Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/3SvcR32w66mZ2SxxXsD0vFdq0hQ.roa
File: 3SvcR32w66mZ2SxxXsD0vFdq0hQ.roa (raw, json)
Hash identifier: /LRJiHe9SjMuDzc8dZcBeqWGI5Wm99nkroqfGZAd9sc=
Subject key identifier: DD:2B:DC:47:7D:B0:EB:A9:99:D9:2C:71:5E:C0:F4:BC:57:6A:D2:14
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 01845B9CF58E04415495D5CDF0B98899292C
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/3SvcR32w66mZ2SxxXsD0vFdq0hQ.roa
Signing time: Wed 09 Nov 2022 08:58:43 +0000
ROA not before: Wed 09 Nov 2022 08:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:9c:f5:8e:04:41:54:95:d5:cd:f0:b9:88:99:29:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Nov 9 08:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd2bdc477db0eba999d92c715ec0f4bc576ad214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e7:0c:d4:e7:40:16:19:75:cd:0e:c6:68:fc:
79:7d:85:e1:ac:eb:69:f6:43:95:47:c7:aa:a2:12:
4d:14:b3:48:80:52:fc:d2:fd:19:eb:85:00:70:06:
1c:c1:85:ab:1a:c1:cc:cf:3d:d3:06:e7:fe:d9:c7:
f3:b3:d6:16:83:5e:f5:49:1a:97:e2:2c:5a:7f:d2:
96:92:b4:c6:79:0d:26:f3:e6:fd:1b:5c:f3:9a:1d:
85:01:78:fe:fb:c6:52:b3:49:80:ec:f1:9e:29:15:
a4:08:35:80:27:b9:a5:ff:34:87:3b:99:c3:8f:3f:
9a:e3:e1:0b:17:cc:86:b5:ed:68:65:e9:74:7b:c2:
99:60:e3:01:17:69:62:5a:8a:aa:4d:9b:c4:29:40:
28:3a:d4:f0:ef:8f:0a:7d:f3:e4:60:bc:35:d1:0d:
79:7d:3d:16:be:8f:f4:4b:b9:95:1e:d2:a2:8b:16:
2a:2c:4d:45:01:6e:53:87:61:44:a1:64:90:1f:cf:
17:c0:35:74:d5:de:07:96:b5:0b:31:0d:76:ba:ba:
34:ed:37:d0:3a:b7:26:0d:46:60:33:12:56:37:1b:
81:d9:d9:5b:16:36:bb:34:01:d2:1b:3a:8f:40:89:
77:29:e6:e1:b9:e7:2d:98:99:fd:0f:8c:84:d8:d1:
da:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:DC:47:7D:B0:EB:A9:99:D9:2C:71:5E:C0:F4:BC:57:6A:D2:14
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/3SvcR32w66mZ2SxxXsD0vFdq0hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:6e:75:3f:67:4b:99:54:d5:17:02:9e:f7:be:69:21:0b:01:
eb:21:28:18:34:d2:a3:65:34:cf:54:2c:6e:42:73:51:8f:9b:
50:fe:82:e6:68:e9:83:32:3b:46:be:e4:d1:c0:28:d3:bb:7d:
b2:c7:0a:ea:13:21:63:18:7f:bc:57:d4:55:bb:27:c6:50:e7:
a5:94:4d:34:aa:d7:d9:d4:b0:82:62:a9:b7:7e:2f:8d:89:cc:
d5:62:e8:50:87:a2:2e:56:65:9a:59:cb:af:ce:d3:78:73:ea:
ac:5e:c0:59:cb:b6:5a:56:02:18:c8:d6:aa:de:bd:ac:97:07:
12:4d:bc:94:98:e0:33:ae:42:2a:29:c2:6f:28:c1:17:e9:6c:
59:68:a6:26:dc:8d:65:f4:0d:b4:3f:3e:b6:69:5f:6d:89:ff:
74:eb:4f:58:b3:93:98:0f:fb:e1:12:89:b0:f1:ea:ef:16:4c:
fc:c3:ac:fd:28:cc:04:c6:83:8c:43:ef:4a:f1:13:fe:9e:a3:
a0:62:90:3e:02:2c:0e:35:e3:d6:ea:58:ed:7f:b4:56:2f:4d:
f3:53:a7:a6:29:9c:53:9a:ed:ca:a1:f5:d3:95:55:e2:d2:59:
83:a9:ab:78:d9:da:a4:df:4a:a3:e1:df:e8:81:c4:d0:de:12:
ad:7a:64:36
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYRbnPWOBEFUldXN8LmImSksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjIxMTA5MDg1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJiZGM0NzdkYjBlYmE5OTlkOTJjNzE1ZWMwZjRiYzU3NmFkMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ecM1OdAFhl1zQ7GaPx5fYXhrOtp
9kOVR8eqohJNFLNIgFL80v0Z64UAcAYcwYWrGsHMzz3TBuf+2cfzs9YWg171SRqX
4ixaf9KWkrTGeQ0m8+b9G1zzmh2FAXj++8ZSs0mA7PGeKRWkCDWAJ7ml/zSHO5nD
jz+a4+ELF8yGte1oZel0e8KZYOMBF2liWoqqTZvEKUAoOtTw748KffPkYLw10Q15
fT0Wvo/0S7mVHtKiixYqLE1FAW5Th2FEoWSQH88XwDV01d4HlrULMQ12uro07TfQ
OrcmDUZgMxJWNxuB2dlbFja7NAHSGzqPQIl3KebhuectmJn9D4yE2NHa4wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFN0r3Ed9sOupmdkscV7A9LxXatIUMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvM1N2Y1IzMnc2Nm1aMlN4eFhzRDB2RmRxMGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQB+bnU/Z0uZVNUXAp73vmkh
CwHrISgYNNKjZTTPVCxuQnNRj5tQ/oLmaOmDMjtGvuTRwCjTu32yxwrqEyFjGH+8
V9RVuyfGUOellE00qtfZ1LCCYqm3fi+NiczVYuhQh6IuVmWaWcuvztN4c+qsXsBZ
y7ZaVgIYyNaq3r2slwcSTbyUmOAzrkIqKcJvKMEX6WxZaKYm3I1l9A20Pz62aV9t
if90609Ys5OYD/vhEomw8ervFkz8w6z9KMwExoOMQ+9K8RP+nqOgYpA+AiwONePW
6ljtf7RWL03zU6emKZxTmu3KofXTlVXi0lmDqat42dqk30qj4d/ogcTQ3hKtemQ2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org