Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/eFQpc4DiakYFhsf5qEKhEKIJLU0.roa
File: eFQpc4DiakYFhsf5qEKhEKIJLU0.roa (raw, json)
Hash identifier: vkna2HeYhoygGVkM5W3/ijdVJgcXWxua02Pe0h5ahGI=
Subject key identifier: 78:54:29:73:80:E2:6A:46:05:86:C7:F9:A8:42:A1:10:A2:09:2D:4D
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 01857183200BFF7F700A8A7EB40D6B1E6211
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/eFQpc4DiakYFhsf5qEKhEKIJLU0.roa
Signing time: Mon 02 Jan 2023 08:04:56 +0000
ROA not before: Mon 02 Jan 2023 08:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47543
IP address blocks: 185.234.97.0/24 maxlen: 24
185.234.96.0/24 maxlen: 24
185.234.98.0/24 maxlen: 24
185.234.99.0/24 maxlen: 24
185.27.18.0/24 maxlen: 24
2a00:1188:10::/48 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:20:0b:ff:7f:70:0a:8a:7e:b4:0d:6b:1e:62:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Jan 2 08:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7854297380e26a460586c7f9a842a110a2092d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:dc:40:9e:2a:66:10:cc:38:85:c0:8e:95:96:
da:1a:cc:09:92:22:1a:cd:ff:c8:6f:da:13:bb:32:
ec:6e:2a:25:c3:5d:aa:22:d4:31:e9:a4:77:94:56:
f0:94:20:6b:6f:ad:79:ce:38:b3:f1:90:e6:18:12:
d5:3b:a6:0f:a7:7b:1e:a3:72:73:f8:ad:4c:3e:86:
56:c9:d7:f8:aa:82:ae:00:35:11:b6:3c:fe:66:e3:
f5:4f:01:68:ba:88:f3:ce:2c:8a:ee:d4:27:70:c2:
e5:74:1b:66:20:2e:dd:d9:54:06:c2:ae:40:63:27:
18:84:f4:3b:a3:af:51:fc:07:66:8f:bf:f2:0f:31:
b4:5d:78:d2:d4:e6:05:1f:3b:a4:f1:bc:7a:2e:f6:
51:b2:c5:f7:b6:7f:2e:2b:83:95:5c:88:64:d5:25:
77:99:a4:80:44:eb:4a:56:f2:4d:39:18:51:df:b8:
20:66:7b:a9:13:4b:17:77:fb:66:f0:0f:30:48:ef:
3b:55:59:ba:25:70:10:51:9c:9e:a6:25:ca:2b:4e:
13:ee:19:76:4e:3f:d7:03:ef:ca:98:63:9d:9a:c8:
31:35:15:2c:83:eb:16:e7:63:ca:56:d7:6d:18:4c:
e6:98:38:cf:86:16:ae:4e:de:87:8d:2f:3a:32:53:
16:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:54:29:73:80:E2:6A:46:05:86:C7:F9:A8:42:A1:10:A2:09:2D:4D
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/eFQpc4DiakYFhsf5qEKhEKIJLU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.18.0/24
185.234.96.0/22
IPv6:
2a00:1188:10::/48
Signature Algorithm: sha256WithRSAEncryption
ad:72:6c:9b:0d:ca:6f:24:b3:0a:08:a0:30:0c:a2:60:de:ad:
a3:2a:6f:bb:19:41:68:11:92:8f:1c:3e:57:26:e4:3f:22:6d:
b7:24:78:38:b9:df:e2:97:bd:08:f5:ed:33:12:6e:1b:dd:7e:
4f:ec:78:dc:be:a4:9a:0d:14:12:d4:b8:6e:eb:b5:42:4d:d6:
5f:5f:5c:6a:f0:4d:b8:c4:fa:80:44:bf:84:df:bd:81:e8:ff:
8a:04:79:c4:73:30:99:e9:b2:e5:e9:f3:d4:14:b3:c7:42:cd:
b0:69:20:04:08:6d:dd:8a:77:f3:f9:8e:cb:a1:2b:96:bb:08:
55:eb:1b:d7:9a:cf:5a:97:18:0b:12:2c:d0:01:5c:06:be:48:
59:dd:b5:f0:86:07:92:67:4c:e7:0c:87:18:9a:8f:6e:fd:fa:
87:f6:a2:4d:21:67:73:3f:c2:22:88:d8:ff:ad:fa:57:fe:52:
4c:5b:eb:82:00:8b:6a:9c:b7:c9:c7:0e:2a:9c:5a:ba:75:89:
d9:af:a0:03:a2:83:31:b4:5c:05:1c:ee:60:06:eb:c6:b3:0c:
f8:23:e0:8f:08:32:51:6f:7e:8c:8f:78:5a:1a:c0:df:53:29:
af:25:f5:b6:c9:43:f6:71:9b:2d:79:9a:99:b2:41:f7:d7:54:
6e:9d:81:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxgyAL/39wCop+tA1rHmIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjMwMTAyMDgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU0Mjk3MzgwZTI2YTQ2MDU4NmM3ZjlhODQyYTExMGEyMDkyZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9xAnipmEMw4hcCOlZbaGswJkiIa
zf/Ib9oTuzLsbiolw12qItQx6aR3lFbwlCBrb615zjiz8ZDmGBLVO6YPp3seo3Jz
+K1MPoZWydf4qoKuADURtjz+ZuP1TwFouojzziyK7tQncMLldBtmIC7d2VQGwq5A
YycYhPQ7o69R/Admj7/yDzG0XXjS1OYFHzuk8bx6LvZRssX3tn8uK4OVXIhk1SV3
maSAROtKVvJNORhR37ggZnupE0sXd/tm8A8wSO87VVm6JXAQUZyepiXKK04T7hl2
Tj/XA+/KmGOdmsgxNRUsg+sW52PKVtdtGEzmmDjPhhauTt6HjS86MlMW0wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHhUKXOA4mpGBYbH+ahCoRCiCS1NMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvZUZRcGM0RGlha1lGaHNmNXFFS2hFS0lKTFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuRsSAwQC
uepgMA8EAgACMAkDBwAqABGIABAwDQYJKoZIhvcNAQELBQADggEBAK1ybJsNym8k
swoIoDAMomDeraMqb7sZQWgRko8cPlcm5D8ibbckeDi53+KXvQj17TMSbhvdfk/s
eNy+pJoNFBLUuG7rtUJN1l9fXGrwTbjE+oBEv4TfvYHo/4oEecRzMJnpsuXp89QU
s8dCzbBpIAQIbd2Kd/P5jsuhK5a7CFXrG9eaz1qXGAsSLNABXAa+SFndtfCGB5Jn
TOcMhxiaj279+of2ok0hZ3M/wiKI2P+t+lf+Ukxb64IAi2qct8nHDiqcWrp1idmv
oAOigzG0XAUc7mAG68azDPgj4I8IMlFvfoyPeFoawN9TKa8l9bbJQ/Zxmy15mpmy
QffXVG6dgfc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:03 2024 by rpki-client on console-ams.rpki-client.org