Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yMnqPlK4B08GXijLqoUsZSCOOks.roa
File: yMnqPlK4B08GXijLqoUsZSCOOks.roa (raw, json)
Hash identifier: OOFRWPOeGsSlDLQoMQBDgRRqxfQbm9eZssL8oZQ1nzw=
Subject key identifier: C8:C9:EA:3E:52:B8:07:4F:06:5E:28:CB:AA:85:2C:65:20:8E:3A:4B
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 355C213D
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yMnqPlK4B08GXijLqoUsZSCOOks.roa
Signing time: Mon 28 Feb 2022 12:16:02 +0000
ROA not before: Mon 28 Feb 2022 12:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5430
IP address blocks: 194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.119.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.68.0/22 maxlen: 22
62.104.72.0/21 maxlen: 21
62.104.80.0/21 maxlen: 21
62.104.88.0/21 maxlen: 21
194.97.160.0/19 maxlen: 19
62.104.96.0/21 maxlen: 21
194.97.164.0/22 maxlen: 22
62.104.104.0/22 maxlen: 22
194.97.167.0/24 maxlen: 24
194.97.168.0/24 maxlen: 24
62.104.0.0/16 maxlen: 16
62.104.8.0/21 maxlen: 21
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.20.0/24 maxlen: 24
62.104.20.0/23 maxlen: 23
62.104.18.0/23 maxlen: 23
62.104.28.0/22 maxlen: 22
194.97.96.0/19 maxlen: 19
62.104.32.0/21 maxlen: 21
62.104.40.0/22 maxlen: 22
62.104.48.0/23 maxlen: 23
194.97.118.0/24 maxlen: 24
62.104.50.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.45.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
89.49.126.0/24 maxlen: 24
89.48.0.0/13 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.234.0/23 maxlen: 24
195.4.176.0/24 maxlen: 24
62.104.164.0/24 maxlen: 24
62.104.164.0/22 maxlen: 22
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/21 maxlen: 21
62.104.178.0/24 maxlen: 24
62.104.182.0/24 maxlen: 24
62.104.184.0/22 maxlen: 22
62.104.188.0/23 maxlen: 23
62.104.130.0/23 maxlen: 23
62.104.132.0/22 maxlen: 22
194.97.192.0/18 maxlen: 18
62.104.136.0/21 maxlen: 21
62.104.144.0/22 maxlen: 22
62.104.156.0/22 maxlen: 22
195.4.0.0/16 maxlen: 16
195.4.16.0/24 maxlen: 24
195.4.16.0/22 maxlen: 22
195.4.28.0/23 maxlen: 23
195.4.27.0/24 maxlen: 24
195.4.43.0/24 maxlen: 24
2001:748::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895230269 (0x355c213d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Feb 28 12:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8c9ea3e52b8074f065e28cbaa852c65208e3a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:d1:8d:70:c8:11:02:e5:e4:2d:8b:42:17:8a:
e3:4e:bf:a2:d0:62:71:db:c3:19:a7:58:e2:75:ae:
3b:b2:31:0e:89:a1:85:ab:1c:82:ec:22:fe:40:2c:
e8:61:77:34:62:2c:62:0a:87:49:34:06:44:fc:19:
46:2a:70:6c:10:65:bc:bd:60:57:c5:e8:29:82:73:
c3:6c:12:f8:90:ec:b7:84:c0:2f:10:b8:7d:7f:d6:
ef:95:9d:a4:a4:96:6b:02:45:89:31:e8:a0:20:a3:
f4:05:22:62:6b:d1:08:1f:be:3b:6f:d6:c1:5a:86:
4c:da:6c:2f:bf:65:8f:21:56:1b:72:18:b7:0d:b9:
96:ab:8e:d5:30:63:de:4a:c5:3b:9d:2e:df:ca:8c:
18:de:f6:4d:0b:d1:36:5c:47:a7:aa:94:c8:5e:e3:
ed:4b:19:d1:1e:ab:27:48:0a:69:ac:54:d9:79:17:
15:48:ec:9e:9e:c6:e9:7b:75:87:0d:6f:96:69:ef:
6e:ed:28:0b:ec:26:6c:80:3b:c5:24:f0:10:6c:18:
