Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AeaL5ppz9ckXMIdy22Z3tbG6L9s.roa
File: AeaL5ppz9ckXMIdy22Z3tbG6L9s.roa (raw, json)
Hash identifier: 5wuc1lFaJUCm8f+nsmxKQHFNaZLYwfbN2AgAmcT3tS0=
Subject key identifier: 01:E6:8B:E6:9A:73:F5:C9:17:30:87:72:DB:66:77:B5:B1:BA:2F:DB
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0189787E8D920CE02AACB75E9E0E0E4B96DC
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AeaL5ppz9ckXMIdy22Z3tbG6L9s.roa
Signing time: Fri 21 Jul 2023 12:48:26 +0000
ROA not before: Fri 21 Jul 2023 12:48:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.74.193.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:7e:8d:92:0c:e0:2a:ac:b7:5e:9e:0e:0e:4b:96:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jul 21 12:48:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e68be69a73f5c917308772db6677b5b1ba2fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:9b:c5:ae:ab:87:29:05:d2:44:dd:20:90:
e7:08:4b:b7:05:c0:25:b5:d3:f3:a5:15:db:79:63:
ac:50:1f:9a:aa:31:a4:a1:40:d5:0c:8e:b2:e9:a5:
d7:43:9b:4e:8b:2b:25:39:ee:cc:cf:95:1b:9a:16:
b9:6c:fa:18:d5:94:67:6b:17:63:91:ad:d7:1a:c6:
fe:7a:18:66:b8:8c:08:60:45:a7:f3:ec:14:cf:20:
5a:6b:4e:ee:ee:33:7f:6f:05:f7:d4:23:6f:91:fa:
11:90:39:ed:b1:b5:de:08:c9:09:70:ca:d9:52:77:
70:1f:0f:65:a0:23:7c:10:c0:26:10:66:c1:bb:00:
87:fd:60:d8:ce:9a:80:38:00:ce:c5:51:6c:de:5e:
1a:ae:1e:9c:80:e2:18:d1:b2:2b:97:be:a4:19:cb:
b5:8d:3c:5e:52:72:8f:f0:1e:01:3b:be:e3:2a:6b:
5e:26:71:ac:50:68:62:9b:20:34:eb:3c:1d:81:03:
28:14:9e:aa:36:31:15:04:ca:0b:4a:1a:77:56:f0:
a5:49:87:57:e4:6c:4e:28:4a:08:5b:66:bc:6e:fa:
d4:ab:60:45:1d:2d:c3:db:8a:44:ce:21:0f:4f:d3:
af:a9:b3:e3:8a:0a:47:0d:db:8c:fd:e1:03:71:76:
ed:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E6:8B:E6:9A:73:F5:C9:17:30:87:72:DB:66:77:B5:B1:BA:2F:DB
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/AeaL5ppz9ckXMIdy22Z3tbG6L9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0-185.192.182.255
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:98:7b:af:53:f5:dd:be:d3:72:b6:22:45:c0:a8:a4:6d:ae:
f4:16:f9:11:17:b7:e8:3f:2d:44:22:c3:c6:bd:34:56:73:4e:
dc:f6:5a:aa:7d:b7:54:2e:01:80:46:9c:37:a7:e0:4f:72:27:
ad:c4:ce:ac:88:99:70:a2:25:5f:62:ca:bc:0e:a2:e6:e6:0d:
3d:91:fb:b1:56:a7:0e:c9:e4:94:af:56:45:8d:86:ae:be:b7:
70:76:3c:0f:87:a5:1e:24:6e:c1:a2:ee:89:38:ae:d7:b4:ce:
2c:f6:f7:6c:6d:de:12:af:71:81:52:3a:52:70:b2:61:13:87:
0c:31:3e:bb:d9:18:51:3a:8d:a4:be:8f:95:8f:c3:24:f7:e7:
b4:74:13:e4:b9:b5:9d:05:d9:e7:0c:ca:8c:1f:eb:39:45:50:
27:5f:22:b2:e0:05:1f:19:b2:85:a7:29:3d:f0:92:56:c6:7f:
5e:9b:be:46:b3:e4:e7:7e:3e:55:e6:8a:e4:5e:25:70:bd:02:
f5:5b:77:fd:3e:cb:15:ef:12:33:f5:c1:f7:e0:91:f6:f9:b0:
ab:4b:fc:67:74:89:e3:c7:60:c1:86:a8:50:60:4f:f6:7a:e9:
51:25:b2:8e:72:b9:ec:df:ba:a3:7a:c0:95:ac:f7:30:cc:ef:
22:3b:56:85
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYl4fo2SDOAqrLdeng4OS5bcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwNzIxMTI0ODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU2OGJlNjlhNzNmNWM5MTczMDg3NzJkYjY2NzdiNWIxYmEyZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltubxa6rhykF0kTdIJDnCEu3BcAl
tdPzpRXbeWOsUB+aqjGkoUDVDI6y6aXXQ5tOiyslOe7Mz5Ubmha5bPoY1ZRnaxdj
ka3XGsb+ehhmuIwIYEWn8+wUzyBaa07u7jN/bwX31CNvkfoRkDntsbXeCMkJcMrZ
UndwHw9loCN8EMAmEGbBuwCH/WDYzpqAOADOxVFs3l4arh6cgOIY0bIrl76kGcu1
jTxeUnKP8B4BO77jKmteJnGsUGhimyA06zwdgQMoFJ6qNjEVBMoLShp3VvClSYdX
5GxOKEoIW2a8bvrUq2BFHS3D24pEziEPT9OvqbPjigpHDduM/eEDcXbtlwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAHmi+aac/XJFzCHcttmd7Wxui/bMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvQWVhTDVwcHo5Y2tYTUlkeTIyWjN0Ykc2TDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQMAwDBAK5wLQDBAC5wLYDBAK5whgDBAK529gDBAG54F4D
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBAI+Ye69T9d2+
03K2IkXAqKRtrvQW+REXt+g/LUQiw8a9NFZzTtz2Wqp9t1QuAYBGnDen4E9yJ63E
zqyImXCiJV9iyrwOoubmDT2R+7FWpw7J5JSvVkWNhq6+t3B2PA+HpR4kbsGi7ok4
rte0ziz292xt3hKvcYFSOlJwsmEThwwxPrvZGFE6jaS+j5WPwyT357R0E+S5tZ0F
2ecMyowf6zlFUCdfIrLgBR8ZsoWnKT3wklbGf16bvkaz5Od+PlXmiuReJXC9AvVb
d/0+yxXvEjP1wffgkfb5sKtL/Gd0iePHYMGGqFBgT/Z66VElso5yuezfuqN6wJWs
9zDM7yI7VoU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org