Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/jcuXy854NsMVvdtHSNDwRHhPSco.roa
File: jcuXy854NsMVvdtHSNDwRHhPSco.roa (raw, json)
Hash identifier: NE64YYKriqfn7BaGUPX28P1GMko1w10ITB7mfnP6kLc=
Subject key identifier: 8D:CB:97:CB:CE:78:36:C3:15:BD:DB:47:48:D0:F0:44:78:4F:49:CA
Certificate issuer: /CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Certificate serial: 05BDFB35
Authority key identifier: 00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/jcuXy854NsMVvdtHSNDwRHhPSco.roa
Signing time: Sat 01 Jan 2022 02:55:28 +0000
ROA not before: Sat 01 Jan 2022 02:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39049
IP address blocks: 94.231.36.0/22 maxlen: 22
94.231.32.0/22 maxlen: 22
94.231.32.0/20 maxlen: 20
94.231.40.0/22 maxlen: 22
195.66.136.0/24 maxlen: 24
195.66.136.0/23 maxlen: 23
195.66.137.0/24 maxlen: 24
94.231.44.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96336693 (0x5bdfb35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002fa6e19056838905bc32b53ab0d1047d78e4d4
Validity
Not Before: Jan 1 02:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dcb97cbce7836c315bddb4748d0f044784f49ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:1f:75:d8:0c:0e:ab:c6:1b:cb:25:1f:c9:
82:f6:56:5d:78:aa:f2:80:cf:c7:d9:05:f9:9e:b6:
ab:16:d0:b0:6e:ad:f7:42:92:72:23:1c:ca:7e:bd:
b0:30:4e:b3:60:a7:d2:ba:2b:e2:13:d0:04:4a:d8:
cf:81:ee:31:ff:90:7c:9f:fb:8a:64:ef:32:86:d3:
9b:03:b1:e1:eb:13:5a:71:de:87:0e:d0:90:c1:76:
6d:9e:81:18:b2:2c:ee:0a:8c:89:ae:e9:7b:a2:4d:
31:5c:14:f4:b9:2c:31:d8:9d:27:dd:6e:9a:21:2a:
28:d4:6b:77:a7:f3:76:c5:e8:91:d6:e1:e6:bf:ea:
34:d4:31:d9:a7:be:04:69:c5:bb:e4:c0:b7:8d:ab:
87:73:59:d8:e8:5b:68:68:f0:de:3f:a7:ab:ef:8c:
e6:55:09:2a:0a:9e:53:85:8b:da:2f:92:05:6b:74:
69:75:27:ab:f2:5a:b1:67:3b:0b:eb:c2:6e:2d:ba:
fb:fc:e3:51:21:3d:ff:ac:f1:c3:1b:41:49:70:82:
7d:64:b7:dd:70:f9:82:2d:b8:87:11:da:f4:9d:cc:
d1:6e:7f:53:5c:4c:f3:2b:f5:80:e3:a8:2e:0c:ea:
ee:0d:98:d0:bd:e0:db:11:9b:4b:ca:c8:9f:b2:b2:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CB:97:CB:CE:78:36:C3:15:BD:DB:47:48:D0:F0:44:78:4F:49:CA
X509v3 Authority Key Identifier:
keyid:00:2F:A6:E1:90:56:83:89:05:BC:32:B5:3A:B0:D1:04:7D:78:E4:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AC-m4ZBWg4kFvDK1OrDRBH145NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/jcuXy854NsMVvdtHSNDwRHhPSco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/866b6b-f56c-4a2f-902d-fbc36e4348f5/1/AC-m4ZBWg4kFvDK1OrDRBH145NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.32.0/20
