Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AVojqnQ1lYOUgZiw4AEA_-Xjw9Q.roa
File: AVojqnQ1lYOUgZiw4AEA_-Xjw9Q.roa (raw, json)
Hash identifier: yfa9oZMmvScZMRvi6SYDvNIu5qDTbHmeubcTaUsDKyo=
Subject key identifier: 01:5A:23:AA:74:35:95:83:94:81:98:B0:E0:01:00:FF:E5:E3:C3:D4
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018DC5A71CFAE2E0912DB0E602FC5BC4C8F0
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AVojqnQ1lYOUgZiw4AEA_-Xjw9Q.roa
Signing time: Tue 20 Feb 2024 08:34:39 +0000
ROA not before: Tue 20 Feb 2024 08:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.74.192.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.164.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.167.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.80.0/24 maxlen: 24
185.178.81.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.194.24.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:a7:1c:fa:e2:e0:91:2d:b0:e6:02:fc:5b:c4:c8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Feb 20 08:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=015a23aa74359583948198b0e00100ffe5e3c3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3e:b4:e3:7b:89:49:d0:e0:fc:d9:83:41:51:
3a:61:52:a2:e2:9a:8c:0d:0f:5c:57:a6:35:94:fd:
b2:88:44:93:49:a7:e3:08:4b:a0:09:1e:08:17:ac:
79:96:23:47:2c:be:a5:38:b8:48:2c:f7:36:e4:7b:
79:d9:e1:1a:a5:8b:ad:ab:5a:4f:c3:4d:aa:39:37:
6a:f4:2f:fa:57:00:85:18:b1:70:cf:08:c8:e4:34:
e4:eb:d1:a0:ba:d8:ba:3e:f0:15:f3:25:5f:23:6c:
58:8c:4b:b5:c7:e6:ad:c9:ca:94:a5:fd:c6:b1:ab:
19:a3:f4:e0:ae:1d:e0:7c:cc:0c:48:f4:d2:21:d0:
b8:a1:57:8a:44:9a:0c:e8:0e:6a:43:27:8d:d2:67:
a5:c4:af:1c:0d:2b:02:84:9a:e1:92:c1:bb:4a:a5:
51:ed:90:10:bb:f6:7b:d4:46:a3:59:62:ef:c3:3c:
83:5c:0d:64:c3:0c:c5:dc:d7:97:77:39:70:ce:5a:
72:cd:86:ee:d8:7a:de:6c:b8:2f:bf:3b:03:e7:72:
e9:c1:28:40:1e:db:c3:d2:d7:59:82:d9:3a:02:6b:
1c:8e:b7:20:ae:c9:bb:0b:40:8f:d6:01:7d:ee:c9:
00:76:4b:a5:0a:6e:d9:ed:ee:b3:7f:e8:49:b5:c1:
b5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5A:23:AA:74:35:95:83:94:81:98:B0:E0:01:00:FF:E5:E3:C3:D4
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AVojqnQ1lYOUgZiw4AEA_-Xjw9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/24
185.163.164.0/22
185.178.80.0/22
185.183.16.0-185.183.18.255
185.192.182.0/24
185.194.24.0/24
185.194.26.0/23
185.219.216.0/22
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
82:16:af:27:39:1e:f0:6a:b5:34:48:ab:5b:98:72:a1:56:61:
cc:52:f9:e8:21:f1:e1:28:a3:d6:5b:72:b1:63:aa:d6:5e:a0:
d2:67:a5:42:13:5b:6a:ba:44:95:99:a6:b9:e1:93:e5:f7:46:
ed:a6:28:41:1a:1f:d0:ce:9a:11:15:a9:f0:5e:61:69:1d:87:
b9:5a:34:e4:c6:7f:af:9a:b5:d7:61:85:4a:ba:eb:e2:2d:ae:
fc:2d:9c:d6:eb:e7:30:4a:92:79:19:5f:23:5b:6e:8c:72:5f:
17:49:f4:ff:a7:32:e6:b4:2a:2e:a7:1c:5a:bf:5f:38:62:3b:
19:2c:38:f5:36:b1:3a:f9:c3:df:45:b8:81:80:e2:bf:aa:93:
e4:30:c9:3e:cf:27:3b:4a:06:9b:6b:60:67:83:ba:6e:07:c8:
b8:67:28:3b:8f:51:ae:46:7b:8f:9a:46:50:4b:49:08:11:72:
bc:66:f7:35:a3:84:72:14:81:f9:ed:1d:72:1c:5a:59:04:17:
44:cf:dc:e9:35:57:e6:1b:e4:d7:35:9e:83:61:e2:ef:9a:e6:
2e:46:96:5c:94:eb:2f:b2:ac:c2:a1:a4:3f:0e:55:1c:6c:7e:
90:3b:18:04:b1:bb:5d:28:49:7f:ea:32:42:79:78:be:58:19:
cd:7d:20:fb
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY3Fpxz64uCRLbDmAvxbxMjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMjIwMDgzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVhMjNhYTc0MzU5NTgzOTQ4MTk4YjBlMDAxMDBmZmU1ZTNjM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz6043uJSdDg/NmDQVE6YVKi4pqM
DQ9cV6Y1lP2yiESTSafjCEugCR4IF6x5liNHLL6lOLhILPc25Ht52eEapYutq1pP
w02qOTdq9C/6VwCFGLFwzwjI5DTk69Gguti6PvAV8yVfI2xYjEu1x+atycqUpf3G
sasZo/Tgrh3gfMwMSPTSIdC4oVeKRJoM6A5qQyeN0melxK8cDSsChJrhksG7SqVR
7ZAQu/Z71EajWWLvwzyDXA1kwwzF3NeXdzlwzlpyzYbu2HrebLgvvzsD53LpwShA
HtvD0tdZgtk6Amscjrcgrsm7C0CP1gF97skAdkulCm7Z7e6zf+hJtcG1fwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAFaI6p0NZWDlIGYsOABAP/l48PUMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvQVZvanFuUTFsWU9VZ1ppdzRBRUFfLVhqdzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQAuUrAAwQC
uaOkAwQCubJQMAwDBAS5txADBAC5txIDBAC5wLYDBAC5whgDBAG5whoDBAK529gD
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBAIIWryc5HvBq
tTRIq1uYcqFWYcxS+egh8eEoo9ZbcrFjqtZeoNJnpUITW2q6RJWZprnhk+X3Ru2m
KEEaH9DOmhEVqfBeYWkdh7laNOTGf6+atddhhUq66+ItrvwtnNbr5zBKknkZXyNb
boxyXxdJ9P+nMua0Ki6nHFq/XzhiOxksOPU2sTr5w99FuIGA4r+qk+QwyT7PJztK
BptrYGeDum4HyLhnKDuPUa5Ge4+aRlBLSQgRcrxm9zWjhHIUgfntHXIcWlkEF0TP
3Ok1V+Yb5Nc1noNh4u+a5i5GllyU6y+yrMKhpD8OVRxsfpA7GASxu10oSX/qMkJ5
eL5YGc19IPs=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:23 2025 by rpki-client