Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/FJqPtTvPYo0lmjy8ych9W3boh3s.roa
File: FJqPtTvPYo0lmjy8ych9W3boh3s.roa (raw, json)
Hash identifier: cc8mD1q/YKH1ZJ2LBVLxGPQV3nARcQKmbb7ZcLdZBbo=
Subject key identifier: 14:9A:8F:B5:3B:CF:62:8D:25:9A:3C:BC:C9:C8:7D:5B:76:E8:87:7B
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 01845CB0893296854C259D09227412CD3972
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/FJqPtTvPYo0lmjy8ych9W3boh3s.roa
Signing time: Wed 09 Nov 2022 13:59:43 +0000
ROA not before: Wed 09 Nov 2022 13:59:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:b0:89:32:96:85:4c:25:9d:09:22:74:12:cd:39:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Nov 9 13:59:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=149a8fb53bcf628d259a3cbcc9c87d5b76e8877b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:50:14:24:a5:b2:cd:1c:52:09:21:95:6d:88:
8f:e6:37:2a:14:1e:e3:a8:5c:af:6e:35:88:b3:27:
5e:3c:84:20:f9:b9:1e:4a:36:88:fc:b0:57:29:d9:
82:5a:5a:61:f9:00:67:d8:a2:dd:fa:74:8a:24:91:
bc:27:1e:7f:bf:d7:b3:98:45:82:3c:15:45:04:34:
02:73:b2:f4:ae:45:17:6e:e9:98:5f:1d:32:5d:e2:
07:b5:5d:c3:82:2c:c9:e1:ff:86:31:e9:1c:13:d6:
e9:38:ca:60:f4:81:a1:0a:50:62:fa:79:1c:9f:3c:
85:20:56:0b:62:51:85:15:bc:7d:90:8c:71:99:13:
b8:c3:1c:01:e9:0a:58:1e:93:77:d5:5c:79:ce:db:
90:a3:54:2f:a6:c9:2e:13:32:a2:fb:36:df:4b:02:
03:aa:6b:ad:fd:37:59:4a:ba:5b:54:05:df:f5:77:
ec:4b:51:02:f4:a8:78:7f:b8:b9:12:5a:5b:89:b2:
b8:7a:98:39:d3:ec:a3:c6:44:f0:c5:a3:e7:cd:32:
df:57:f6:e1:a3:68:1f:89:a6:da:0c:1c:a5:bc:c2:
f8:80:87:23:2e:26:e5:99:11:a0:d2:31:41:3b:c0:
02:44:0d:f9:5d:d3:12:dc:8b:e5:05:09:55:aa:ef:
35:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9A:8F:B5:3B:CF:62:8D:25:9A:3C:BC:C9:C8:7D:5B:76:E8:87:7B
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/FJqPtTvPYo0lmjy8ych9W3boh3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
04:e5:4b:55:98:4b:5b:81:e1:79:53:28:d5:fd:58:69:26:46:
05:28:00:24:c9:64:6b:7a:b8:2d:b4:7e:fc:1c:d8:92:4d:dd:
ca:c0:78:64:38:44:01:0d:a7:0e:01:31:d2:df:cb:0c:04:55:
cf:21:b8:47:e8:7f:05:4a:5a:4f:08:d3:37:2e:2f:8a:91:fa:
f7:ea:26:a7:bb:22:72:fc:07:43:5c:67:bb:3c:16:e9:55:2e:
7a:9b:9b:a4:ce:81:38:ae:bc:ff:43:cd:74:c0:f5:62:fa:11:
9a:90:72:3e:26:29:d8:a2:69:78:01:5c:f2:88:d3:4e:37:e5:
68:4f:8c:29:68:96:f7:a5:77:eb:25:d0:0e:ad:05:61:56:fb:
33:e0:db:b4:4a:f4:fa:eb:33:db:3b:35:8f:29:c1:fe:91:7b:
f1:73:0e:ea:32:5f:26:cc:63:3e:cb:44:a3:26:02:57:8e:60:
54:ca:61:9c:6f:bd:28:71:37:bd:e7:c7:93:06:3c:eb:41:59:
1c:ef:0a:da:95:ae:c0:9c:9a:79:f9:d5:96:84:1b:38:76:32:
be:07:bf:fd:85:ae:58:72:02:82:b8:f0:b0:52:8b:dc:a9:ad:
ec:c3:b8:96:5f:d4:28:7e:11:c9:4c:c2:a7:b0:7f:d1:0f:e6:
25:fb:46:1e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYRcsIkyloVMJZ0JInQSzTlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjIxMTA5MTM1OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDlhOGZiNTNiY2Y2MjhkMjU5YTNjYmNjOWM4N2Q1Yjc2ZTg4NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVAUJKWyzRxSCSGVbYiP5jcqFB7j
qFyvbjWIsydePIQg+bkeSjaI/LBXKdmCWlph+QBn2KLd+nSKJJG8Jx5/v9ezmEWC
PBVFBDQCc7L0rkUXbumYXx0yXeIHtV3DgizJ4f+GMekcE9bpOMpg9IGhClBi+nkc
nzyFIFYLYlGFFbx9kIxxmRO4wxwB6QpYHpN31Vx5ztuQo1QvpskuEzKi+zbfSwID
qmut/TdZSrpbVAXf9XfsS1EC9Kh4f7i5ElpbibK4epg50+yjxkTwxaPnzTLfV/bh
o2gfiabaDBylvML4gIcjLiblmRGg0jFBO8ACRA35XdMS3IvlBQlVqu81WQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBSaj7U7z2KNJZo8vMnIfVt26Id7MB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvRkpxUHRUdlBZbzBsbWp5OHljaDlXM2JvaDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQAE5UtVmEtbgeF5UyjV/Vhp
JkYFKAAkyWRrergttH78HNiSTd3KwHhkOEQBDacOATHS38sMBFXPIbhH6H8FSlpP
CNM3Li+Kkfr36ianuyJy/AdDXGe7PBbpVS56m5ukzoE4rrz/Q810wPVi+hGakHI+
JinYoml4AVzyiNNON+VoT4wpaJb3pXfrJdAOrQVhVvsz4Nu0SvT66zPbOzWPKcH+
kXvxcw7qMl8mzGM+y0SjJgJXjmBUymGcb70ocTe958eTBjzrQVkc7wrala7AnJp5
+dWWhBs4djK+B7/9ha5YcgKCuPCwUovcqa3sw7iWX9QofhHJTMKnsH/RD+Yl+0Ye
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org