Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/INGmRZbRDeEFIYp-5HqDsNVKITo.roa
File: INGmRZbRDeEFIYp-5HqDsNVKITo.roa (raw, json)
Hash identifier: vACJkqXnY99koib2nol4IK4r6wmpd3A5jPVjr7QGg0M=
Subject key identifier: 20:D1:A6:45:96:D1:0D:E1:05:21:8A:7E:E4:7A:83:B0:D5:4A:21:3A
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0185A63191EA31530FC40DBF039CA33472F5
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/INGmRZbRDeEFIYp-5HqDsNVKITo.roa
Signing time: Thu 12 Jan 2023 13:35:44 +0000
ROA not before: Thu 12 Jan 2023 13:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a6:31:91:ea:31:53:0f:c4:0d:bf:03:9c:a3:34:72:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 12 13:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20d1a64596d10de105218a7ee47a83b0d54a213a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2c:10:f5:20:20:22:d7:1a:26:0f:0a:5c:9d:
fc:12:10:f3:a7:1d:97:6f:49:3e:44:4e:63:dd:39:
99:ca:99:96:f0:29:c3:27:fc:50:c9:95:82:91:c0:
be:04:60:e6:0f:a5:47:d0:cb:34:12:5d:f2:c9:06:
5d:7c:f8:d9:dd:46:2e:63:55:e3:86:f3:90:f1:48:
00:47:ae:60:58:59:39:0e:ae:bb:81:f6:bc:89:ac:
1f:c0:25:7b:c6:eb:35:18:3a:0f:97:67:95:2e:ef:
24:00:be:ee:bf:dc:a9:92:4f:d6:19:e1:75:19:a1:
8a:a0:af:4a:c0:39:da:bd:7f:28:7f:88:0b:d2:c0:
1f:92:32:aa:e5:97:2e:46:18:90:ce:1e:c4:3d:20:
bd:a5:c7:fb:1e:b4:90:54:1f:c6:d2:4f:f2:59:9a:
ec:12:d4:b0:0a:f2:5e:bf:7b:8c:ca:53:d6:8b:79:
ca:a5:69:7f:3e:5d:8a:1d:a4:9d:08:b9:6c:bb:23:
e6:56:85:8f:ed:a8:51:66:41:85:2f:69:dc:1b:d0:
7d:f2:0c:a1:09:15:20:1e:1d:9f:77:24:76:1b:f7:
ca:4a:c9:aa:51:40:03:7c:48:63:56:98:79:2b:a4:
6a:1c:3f:1e:59:84:ee:db:ba:ed:10:2b:9a:cc:e2:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D1:A6:45:96:D1:0D:E1:05:21:8A:7E:E4:7A:83:B0:D5:4A:21:3A
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/INGmRZbRDeEFIYp-5HqDsNVKITo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
67:c3:a7:e6:77:45:46:83:3e:6a:1a:1e:77:50:fe:17:7c:30:
db:87:f0:5b:9d:47:b0:85:4a:15:be:74:48:00:20:8e:ad:ef:
d2:cf:4f:45:0b:83:0f:c3:e1:09:90:1b:ce:e9:3a:54:8b:85:
c8:78:ed:97:2c:52:0c:e2:af:87:e0:6c:2a:9e:25:31:55:77:
13:f2:75:75:dd:96:3d:7c:6e:cd:c6:9e:7f:b9:2c:60:7c:fb:
4c:72:e4:74:ba:1e:05:79:df:94:27:9f:1a:f7:57:6c:bb:26:
73:f7:54:e5:4a:7d:50:0a:d4:0c:4b:2f:2d:75:4f:05:3b:99:
1a:cd:a8:4e:56:f3:7c:7a:90:aa:2a:86:14:d8:f4:cd:85:52:
b9:00:6d:83:31:dc:5a:b3:8a:b5:c1:0a:4f:0c:6c:4e:33:0c:
85:63:90:19:d7:a4:3a:9f:0d:4d:45:aa:f6:11:43:dc:c3:17:
0a:19:8b:9d:f7:fc:e4:5c:d7:61:ee:47:49:46:5a:1b:49:56:
1b:9e:ba:a4:a4:bd:f1:4b:75:17:42:5f:df:54:05:f8:6c:6a:
32:82:e8:14:5c:d4:01:22:bf:d4:45:98:3d:62:55:59:bf:fb:
8d:33:a5:65:0f:15:1e:f9:17:c1:97:38:21:7c:78:5a:e9:38:
6f:74:19:fe
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYWmMZHqMVMPxA2/A5yjNHL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMTEyMTMzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQxYTY0NTk2ZDEwZGUxMDUyMThhN2VlNDdhODNiMGQ1NGEyMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCwQ9SAgItcaJg8KXJ38EhDzpx2X
b0k+RE5j3TmZypmW8CnDJ/xQyZWCkcC+BGDmD6VH0Ms0El3yyQZdfPjZ3UYuY1Xj
hvOQ8UgAR65gWFk5Dq67gfa8iawfwCV7xus1GDoPl2eVLu8kAL7uv9ypkk/WGeF1
GaGKoK9KwDnavX8of4gL0sAfkjKq5ZcuRhiQzh7EPSC9pcf7HrSQVB/G0k/yWZrs
EtSwCvJev3uMylPWi3nKpWl/Pl2KHaSdCLlsuyPmVoWP7ahRZkGFL2ncG9B98gyh
CRUgHh2fdyR2G/fKSsmqUUADfEhjVph5K6RqHD8eWYTu27rtECuazOJtywIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCDRpkWW0Q3hBSGKfuR6g7DVSiE6MB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvSU5HbVJaYlJEZUVGSVlwLTVIcURzTlZLSVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQBnw6fmd0VGgz5qGh53UP4X
fDDbh/BbnUewhUoVvnRIACCOre/Sz09FC4MPw+EJkBvO6TpUi4XIeO2XLFIM4q+H
4GwqniUxVXcT8nV13ZY9fG7Nxp5/uSxgfPtMcuR0uh4Fed+UJ58a91dsuyZz91Tl
Sn1QCtQMSy8tdU8FO5kazahOVvN8epCqKoYU2PTNhVK5AG2DMdxas4q1wQpPDGxO
MwyFY5AZ16Q6nw1NRar2EUPcwxcKGYud9/zkXNdh7kdJRlobSVYbnrqkpL3xS3UX
Ql/fVAX4bGoygugUXNQBIr/URZg9YlVZv/uNM6VlDxUe+RfBlzghfHha6ThvdBn+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org