Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/2yq4wFCA-4ZCkST6jqJlncYh0Ug.roa
File: 2yq4wFCA-4ZCkST6jqJlncYh0Ug.roa (raw, json)
Hash identifier: /i+YMjAYgbQ+RWXKUmVpXkePRJnU8dpVnTOMrtnsHHc=
Subject key identifier: DB:2A:B8:C0:50:80:FB:86:42:91:24:FA:8E:A2:65:9D:C6:21:D1:48
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0A80C02A
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/2yq4wFCA-4ZCkST6jqJlncYh0Ug.roa
Signing time: Fri 11 Mar 2022 09:31:25 +0000
ROA not before: Fri 11 Mar 2022 09:31:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.221.191.0/24 maxlen: 24
185.221.190.0/24 maxlen: 24
185.221.189.0/24 maxlen: 24
185.221.188.0/22 maxlen: 22
185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.218.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.219.219.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.151.0/24 maxlen: 24
185.225.150.0/24 maxlen: 24
185.225.149.0/24 maxlen: 24
185.225.148.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.193.0/24 maxlen: 24
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176209962 (0xa80c02a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Mar 11 09:31:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db2ab8c05080fb86429124fa8ea2659dc621d148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:44:24:f8:ae:ad:4b:66:67:00:54:b7:d3:
70:e4:64:eb:00:ae:1e:2c:af:b8:9d:e5:9d:e0:80:
3e:df:60:bd:e9:c6:6e:93:89:da:06:43:29:eb:27:
28:8e:e1:b8:02:0f:26:79:ea:3d:e7:5a:59:b1:a8:
29:e5:1d:87:81:a0:a8:e8:89:77:47:fb:09:ca:0d:
f6:da:00:9e:31:15:57:78:74:9a:88:f7:11:a7:fe:
40:c8:b8:36:b9:5b:f9:55:e3:48:6a:bd:b9:fb:e4:
1b:e4:b3:09:22:6f:8c:04:6e:9b:8c:34:f8:15:7b:
4b:b0:d6:75:27:3b:17:a1:cc:21:51:a5:1a:15:9c:
a3:7d:3f:d9:a9:b2:e1:a8:44:cd:e3:4f:34:12:33:
29:38:88:f9:3b:5b:74:7a:5d:5e:9a:b2:83:d1:bc:
b4:6d:e2:bb:67:71:f3:d3:72:36:f1:11:f3:be:6a:
8b:12:40:5e:8e:d5:05:8c:a9:fb:1e:8a:4c:e2:0e:
ef:b9:7a:0a:21:db:57:9e:83:0f:97:1c:26:dd:b1:
f7:53:e1:19:01:52:e5:16:84:24:e7:6d:95:ca:4e:
9f:65:e1:f2:41:d4:24:e4:91:04:a3:9a:12:2e:06:
a5:57:f8:d5:62:e7:d8:2f:4e:4e:86:9f:e5:17:ee:
95:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2A:B8:C0:50:80:FB:86:42:91:24:FA:8E:A2:65:9D:C6:21:D1:48
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/2yq4wFCA-4ZCkST6jqJlncYh0Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.221.188.0/22
185.224.94.0/23
185.225.148.0/22
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
45:f8:4b:d1:0c:e6:21:4c:26:57:c7:89:81:5a:d8:56:62:92:
f9:68:5d:27:01:80:0d:47:8e:a3:3c:91:bc:e5:17:c5:5b:7f:
2c:47:33:ce:42:9c:53:5f:26:cc:5f:5f:79:59:21:8e:c7:b6:
48:d4:8c:f4:b9:78:78:b2:2d:65:36:44:07:87:8a:88:41:b7:
f2:81:1d:bd:95:62:de:c7:3f:3c:a2:cd:4e:56:8a:2f:39:92:
dc:6b:6f:26:dc:78:15:05:bf:ad:d9:97:ef:9c:ba:d1:27:68:
d4:be:f7:82:b8:c6:a0:31:f8:9e:e3:34:69:0e:06:c0:a4:0a:
32:17:73:e3:98:dc:34:76:b4:0d:05:33:65:10:e9:ab:a6:56:
f5:89:78:a7:0f:65:33:70:32:83:f8:63:63:90:d1:48:3f:ed:
73:7f:88:8a:da:9f:27:39:d3:a7:76:a9:6c:bf:5d:9a:03:ba:
f1:d8:98:95:88:dc:8f:48:bd:9e:ce:25:e9:75:b0:3b:c6:60:
7d:25:ad:ff:47:60:6f:4b:95:b8:71:18:1c:11:c8:78:de:01:
b5:cd:dd:0d:bc:30:3c:db:dc:91:40:f6:51:dd:a4:36:73:b8:
ab:4e:91:52:5f:29:ff:20:95:47:83:e4:8b:04:e3:4d:48:9d:
63:f9:58:5b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIECoDAKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmEzMTg2NTk3NzQyYTkyNmNkMjY1MDRlMWVkNzZmODU0M2ZkYjI2MB4XDTIyMDMx
MTA5MzEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIyYWI4YzA1MDgw
ZmI4NjQyOTEyNGZhOGVhMjY1OWRjNjIxZDE0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcjRCT4rq1LZmcAVLfTcORk6wCuHiyvuJ3lneCAPt9gvenG
bpOJ2gZDKesnKI7huAIPJnnqPedaWbGoKeUdh4GgqOiJd0f7CcoN9toAnjEVV3h0
moj3Eaf+QMi4Nrlb+VXjSGq9ufvkG+SzCSJvjARum4w0+BV7S7DWdSc7F6HMIVGl
GhWco30/2amy4ahEzeNPNBIzKTiI+TtbdHpdXpqyg9G8tG3iu2dx89NyNvER875q
ixJAXo7VBYyp+x6KTOIO77l6CiHbV56DD5ccJt2x91PhGQFS5RaEJOdtlcpOn2Xh
8kHUJOSRBKOaEi4GpVf41WLn2C9OToaf5RfulZMCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTbKrjAUID7hkKRJPqOomWdxiHRSDAfBgNVHSMEGDAWgBRroxhll3QqkmzS
ZQTh7Xb4VD/bJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E2TVlaWmQwS3BKczBtVUU0ZTEyLUZRXzJ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8x
LzJ5cTR3RkNBLTRaQ2tTVDZqcUpsbmNZaDBVZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8xL2E2TVlaWmQwS3BK
czBtVUU0ZTEyLUZRXzJ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEArlKwAMEArmjpAMEArmyUAMEArm3
EAMEArnAtAMEArnCGAMEArnb2AMEArndvAMEAbngXgMEArnhlDANBAIAAjAHAwUA
KgVKwDANBgkqhkiG9w0BAQsFAAOCAQEARfhL0QzmIUwmV8eJgVrYVmKS+WhdJwGA
DUeOozyRvOUXxVt/LEczzkKcU18mzF9feVkhjse2SNSM9Ll4eLItZTZEB4eKiEG3
8oEdvZVi3sc/PKLNTlaKLzmS3GtvJtx4FQW/rdmX75y60Sdo1L73grjGoDH4nuM0
aQ4GwKQKMhdz45jcNHa0DQUzZRDpq6ZW9Yl4pw9lM3Ayg/hjY5DRSD/tc3+Iitqf
JznTp3apbL9dmgO68diYlYjcj0i9ns4l6XWwO8ZgfSWt/0dgb0uVuHEYHBHIeN4B
tc3dDbwwPNvckUD2Ud2kNnO4q06RUl8p/yCVR4PkiwTjTUidY/lYWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org