08:a3:6e:b8:43:b9:85:30:cf:48:13:f5:6a:d1:45:
ee:10:11:67:64:84:dc:0d:46:ba:34:ae:4a:31:67:
5b:8f:36:30:66:02:9c:1e:e1:19:95:41:a9:00:4b:
72:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C9:EA:3E:52:B8:07:4F:06:5E:28:CB:AA:85:2C:65:20:8E:3A:4B
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yMnqPlK4B08GXijLqoUsZSCOOks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0-194.97.255.255
195.4.0.0/16
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
81:72:03:03:c2:46:82:d5:e8:00:70:3c:e7:c8:10:d3:1e:90:
45:78:73:e5:ad:89:96:25:fc:48:d4:61:35:6a:be:2e:2d:9f:
d6:18:e4:30:0f:b0:79:15:c0:71:52:52:6f:f8:03:6e:19:17:
88:86:d2:18:09:09:45:dc:4e:a1:ec:31:fa:ce:61:dc:0a:ac:
9e:90:02:c6:35:b7:e2:05:6f:67:0e:dc:b0:5b:17:27:52:41:
d6:cb:31:07:7e:c4:c6:1c:13:fb:27:3d:57:46:2d:5d:7b:ec:
cd:20:f2:62:5c:a4:97:f9:6d:be:e0:c3:6b:06:59:2f:20:70:
cb:27:0b:08:32:0f:ec:cc:01:e9:d8:c1:d2:73:2c:f1:49:d9:
6c:31:ec:a4:c2:ad:85:54:8a:5b:3e:dc:b3:0e:46:51:da:2c:
b7:4f:e5:8a:1d:8f:a5:26:37:02:39:e4:01:51:6e:2a:a4:a9:
9b:74:22:e9:1f:c7:ca:bc:90:9f:be:84:0e:7e:fc:95:91:07:
52:b1:6e:8f:2b:35:e1:1b:18:2f:7f:83:e6:4a:4e:a5:23:6c:
3c:f4:86:cf:0c:93:bd:e4:eb:5a:13:d6:da:61:42:39:ae:3f:
36:e7:62:3f:ee:1e:6d:2a:78:c3:19:59:a5:3d:9e:c5:8b:c9:
8a:b4:ef:ac
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIENVwhPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjgwMTk4NGNjMzhmMGE0ZmM1YWZlMWFkZWFiNjgwYzFiODllOTViMB4XDTIyMDIy
ODEyMTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhjOWVhM2U1MmI4
MDc0ZjA2NWUyOGNiYWE4NTJjNjUyMDhlM2E0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPjRjXDIEQLl5C2LQheK406/otBicdvDGadY4nWuO7IxDomh
hascguwi/kAs6GF3NGIsYgqHSTQGRPwZRipwbBBlvL1gV8XoKYJzw2wS+JDst4TA
LxC4fX/W75WdpKSWawJFiTHooCCj9AUiYmvRCB++O2/WwVqGTNpsL79ljyFWG3IY
tw25lquO1TBj3krFO50u38qMGN72TQvRNlxHp6qUyF7j7UsZ0R6rJ0gKaaxU2XkX
FUjsnp7G6Xt1hw1vlmnvbu0oC+wmbIA7xSTwEGwYCKNuuEO5hTDPSBP1atFF7hAR
Z2SE3A1GujSuSjFnW482MGYCnB7hGZVBqQBLcgMCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBTIyeo+UrgHTwZeKMuqhSxlII46SzAfBgNVHSMEGDAWgBSvgBmEzDjwpPxa
/hreq2gMG4npWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3I0QVpoTXc0OEtUOFd2NGEzcXRvREJ1SjZWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvYmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8x
L3lNbnFQbEs0QjA4R1hpakxxb1VzWlNDT09rcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
YmZkMzdjLWNiMTItNGE5Yy04ZjVkLTQwMjEyNjVjMzliMC8xL3I0QVpoTXc0OEtU
OFd2NGEzcXRvREJ1SjZWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLgQCAAEwKAMDAD5oAwMDWTADBAbCYQADBAXCYWAw
CwMEBcJhoAMDAcJgAwMAwwQwDQQCAAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQAD
ggEBAIFyAwPCRoLV6ABwPOfIENMekEV4c+WtiZYl/EjUYTVqvi4tn9YY5DAPsHkV
wHFSUm/4A24ZF4iG0hgJCUXcTqHsMfrOYdwKrJ6QAsY1t+IFb2cO3LBbFydSQdbL
MQd+xMYcE/snPVdGLV177M0g8mJcpJf5bb7gw2sGWS8gcMsnCwgyD+zMAenYwdJz
LPFJ2Wwx7KTCrYVUils+3LMORlHaLLdP5Yodj6UmNwI55AFRbiqkqZt0Iukfx8q8
kJ++hA5+/JWRB1Kxbo8rNeEbGC9/g+ZKTqUjbDz0hs8Mk73k61oT1tphQjmuPzbn
Yj/uHm0qeMMZWaU9nsWLyYq076w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org