:32:0d:0b:db:c0:a3:
fe:9d:9b:fc:91:0c:70:b1:bd:6a:c8:0f:59:d8:49:38:c0:4e:
0a:ab:eb:9d:7e:9e:f0:99:50:d8:19:1c:a4:19:ba:0d:4d:97:
ef:8b:8c:16:d0:8c:b6:fc:ad:3a:17:2c:06:6f:0a:6c:4f:bb:
6e:90:da:80
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENQUFjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjgwMTk4NGNjMzhmMGE0ZmM1YWZlMWFkZWFiNjgwYzFiODllOTViMB4XDTIyMDIx
NTE1NTUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg1MjU2OTNjMTdj
YzJlZWRkNWRmZjk0M2RmOTNhYTEzMzA1OWY3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVRqS0MrulTXd1udvQ7AdHlU4xA0MX9cX87I3sQ/l7T91nm
V9l90NNHAULjZPISOJPj5vYz5sMYbuhXQmcj4ZnbIOpZP7+iKRygi1wIk4wPP4Bs
6blAwupMTYlNtSmpX5B6pcej7JCO+TifnivczzY/GEnS4n/qdn/W2dPk681EkoMi
/64W4iAogLUzXS7JXgGQlKIoGb6UPf+MFUdYX/f5jWrOySq6aPKyndk0dUduDThy
FaHFlnNzdThjRqOkjZVBgh2bmIWTgkquWgKF9fS3gDc8gY+GliC8mfgRUHysdDt1
8hacezIA3Ka/YrBsIiYXb4I247kx7yNm6ryfei0CAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBTIUlaTwXzC7t1d/5Q9+TqhMwWfezAfBgNVHSMEGDAWgBSvgBmEzDjwpPxa
/hreq2gMG4npWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I0QVpoTXc0OEtUOFd2NGEzcXRvREJ1SjZWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8x
L3lGSldrOEY4d3U3ZFhmLVVQZms2b1RNRm4zcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8xL3I0QVpoTXc0OEtU
OFd2NGEzcXRvREJ1SjZWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMDAD5oAwMDWTADBAbCYQADBAXCYWAw
CwMEBcJhoAMDAcJgAwMAwwQwDQQCAAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQAD
ggEBAEKEezCwTmHN49+ifUDwKSkmAeRXf+cMIUOXuPXbxOrfLLgMdbYSAIRqQ4nK
9oWD910wpSj8B8eWP7n4KuVnaiFIzuojMCkBk3XBiY+DkklaYF2wtFiVjSrCMIPs
4hnPX0Gp5gVttkFvhi6wk2icbf3DWykbX8smQANTOvh5vEg+x2lERM9dMvvaqtJr
bFFkIKrrPLSIGQBb6IFntujCfUbkp4TBOk36L65rGBVwr9VZezngwuA220XgAtCz
30OMhTINC9vAo/6dm/yRDHCxvWrID1nYSTjATgqr651+nvCZUNgZHKQZug1Nl++L
jBbQjLb8rToXLAZvCmxPu26Q2oA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org