Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1Z0wjWUJ_5hYdXy8Bhek_9J6l-0.roa
File: 1Z0wjWUJ_5hYdXy8Bhek_9J6l-0.roa (raw, json)
Hash identifier: 8kVqVMr8neUTYZA9J6w4Jkvlt6A6VNda2YG8qY376os=
Subject key identifier: D5:9D:30:8D:65:09:FF:98:58:75:7C:BC:06:17:A4:FF:D2:7A:97:ED
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 01859B3D3A4E0E920FD1ABBD85724119DB71
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1Z0wjWUJ_5hYdXy8Bhek_9J6l-0.roa
Signing time: Tue 10 Jan 2023 10:32:39 +0000
ROA not before: Tue 10 Jan 2023 10:32:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204175
IP address blocks: 185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.193.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.219.216.0/24 maxlen: 24
185.219.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:3d:3a:4e:0e:92:0f:d1:ab:bd:85:72:41:19:db:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 10 10:32:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d59d308d6509ff9858757cbc0617a4ffd27a97ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f5:43:57:af:1c:3a:41:74:ea:6e:a9:e2:54:
98:05:c4:b1:b2:ab:58:db:58:ea:59:38:90:a9:60:
3e:57:7a:56:bf:83:26:88:01:ec:9f:71:8b:35:ab:
3a:88:53:43:5f:7e:3b:be:ba:83:d4:ca:52:b5:2d:
a3:2c:b5:09:14:fc:6c:25:ea:54:a5:1b:36:ad:95:
da:21:f9:89:fe:c7:b6:8c:9a:8a:de:79:59:d8:7b:
08:1f:f9:29:d2:4d:72:0a:7f:ae:2b:3d:20:51:fe:
68:da:2c:66:ee:6a:29:a2:c5:8a:07:d2:eb:13:1b:
23:ad:10:4c:c9:3d:66:16:db:53:88:5c:fd:0b:38:
f8:6c:fc:77:fe:4f:16:a2:ed:dc:81:54:a6:25:68:
c9:b7:8d:f8:b6:97:19:5e:6a:76:3f:b5:37:a0:05:
59:e2:34:9f:bc:ee:e3:41:31:d7:5f:88:61:a6:31:
b9:3d:65:ca:cd:05:52:72:fd:92:5f:d4:09:53:16:
4b:22:06:be:86:93:df:9f:e6:44:b1:cf:fe:71:47:
e8:3a:d7:47:1e:9f:ec:82:f4:f6:02:b8:02:6b:a1:
9f:d3:7b:13:74:54:fe:b6:02:cb:9e:06:9c:09:fe:
ce:c5:33:9a:1f:81:1f:57:7a:a8:59:68:8d:ee:08:
bd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9D:30:8D:65:09:FF:98:58:75:7C:BC:06:17:A4:FF:D2:7A:97:ED
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1Z0wjWUJ_5hYdXy8Bhek_9J6l-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.193.0-185.74.195.255
185.194.25.0/24
185.219.216.0/24
185.219.219.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:09:b6:b7:49:65:9f:9d:d4:d6:7c:e3:1c:b8:8b:63:d3:34:
26:09:94:a0:56:52:51:e6:6e:83:b4:6e:cb:cc:d0:1d:98:17:
7c:e1:e2:5f:95:35:9d:6c:c8:1e:e2:75:c7:c1:66:e0:e7:c1:
5b:6c:79:fa:04:f5:b9:ce:3a:09:ea:fb:3a:c5:cc:8c:99:7f:
4c:04:3a:31:40:9f:04:5c:6f:72:53:2c:e5:5f:2e:73:7d:c8:
b4:fd:43:ad:92:1a:ef:94:5b:4b:16:15:e5:d3:60:ca:6b:39:
6e:99:a4:5f:84:f2:f1:e1:e9:7b:88:92:22:89:b3:47:67:da:
b6:8a:6b:f2:cf:ed:ec:88:3b:8e:ec:9a:8e:b4:21:45:cd:cd:
f8:0d:5e:e1:86:e8:32:a4:31:85:14:52:a2:35:97:31:fb:4d:
6e:10:f8:e2:0d:11:29:07:72:83:02:b3:a4:24:40:6d:ba:07:
22:48:4b:b1:1e:10:b3:39:9d:f6:26:3c:f7:34:5c:64:21:69:
7d:17:2c:d3:5d:82:c3:20:fa:cc:ab:9b:19:da:58:32:10:a2:
5b:c0:05:e6:20:ef:5e:2a:fc:fb:16:a1:e0:bc:fa:11:66:95:
41:3b:89:4e:41:32:30:64:7d:f1:1d:0e:e5:91:e7:b0:8e:ed:
f6:b2:ff:97
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYWbPTpODpIP0au9hXJBGdtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMTEwMTAzMjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTlkMzA4ZDY1MDlmZjk4NTg3NTdjYmMwNjE3YTRmZmQyN2E5N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvVDV68cOkF06m6p4lSYBcSxsqtY
21jqWTiQqWA+V3pWv4MmiAHsn3GLNas6iFNDX347vrqD1MpStS2jLLUJFPxsJepU
pRs2rZXaIfmJ/se2jJqK3nlZ2HsIH/kp0k1yCn+uKz0gUf5o2ixm7moposWKB9Lr
ExsjrRBMyT1mFttTiFz9Czj4bPx3/k8Wou3cgVSmJWjJt434tpcZXmp2P7U3oAVZ
4jSfvO7jQTHXX4hhpjG5PWXKzQVScv2SX9QJUxZLIga+hpPfn+ZEsc/+cUfoOtdH
Hp/sgvT2ArgCa6Gf03sTdFT+tgLLngacCf7OxTOaH4EfV3qoWWiN7gi9HwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNWdMI1lCf+YWHV8vAYXpP/SepftMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvMVowd2pXVUpfNWhZZFh5OEJoZWtfOUo2bC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAC5SsED
BAK5SsADBAC5whkDBAC529gDBAC529swDQYJKoZIhvcNAQELBQADggEBAGsJtrdJ
ZZ+d1NZ84xy4i2PTNCYJlKBWUlHmboO0bsvM0B2YF3zh4l+VNZ1syB7idcfBZuDn
wVtsefoE9bnOOgnq+zrFzIyZf0wEOjFAnwRcb3JTLOVfLnN9yLT9Q62SGu+UW0sW
FeXTYMprOW6ZpF+E8vHh6XuIkiKJs0dn2raKa/LP7eyIO47smo60IUXNzfgNXuGG
6DKkMYUUUqI1lzH7TW4Q+OINESkHcoMCs6QkQG26ByJIS7EeELM5nfYmPPc0XGQh
aX0XLNNdgsMg+syrmxnaWDIQolvABeYg714q/PsWoeC8+hFmlUE7iU5BMjBkffEd
DuWR57CO7fay/5c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org