Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/6gqGYnt995JWwUYKWX_L82l92MA.roa
File: 6gqGYnt995JWwUYKWX_L82l92MA.roa (raw, json)
Hash identifier: Lkn4s5VodxBGU9smUTuUCdqfkpYHfj5T2n4VX7CCU14=
Subject key identifier: EA:0A:86:62:7B:7D:F7:92:56:C1:46:0A:59:7F:CB:F3:69:7D:D8:C0
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018CC7257685DFDC24CAC9AEBD708DE9BE06
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/6gqGYnt995JWwUYKWX_L82l92MA.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.182.0/24 maxlen: 24
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:76:85:df:dc:24:ca:c9:ae:bd:70:8d:e9:be:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea0a86627b7df79256c1460a597fcbf3697dd8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:88:79:9a:a9:a5:51:d5:a7:57:7e:16:26:f7:
fe:3b:29:d6:c8:c7:f6:50:6c:35:a1:9e:d7:d6:b0:
2d:8a:27:7c:01:bb:a2:74:50:f8:6e:07:d0:b1:a9:
31:84:d6:25:c6:b7:c4:dc:ac:3c:a7:dc:2a:a4:f8:
f5:a4:1a:18:21:14:3f:d8:14:79:7d:60:f9:a6:b4:
11:74:81:0f:79:6a:8a:77:b3:6a:7c:03:a4:4e:5b:
73:69:0d:96:b7:05:3d:17:26:73:bd:c0:3f:41:2d:
d1:e9:f2:85:f1:8d:f6:bc:70:fd:7a:ec:fd:42:b5:
78:46:08:45:09:54:85:2a:30:fb:68:8b:98:a1:16:
24:6f:c2:db:f2:34:08:27:fd:31:56:bd:df:4c:53:
88:02:0c:d4:81:c4:87:ab:fd:8c:11:45:2e:d0:4d:
03:c8:83:94:a3:a6:bd:94:25:73:0b:ee:0e:94:35:
2f:f7:3b:84:ce:44:2e:2a:10:95:d4:de:e8:95:33:
d8:44:a8:34:3a:72:ce:4d:4f:02:ca:ca:05:51:e5:
c0:cf:61:9d:83:fd:31:a9:ae:c1:c7:f9:1e:2f:80:
dc:c6:e3:47:7a:17:0f:d1:7d:b6:dd:f6:1a:53:7a:
aa:79:dd:e7:b9:33:9c:da:40:07:d5:fb:7e:f0:95:
cb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0A:86:62:7B:7D:F7:92:56:C1:46:0A:59:7F:CB:F3:69:7D:D8:C0
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/6gqGYnt995JWwUYKWX_L82l92MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0-185.192.182.255
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
38:ab:a5:b9:54:c7:e3:e4:d9:00:61:f7:ac:56:c4:cc:6b:59:
dc:fd:28:3c:9d:b5:dd:91:78:8d:ca:f5:d1:0a:4d:18:60:83:
13:05:9a:e6:ae:94:a1:43:39:c7:93:54:82:ac:91:25:df:98:
40:54:e6:74:ac:8b:69:96:49:2a:42:da:55:6b:9f:1e:a7:53:
70:5f:58:17:b9:62:5f:52:c7:9f:4b:f0:5a:28:66:6c:b0:bc:
58:60:15:29:b3:46:f5:94:80:71:50:99:fa:c2:41:b8:be:39:
ae:f4:85:2b:8e:5f:9b:57:10:ab:4a:d7:1d:cc:24:90:78:8c:
90:7d:06:84:6b:69:8b:be:09:d9:12:f7:fa:5e:e0:82:7c:7c:
69:8b:db:8c:7a:39:a7:6e:04:49:fc:c9:d3:40:b4:c5:9f:03:
55:9a:f6:01:dc:6b:8e:7d:46:0e:fa:7e:d7:1d:52:7b:dd:99:
7f:45:a2:b8:e8:be:15:d8:48:cf:41:18:7a:8b:39:08:0e:75:
dd:b0:63:0e:3b:09:61:8f:f0:5c:5f:80:f4:b4:ac:91:57:b5:
2b:14:fc:2e:5b:c1:1a:79:a3:55:53:49:af:3c:8d:4d:8e:f4:
b7:d9:d2:21:27:ff:ea:64:c4:34:9c:3c:36:72:ca:95:4b:39:
0b:02:ff:fb
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzHJXaF39wkysmuvXCN6b4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBhODY2MjdiN2RmNzkyNTZjMTQ2MGE1OTdmY2JmMzY5N2RkOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54h5mqmlUdWnV34WJvf+OynWyMf2
UGw1oZ7X1rAtiid8AbuidFD4bgfQsakxhNYlxrfE3Kw8p9wqpPj1pBoYIRQ/2BR5
fWD5prQRdIEPeWqKd7NqfAOkTltzaQ2WtwU9FyZzvcA/QS3R6fKF8Y32vHD9euz9
QrV4RghFCVSFKjD7aIuYoRYkb8Lb8jQIJ/0xVr3fTFOIAgzUgcSHq/2MEUUu0E0D
yIOUo6a9lCVzC+4OlDUv9zuEzkQuKhCV1N7olTPYRKg0OnLOTU8CysoFUeXAz2Gd
g/0xqa7Bx/keL4DcxuNHehcP0X223fYaU3qqed3nuTOc2kAH1ft+8JXLAQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFOoKhmJ7ffeSVsFGCll/y/NpfdjAMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvNmdxR1ludDk5NUpXd1VZS1dYX0w4Mmw5Mk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQMAwDBAK5wLQDBAC5wLYDBAK5whgDBAK529gDBAG54F4D
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBADirpblUx+Pk
2QBh96xWxMxrWdz9KDydtd2ReI3K9dEKTRhggxMFmuaulKFDOceTVIKskSXfmEBU
5nSsi2mWSSpC2lVrnx6nU3BfWBe5Yl9Sx59L8FooZmywvFhgFSmzRvWUgHFQmfrC
Qbi+Oa70hSuOX5tXEKtK1x3MJJB4jJB9BoRraYu+CdkS9/pe4IJ8fGmL24x6Oadu
BEn8ydNAtMWfA1Wa9gHca459Rg76ftcdUnvdmX9ForjovhXYSM9BGHqLOQgOdd2w
Yw47CWGP8FxfgPS0rJFXtSsU/C5bwRp5o1VTSa88jU2O9LfZ0iEn/+pkxDScPDZy
ypVLOQsC//s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org