Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/juc9Hud9HkPqWwIk__NBmya4c2I.roa
File: juc9Hud9HkPqWwIk__NBmya4c2I.roa (raw, json)
Hash identifier: N79BGmFzN06YIXYTkDjBedJsenbB6h9W4FgqDrN3F4Y=
Subject key identifier: 8E:E7:3D:1E:E7:7D:1E:43:EA:5B:02:24:FF:F3:41:9B:26:B8:73:62
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018710E37EE55630CB191E35E2A0A7E8A703
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/juc9Hud9HkPqWwIk__NBmya4c2I.roa
Signing time: Thu 23 Mar 2023 23:52:37 +0000
ROA not before: Thu 23 Mar 2023 23:52:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47543
IP address blocks: 185.234.97.0/24 maxlen: 24
185.234.96.0/24 maxlen: 24
185.234.98.0/24 maxlen: 24
185.234.99.0/24 maxlen: 24
95.142.101.0/24 maxlen: 24
95.142.100.0/24 maxlen: 24
185.27.18.0/24 maxlen: 24
178.237.38.0/24 maxlen: 24
178.237.37.0/24 maxlen: 24
178.237.35.0/24 maxlen: 24
178.237.36.0/24 maxlen: 24
2a00:1188:10::/48 maxlen: 64
2a00:1188:12::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:e3:7e:e5:56:30:cb:19:1e:35:e2:a0:a7:e8:a7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Mar 23 23:52:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee73d1ee77d1e43ea5b0224fff3419b26b87362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:97:97:cc:d8:bc:19:50:c1:9f:9b:27:6f:0f:
a6:75:ff:5f:9b:13:2e:ad:a7:7a:aa:9e:ea:1a:36:
f4:16:aa:6a:ad:8a:13:c0:51:2b:7b:07:84:b2:13:
37:bb:6c:26:f3:ab:1b:54:f1:3a:c8:93:76:16:92:
bc:e7:18:7f:0c:6f:f4:fa:6b:2c:7a:de:89:10:4d:
18:fa:36:3a:b4:48:cb:5c:b7:4a:3f:cc:27:9a:9a:
8c:69:1a:10:00:d6:72:19:a8:b8:5c:3f:c3:5e:c0:
ef:ae:81:85:17:71:0c:61:d3:9c:0a:51:c4:5a:61:
d1:5f:a2:fd:de:8a:33:04:2d:c1:d8:31:59:a8:b8:
70:51:ee:32:1a:99:d3:e7:52:02:be:f5:74:2a:f6:
87:26:2c:49:b7:46:40:c3:4b:ed:a9:59:ce:5c:79:
5c:96:55:22:f4:bb:1e:ce:a8:ae:32:4f:8d:ef:44:
f6:53:ff:5a:8e:47:de:b8:6b:66:9d:17:de:a0:8e:
59:87:3c:8a:ca:0d:c2:f0:f6:7b:3e:dd:57:7a:e4:
d6:30:8b:b6:ca:f1:0e:e9:92:c8:b4:75:32:79:36:
7c:29:6a:a6:96:91:51:bd:3b:52:e0:dd:89:49:a8:
04:e6:1b:85:85:30:92:2b:f5:a6:c5:95:8b:cd:d3:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E7:3D:1E:E7:7D:1E:43:EA:5B:02:24:FF:F3:41:9B:26:B8:73:62
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/juc9Hud9HkPqWwIk__NBmya4c2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.100.0/23
178.237.35.0-178.237.38.255