195.66.136.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:df:3a:c4:33:9e:8a:83:fe:77:1f:36:fa:4b:59:dc:97:49:
29:c2:fe:0e:84:7e:28:45:aa:6f:2d:ce:e0:25:03:88:92:59:
6d:3b:2f:c9:c2:b8:29:9d:4f:eb:cc:d9:6f:98:7d:df:cc:49:
f2:1a:84:fb:33:a6:1f:0e:f0:1c:f9:b7:f5:d5:d2:3b:11:13:
2b:6d:1b:b6:91:2a:21:7c:82:44:ff:98:41:14:d7:aa:22:d9:
1c:a3:04:0e:d3:8c:c2:58:e1:ff:5b:84:42:52:5d:b3:3e:4a:
77:06:05:4b:be:3b:60:75:35:0e:cf:fd:8b:6e:0a:2c:0e:d7:
5e:52:97:4f:2a:68:ba:95:61:0c:af:28:8c:73:eb:45:b2:4f:
dd:3f:6c:9c:62:3c:86:33:08:fa:c8:7f:d8:d8:5e:dc:5d:e0:
fe:e8:1d:96:b7:ff:90:1b:90:57:68:bd:31:e4:8b:ec:cb:12:
70:df:40:03:50:ca:9b:c2:45:34:dd:ae:a3:5d:75:71:42:03:
08:e2:18:56:5e:c5:f9:39:91:bd:b4:4a:ac:2a:ed:c1:b4:d0:
fc:9d:46:2c:62:ac:97:0c:c3:20:0a:ec:a7:f6:ac:7a:41:09:
57:be:31:ec:4e:3e:33:dd:88:5e:66:08:14:4c:e1:c0:14:5f:
8f:49:e3:52
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBb37NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDJmYTZlMTkwNTY4Mzg5MDViYzMyYjUzYWIwZDEwNDdkNzhlNGQ0MB4XDTIyMDEw
MTAyNTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRjYjk3Y2JjZTc4
MzZjMzE1YmRkYjQ3NDhkMGYwNDQ3ODRmNDljYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiZH3XYDA6rxhvLJR/JgvZWXXiq8oDPx9kF+Z62qxbQsG6t
90KSciMcyn69sDBOs2Cn0ror4hPQBErYz4HuMf+QfJ/7imTvMobTmwOx4esTWnHe
hw7QkMF2bZ6BGLIs7gqMia7pe6JNMVwU9LksMdidJ91umiEqKNRrd6fzdsXokdbh
5r/qNNQx2ae+BGnFu+TAt42rh3NZ2OhbaGjw3j+nq++M5lUJKgqeU4WL2i+SBWt0
aXUnq/JasWc7C+vCbi26+/zjUSE9/6zxwxtBSXCCfWS33XD5gi24hxHa9J3M0W5/
U1xM8yv1gOOoLgzq7g2Y0L3g2xGbS8rIn7KyU10CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSNy5fLzng2wxW920dI0PBEeE9JyjAfBgNVHSMEGDAWgBQAL6bhkFaDiQW8
MrU6sNEEfXjk1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FDLW00WkJXZzRrRnZESzFPckRSQkgxNDVOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvODY2YjZiLWY1NmMtNGEyZi05MDJkLWZiYzM2ZTQzNDhmNS8x
L2pjdVh5ODU0TnNNVnZkdEhTTkR3UkhoUFNjby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
ODY2YjZiLWY1NmMtNGEyZi05MDJkLWZiYzM2ZTQzNDhmNS8xL0FDLW00WkJXZzRr
RnZESzFPckRSQkgxNDVOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBF7nIAMEAcNCiDANBgkqhkiG9w0B
AQsFAAOCAQEAL986xDOeioP+dx82+ktZ3JdJKcL+DoR+KEWqby3O4CUDiJJZbTsv
ycK4KZ1P68zZb5h938xJ8hqE+zOmHw7wHPm39dXSOxETK20btpEqIXyCRP+YQRTX
qiLZHKMEDtOMwljh/1uEQlJdsz5KdwYFS747YHU1Ds/9i24KLA7XXlKXTypoupVh
DK8ojHPrRbJP3T9snGI8hjMI+sh/2Nhe3F3g/ugdlrf/kBuQV2i9MeSL7MsScN9A
A1DKm8JFNN2uo111cUIDCOIYVl7F+TmRvbRKrCrtwbTQ/J1GLGKslwzDIArsp/as
ekEJV74x7E4+M92IXmYIFEzhwBRfj0njUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:17 2023 by rpki-client on console-fra.rpki-client.org