Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1j5oAhEvPvoGZb7uY4bFiboJ3WI.roa
File: 1j5oAhEvPvoGZb7uY4bFiboJ3WI.roa (raw, json)
Hash identifier: zwB1KQ6RT3VsQ/X4ZogveDFq35RA1Nb7RKEThklUNks=
Subject key identifier: D6:3E:68:02:11:2F:3E:FA:06:65:BE:EE:63:86:C5:89:BA:09:DD:62
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0AB2AC70
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1j5oAhEvPvoGZb7uY4bFiboJ3WI.roa
Signing time: Thu 31 Mar 2022 06:16:13 +0000
ROA not before: Thu 31 Mar 2022 06:16:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.221.191.0/24 maxlen: 24
185.221.190.0/24 maxlen: 24
185.221.189.0/24 maxlen: 24
185.221.188.0/22 maxlen: 22
185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179481712 (0xab2ac70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Mar 31 06:16:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d63e6802112f3efa0665beee6386c589ba09dd62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:32:31:03:fa:f8:00:65:6c:89:c3:e8:8d:2a:
59:26:ed:e5:26:c9:e4:ef:bc:8a:c1:53:0d:4f:ac:
82:01:8f:57:8c:9b:75:b9:17:c7:3a:20:b1:f4:66:
42:91:ae:45:a2:73:d9:bd:bd:9e:be:d1:89:fe:5f:
26:21:c7:ef:c9:f1:d4:bc:6e:b3:1d:d2:0a:d0:a0:
56:ca:d4:f2:47:e4:ec:03:fd:5e:63:b7:85:62:ae:
27:b1:53:44:10:d6:ee:ee:0b:a3:e5:9e:ed:20:ee:
69:07:4c:0d:37:4c:14:45:af:a6:d7:9c:38:07:d4:
84:f3:68:94:e0:b1:6d:b1:24:1c:29:96:9a:4f:b1:
0a:72:fc:30:1a:5b:04:27:b1:c2:ed:3f:1a:d5:13:
c4:09:43:17:92:ee:e6:5e:a2:18:a2:fc:e7:59:b3:
3b:39:48:f9:eb:14:5f:f6:39:76:cf:f9:6a:2e:2c:
a9:2c:21:fa:ba:de:64:68:69:12:57:0d:65:77:b6:
24:7f:92:e0:b1:3c:aa:3c:d4:52:91:ba:0b:d1:ce:
8f:b1:05:5f:00:af:29:3d:03:b6:df:e0:b2:50:b6:
f5:b2:5b:7c:be:2f:52:bf:05:9f:6a:ab:fb:1c:b8:
5b:84:37:03:9b:db:d1:14:4b:6a:0a:fb:ee:f1:e3:
96:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:3E:68:02:11:2F:3E:FA:06:65:BE:EE:63:86:C5:89:BA:09:DD:62
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/1j5oAhEvPvoGZb7uY4bFiboJ3WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.221.188.0/22
185.224.94.0/23
185.225.148.0/22
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:37:d7:bf:4f:3d:92:95:85:e1:cf:f3:cd:6d:96:a7:d7:39:
ca:f4:4d:17:f3:57:62:c5:77:f5:f0:94:7f:c8:d2:5d:fc:70:
f0:56:44:40:96:05:83:b8:a0:18:95:33:e7:21:0c:f0:9b:f3:
4e:25:f6:f4:3f:3e:fd:70:bc:9f:9f:b0:80:a8:2e:b8:7e:9c:
87:d4:da:0d:7b:68:26:1b:c6:5e:c0:eb:a0:6e:4a:65:a6:50:
d2:c5:d8:c4:b2:b8:f0:4e:67:56:3e:9a:75:bb:80:d7:74:c1:
94:b3:9b:aa:a8:17:71:e4:ed:a6:d8:37:0d:18:ab:74:08:c0:
e2:7c:b5:36:4b:91:9e:df:73:a0:9d:54:f4:c4:da:fc:c4:e3:
8a:a0:c7:f5:ed:99:4b:a0:6c:f4:69:92:15:a3:05:23:aa:d0:
e3:29:c4:bf:27:c3:80:d5:ba:45:43:36:9d:f2:dd:4c:46:cf:
00:b1:ff:5d:24:c4:32:3a:50:ff:dc:f0:92:e7:e4:b7:55:a4:
a4:b0:31:e8:7f:cc:a1:27:ce:8e:9a:5d:97:4b:e6:46:41:82:
7a:cf:a9:6a:02:12:6c:0c:e8:9f:fd:11:53:fc:a5:68:99:9d:
b0:e7:fe:b3:73:01:80:f2:1a:66:c4:91:eb:91:f3:71:9d:6a:
7d:0e:fa:60
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECrKscDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmEzMTg2NTk3NzQyYTkyNmNkMjY1MDRlMWVkNzZmODU0M2ZkYjI2MB4XDTIyMDMz
MTA2MTYxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYzZTY4MDIxMTJm
M2VmYTA2NjViZWVlNjM4NmM1ODliYTA5ZGQ2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgyMQP6+ABlbInD6I0qWSbt5SbJ5O+8isFTDU+sggGPV4yb
dbkXxzogsfRmQpGuRaJz2b29nr7Rif5fJiHH78nx1Lxusx3SCtCgVsrU8kfk7AP9
XmO3hWKuJ7FTRBDW7u4Lo+We7SDuaQdMDTdMFEWvptecOAfUhPNolOCxbbEkHCmW
mk+xCnL8MBpbBCexwu0/GtUTxAlDF5Lu5l6iGKL851mzOzlI+esUX/Y5ds/5ai4s
qSwh+rreZGhpElcNZXe2JH+S4LE8qjzUUpG6C9HOj7EFXwCvKT0Dtt/gslC29bJb
fL4vUr8Fn2qr+xy4W4Q3A5vb0RRLagr77vHjlh0CAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTWPmgCES8++gZlvu5jhsWJugndYjAfBgNVHSMEGDAWgBRroxhll3QqkmzS
ZQTh7Xb4VD/bJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E2TVlaWmQwS3BKczBtVUU0ZTEyLUZRXzJ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8x
LzFqNW9BaEV2UHZvR1piN3VZNGJGaWJvSjNXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8xL2E2TVlaWmQwS3BK
czBtVUU0ZTEyLUZRXzJ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEArlKwAMEArmjpAMEArmyUAMEArm3
EAMEArnAtAMEArnCGAMEArnb2AMEArndvAMEAbngXgMEArnhlDANBAIAAjAHAwUA
KgVKwDANBgkqhkiG9w0BAQsFAAOCAQEAOjfXv089kpWF4c/zzW2Wp9c5yvRNF/NX
YsV39fCUf8jSXfxw8FZEQJYFg7igGJUz5yEM8JvzTiX29D8+/XC8n5+wgKguuH6c
h9TaDXtoJhvGXsDroG5KZaZQ0sXYxLK48E5nVj6adbuA13TBlLObqqgXceTtptg3
DRirdAjA4ny1NkuRnt9zoJ1U9MTa/MTjiqDH9e2ZS6Bs9GmSFaMFI6rQ4ynEvyfD
gNW6RUM2nfLdTEbPALH/XSTEMjpQ/9zwkufkt1WkpLAx6H/MoSfOjppdl0vmRkGC
es+pagISbAzon/0RU/ylaJmdsOf+s3MBgPIaZsSR65HzcZ1qfQ76YA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org