Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1OM6WCiF5Hs_n3v88qtiATfaRbE.roa
File: 1OM6WCiF5Hs_n3v88qtiATfaRbE.roa (raw, json)
Hash identifier: mfP0Ji8+2XLkAshigQuMByhnckqeI/voawQ/3WgVw4M=
Subject key identifier: D4:E3:3A:58:28:85:E4:7B:3F:9F:7B:FC:F2:AB:62:01:37:DA:45:B1
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 01859B3C4F7A4D8514071A5E1BF1413EEC77
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1OM6WCiF5Hs_n3v88qtiATfaRbE.roa
Signing time: Tue 10 Jan 2023 10:31:39 +0000
ROA not before: Tue 10 Jan 2023 10:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:3c:4f:7a:4d:85:14:07:1a:5e:1b:f1:41:3e:ec:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 10 10:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4e33a582885e47b3f9f7bfcf2ab620137da45b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:94:d9:94:0c:bf:67:90:2f:d3:5c:dd:35:
4e:a3:d9:41:23:7f:37:84:36:39:6a:5c:04:cb:b2:
c5:88:b5:ec:56:fe:70:62:c5:f8:46:52:dd:08:c5:
0b:1b:a9:37:8d:7d:a1:9d:f3:c8:c7:f6:db:3b:37:
bd:af:f5:a7:07:5b:82:cd:c5:ca:67:28:08:2c:81:
56:e8:93:44:ab:a2:c2:d5:eb:d1:c0:5d:7e:92:14:
b6:dd:8a:68:ef:16:54:89:8f:bb:86:53:c4:3e:cb:
5a:c8:32:ee:18:eb:8c:99:8a:35:38:35:6f:1b:82:
47:fc:9d:1d:4a:4a:1d:72:ac:7b:94:45:16:47:72:
81:55:37:7c:53:c6:e0:23:45:bc:6b:80:a3:eb:8e:
32:1e:cb:c7:eb:b6:a0:21:b7:5c:70:c4:ea:01:92:
3f:95:2d:b9:bd:8e:23:e3:c9:3b:8a:d1:ca:5a:f2:
18:2c:eb:79:d1:73:91:8c:a6:6f:18:45:f8:87:e0:
26:9b:9e:5b:63:4d:36:e4:68:3e:4e:8c:7b:3d:a0:
ba:95:9c:f5:c6:b0:30:35:b7:cc:06:18:fe:54:a9:
6a:6a:b4:33:86:f8:36:48:2d:ec:c5:c7:61:44:84:
a1:52:13:70:a4:87:9c:e8:04:41:61:04:29:f1:75:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E3:3A:58:28:85:E4:7B:3F:9F:7B:FC:F2:AB:62:01:37:DA:45:B1
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1OM6WCiF5Hs_n3v88qtiATfaRbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:56:71:04:b3:ba:29:e7:a5:77:2c:a8:2e:da:21:10:05:70:
16:8a:2a:f8:d3:e1:59:cb:3c:61:49:7f:5b:39:ae:ab:93:0b:
ec:28:a9:11:1d:91:66:cc:f2:a3:d6:6f:e6:ac:6a:3f:ec:cc:
b4:a7:d6:30:79:55:4b:cb:a1:d1:ad:6d:5b:1d:70:eb:72:8e:
e6:fc:87:ee:9b:20:fc:d9:b0:f9:bf:65:f4:57:9b:9d:96:d8:
f7:45:d7:e1:3a:03:99:c0:2d:01:60:ba:29:b7:6d:82:ce:73:
70:e6:a2:83:49:74:e4:b2:85:8a:58:4a:79:82:36:c4:5d:b4:
5d:28:09:7f:90:4e:ae:f0:50:f3:12:fa:a1:07:46:09:01:ee:
d3:8c:d6:28:c4:16:05:13:04:b0:3c:a3:52:2c:b0:c2:68:d8:
ae:65:3b:a4:95:39:7f:d4:5d:73:02:4e:4a:e8:c0:6a:d2:b7:
8c:b9:9e:e7:48:18:7a:0f:ec:17:12:e3:e2:61:ea:34:23:08:
6b:7d:63:2e:b3:22:58:27:50:89:08:8f:5a:84:5f:ee:38:2b:
54:20:17:3d:3c:e7:9c:19:de:4d:b5:a3:a5:ae:2f:ad:7b:db:
4f:a5:f1:cc:37:31:25:ad:47:b9:0c:ae:fd:62:e8:ff:f0:63:
d9:68:4f:8a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYWbPE96TYUUBxpeG/FBPux3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMTEwMTAzMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGUzM2E1ODI4ODVlNDdiM2Y5ZjdiZmNmMmFiNjIwMTM3ZGE0NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ+U2ZQMv2eQL9Nc3TVOo9lBI383
hDY5alwEy7LFiLXsVv5wYsX4RlLdCMULG6k3jX2hnfPIx/bbOze9r/WnB1uCzcXK
ZygILIFW6JNEq6LC1evRwF1+khS23Ypo7xZUiY+7hlPEPstayDLuGOuMmYo1ODVv
G4JH/J0dSkodcqx7lEUWR3KBVTd8U8bgI0W8a4Cj644yHsvH67agIbdccMTqAZI/
lS25vY4j48k7itHKWvIYLOt50XORjKZvGEX4h+Amm55bY0025Gg+Tox7PaC6lZz1
xrAwNbfMBhj+VKlqarQzhvg2SC3sxcdhRIShUhNwpIec6ARBYQQp8XUhVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNTjOlgoheR7P597/PKrYgE32kWxMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvMU9NNldDaUY1SHNfbjN2ODhxdGlBVGZhUmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQCdVnEEs7op56V3LKgu2iEQ
BXAWiir40+FZyzxhSX9bOa6rkwvsKKkRHZFmzPKj1m/mrGo/7My0p9YweVVLy6HR
rW1bHXDrco7m/IfumyD82bD5v2X0V5udltj3RdfhOgOZwC0BYLopt22CznNw5qKD
SXTksoWKWEp5gjbEXbRdKAl/kE6u8FDzEvqhB0YJAe7TjNYoxBYFEwSwPKNSLLDC
aNiuZTuklTl/1F1zAk5K6MBq0reMuZ7nSBh6D+wXEuPiYeo0IwhrfWMusyJYJ1CJ
CI9ahF/uOCtUIBc9POecGd5NtaOlri+te9tPpfHMNzElrUe5DK79Yuj/8GPZaE+K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org