185.27.18.0/24
185.234.96.0/22
IPv6:
2a00:1188:10::/48
2a00:1188:12::/48
Signature Algorithm: sha256WithRSAEncryption
51:a3:b4:f5:57:0c:ef:cb:6d:db:aa:23:8c:a3:2d:88:8d:ca:
01:b4:8d:ba:a6:ef:0f:6a:a9:93:9b:cf:16:08:4f:58:58:1f:
6d:f0:70:b8:42:34:db:64:e3:8a:b7:bf:4f:a0:99:af:e9:a3:
b4:96:4f:3b:f2:8a:9f:03:0b:38:20:c1:cc:52:ae:17:d2:2a:
32:d0:d2:ab:70:42:24:77:c6:b9:9d:27:d2:e8:c9:ff:c3:92:
c1:53:48:f7:ca:dd:6d:29:38:be:a3:b4:08:f3:75:09:0c:bd:
99:21:a9:56:50:ab:2b:af:3f:2c:54:59:c6:5b:9b:c0:8a:e1:
e9:e7:0d:99:69:93:2f:e5:01:60:1a:2e:8a:d1:b6:94:41:78:
30:4b:f9:79:9b:9a:ca:20:aa:e7:fc:f3:be:3a:19:37:09:8b:
4e:30:0d:63:a8:80:d8:0a:8b:44:aa:ef:28:7c:b7:93:c1:c9:
bc:6d:af:29:6a:a7:56:fd:5b:65:2c:fb:a7:31:c8:a1:28:9b:
e7:c3:16:a7:18:19:c3:d3:fc:fe:96:57:46:ab:29:b7:a9:11:
00:4b:6b:27:b1:1f:14:f1:73:96:81:4a:2d:bc:33:7d:78:48:
22:9b:39:05:79:53:1a:07:45:8e:b4:65:f2:fd:9e:4a:c1:91:
c1:0e:d4:39
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYcQ437lVjDLGR414qCn6KcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjMwMzIzMjM1MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU3M2QxZWU3N2QxZTQzZWE1YjAyMjRmZmYzNDE5YjI2Yjg3MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5eXzNi8GVDBn5snbw+mdf9fmxMu
rad6qp7qGjb0FqpqrYoTwFEreweEshM3u2wm86sbVPE6yJN2FpK85xh/DG/0+mss
et6JEE0Y+jY6tEjLXLdKP8wnmpqMaRoQANZyGai4XD/DXsDvroGFF3EMYdOcClHE
WmHRX6L93oozBC3B2DFZqLhwUe4yGpnT51ICvvV0KvaHJixJt0ZAw0vtqVnOXHlc
llUi9LsezqiuMk+N70T2U/9ajkfeuGtmnRfeoI5ZhzyKyg3C8PZ7Pt1XeuTWMIu2
yvEO6ZLItHUyeTZ8KWqmlpFRvTtS4N2JSagE5huFhTCSK/WmxZWLzdMoiQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFI7nPR7nfR5D6lsCJP/zQZsmuHNiMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvanVjOUh1ZDlIa1BxV3dJa19fTkJteWE0YzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAmBAIAATAgAwQBX45kMAwD
BACy7SMDBACy7SYDBAC5GxIDBAK56mAwGAQCAAIwEgMHACoAEYgAEAMHACoAEYgA
EjANBgkqhkiG9w0BAQsFAAOCAQEAUaO09VcM78tt26ojjKMtiI3KAbSNuqbvD2qp
k5vPFghPWFgfbfBwuEI022Tjire/T6CZr+mjtJZPO/KKnwMLOCDBzFKuF9IqMtDS
q3BCJHfGuZ0n0ujJ/8OSwVNI98rdbSk4vqO0CPN1CQy9mSGpVlCrK68/LFRZxlub
wIrh6ecNmWmTL+UBYBouitG2lEF4MEv5eZuayiCq5/zzvjoZNwmLTjANY6iA2AqL
RKrvKHy3k8HJvG2vKWqnVv1bZSz7pzHIoSib58MWpxgZw9P8/pZXRqspt6kRAEtr
J7EfFPFzloFKLbwzfXhIIps5BXlTGgdFjrRl8v2eSsGRwQ7UOQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:00 2024 by rpki-client on console-fra.rpki-client.org