Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/JRCEwP-Dpmo8neNf6bVwoecIAd0.roa
File: JRCEwP-Dpmo8neNf6bVwoecIAd0.roa (raw, json)
Hash identifier: PtkbnCK8Haj+kJ8ZlOfFimHndTjxWdgsyLCDLXatCUk=
Subject key identifier: 25:10:84:C0:FF:83:A6:6A:3C:9D:E3:5F:E9:B5:70:A1:E7:08:01:DD
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 018852213954B540A17E9CCE1DB51B8DBC53
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/JRCEwP-Dpmo8neNf6bVwoecIAd0.roa
Signing time: Thu 25 May 2023 08:58:09 +0000
ROA not before: Thu 25 May 2023 08:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198482
IP address blocks: 195.234.98.0/24 maxlen: 24
151.237.94.0/23 maxlen: 23
85.187.208.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.213.0/24 maxlen: 24
85.187.214.0/24 maxlen: 24
85.187.215.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:21:39:54:b5:40:a1:7e:9c:ce:1d:b5:1b:8d:bc:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: May 25 08:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=251084c0ff83a66a3c9de35fe9b570a1e70801dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:d6:31:f5:92:c9:f4:da:56:6c:22:d1:6e:
3d:f7:a8:fa:01:0e:29:24:81:3d:29:dd:01:aa:40:
39:9f:56:72:6e:80:d1:9e:30:34:6d:26:50:5b:26:
89:0c:22:0f:7d:45:08:36:e2:b8:9a:bb:3c:99:99:
67:de:64:41:84:d6:8c:9b:21:bc:60:d4:4f:5f:3e:
c3:09:f8:91:7c:7e:3f:bc:a6:1e:c9:a1:e2:d5:7a:
ac:3e:c0:ac:b3:2a:f1:f5:40:85:c2:39:6f:04:21:
62:d9:99:cc:80:eb:92:83:57:9f:95:24:c7:92:f0:
27:a9:4f:88:45:43:44:3f:bf:77:22:3f:a0:ce:3e:
ab:de:94:30:cd:70:df:92:2d:9d:17:db:d5:f3:de:
c1:11:65:1a:f0:77:66:d0:43:72:83:1c:0c:d9:d9:
ed:8d:bb:d7:b7:96:4d:af:90:17:46:53:63:85:39:
e1:e6:17:42:44:97:ef:f9:d0:64:d4:b0:29:6a:33:
59:41:37:f6:43:f6:70:62:89:1f:13:8b:cf:af:0c:
6a:a9:4d:00:c3:6e:72:de:c4:a3:7e:84:73:4d:43:
60:f5:62:d5:39:e8:b3:f1:c0:aa:d4:f2:26:9a:1d:
e1:ac:fa:11:8b:ce:89:d5:7c:9a:cb:ac:13:8b:c2:
38:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:10:84:C0:FF:83:A6:6A:3C:9D:E3:5F:E9:B5:70:A1:E7:08:01:DD
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/JRCEwP-Dpmo8neNf6bVwoecIAd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0/21
85.187.220.0/23
151.237.94.0/23
195.234.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:ee:a6:c7:3f:19:87:07:63:b7:11:73:58:78:f6:9a:c3:ae:
fe:8a:3f:1c:3e:6f:40:11:fa:fd:09:d1:f4:18:e8:04:15:a6:
40:cd:fb:d3:3a:bc:96:48:1d:3f:8b:e8:4d:4b:e9:27:7f:e3:
8e:5b:7d:7c:25:cb:a7:86:b9:60:4e:a3:a0:cc:c7:43:56:0e:
f8:6d:4b:d3:86:70:2e:3f:6d:fc:59:5b:c0:14:e9:d5:c3:ff:
6b:c6:fe:e1:57:20:03:22:cb:be:e4:97:e2:b6:0a:06:eb:ac:
20:eb:84:9a:52:5b:fe:36:a5:d2:97:b5:47:14:9e:38:43:07:
0e:95:2d:b5:dc:33:c9:14:19:d0:5c:76:a3:63:4c:61:b8:d8:
4f:87:e3:bf:4d:e9:68:da:ef:6e:f5:85:6a:20:0a:0f:a3:76:
eb:1f:f0:8e:32:83:95:62:8e:b4:49:ad:e1:e2:ba:3d:f3:78:
5b:ee:c5:df:90:26:26:90:a0:bd:5c:b6:6b:57:a4:71:2d:24:
2e:42:da:4c:cd:ca:e5:0a:67:51:93:86:85:87:14:74:50:bc:
26:93:42:bf:87:fb:65:ac:5b:49:42:0c:e2:58:f8:65:01:bb:
6e:98:35:22:75:26:15:bb:53:84:c7:07:c2:de:5f:2c:a5:51:
86:51:82:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhSITlUtUChfpzOHbUbjbxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMwNTI1MDg1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTEwODRjMGZmODNhNjZhM2M5ZGUzNWZlOWI1NzBhMWU3MDgwMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFzWMfWSyfTaVmwi0W4996j6AQ4p
JIE9Kd0BqkA5n1ZyboDRnjA0bSZQWyaJDCIPfUUINuK4mrs8mZln3mRBhNaMmyG8
YNRPXz7DCfiRfH4/vKYeyaHi1XqsPsCssyrx9UCFwjlvBCFi2ZnMgOuSg1eflSTH
kvAnqU+IRUNEP793Ij+gzj6r3pQwzXDfki2dF9vV897BEWUa8Hdm0ENygxwM2dnt
jbvXt5ZNr5AXRlNjhTnh5hdCRJfv+dBk1LApajNZQTf2Q/ZwYokfE4vPrwxqqU0A
w25y3sSjfoRzTUNg9WLVOeiz8cCq1PImmh3hrPoRi86J1Xyay6wTi8I4WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUQhMD/g6ZqPJ3jX+m1cKHnCAHdMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvSlJDRXdQLURwbW84bmVOZjZiVndvZWNJQWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGItNDQ3NjE3YTRhNzQ0
LzEvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDVbvQAwQB
VbvcAwQBl+1eAwQAw+piMA0GCSqGSIb3DQEBCwUAA4IBAQAa7qbHPxmHB2O3EXNY
ePaaw67+ij8cPm9AEfr9CdH0GOgEFaZAzfvTOryWSB0/i+hNS+knf+OOW318Jcun
hrlgTqOgzMdDVg74bUvThnAuP238WVvAFOnVw/9rxv7hVyADIsu+5JfitgoG66wg
64SaUlv+NqXSl7VHFJ44QwcOlS213DPJFBnQXHajY0xhuNhPh+O/Telo2u9u9YVq
IAoPo3brH/COMoOVYo60Sa3h4ro983hb7sXfkCYmkKC9XLZrV6RxLSQuQtpMzcrl
CmdRk4aFhxR0ULwmk0K/h/tlrFtJQgziWPhlAbtumDUidSYVu1OExwfC3l8spVGG
UYJu
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:59 2023 by rpki-client on console.sobornost.net