Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/NvHgIp1W8lgC2Zr7ArXYnkZHsUw.roa
File: NvHgIp1W8lgC2Zr7ArXYnkZHsUw.roa (raw, json)
Hash identifier: fCnhdHRx0Tq1GUf3FrqPYjQnOvjU+49tuCu6cIGL21w=
Subject key identifier: 36:F1:E0:22:9D:56:F2:58:02:D9:9A:FB:02:B5:D8:9E:46:47:B1:4C
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 09FF08E4
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/NvHgIp1W8lgC2Zr7ArXYnkZHsUw.roa
Signing time: Mon 10 Jan 2022 12:45:44 +0000
ROA not before: Mon 10 Jan 2022 12:45:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201453
IP address blocks: 185.221.191.0/24 maxlen: 24
185.221.190.0/24 maxlen: 24
185.221.189.0/24 maxlen: 24
185.221.188.0/22 maxlen: 22
185.221.188.0/24 maxlen: 24
185.218.190.0/24 maxlen: 24
185.218.191.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.218.188.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.218.189.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.218.188.0/24 maxlen: 24
185.225.151.0/24 maxlen: 24
185.225.150.0/24 maxlen: 24
185.225.149.0/24 maxlen: 24
185.225.148.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.218.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.219.219.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.193.0/24 maxlen: 24
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167708900 (0x9ff08e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 10 12:45:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36f1e0229d56f25802d99afb02b5d89e4647b14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:63:92:36:93:38:15:2a:bf:e6:87:14:8f:
6e:78:6c:58:9b:68:38:ec:ac:75:be:6c:ef:db:4c:
3d:86:11:bc:c9:91:06:c8:b9:d1:49:23:8a:20:48:
9d:78:5d:6d:9c:4d:b0:55:39:15:81:04:7d:ba:89:
50:9f:f6:85:a3:00:d6:23:33:e3:e6:09:74:83:e9:
a9:68:29:a6:25:f0:95:8f:2e:01:20:5c:18:76:9b:
e9:cf:46:0e:ff:18:71:0a:db:47:8b:43:61:3f:31:
7b:b4:96:20:ec:8b:9a:9c:69:ff:a5:30:a6:44:23:
97:35:f9:27:ce:05:ca:57:50:0e:e3:84:76:d3:87:
79:ac:28:7d:fb:ae:87:be:0d:22:32:ce:52:4e:ec:
1f:63:b9:d8:38:91:64:fc:82:84:60:a3:39:77:82:
48:08:9b:36:9a:aa:90:26:05:4b:68:1d:79:43:97:
b3:51:3c:d7:7d:d0:f1:ba:b4:2e:7a:b2:98:db:cc:
0d:7e:e7:25:ea:ab:f2:62:fe:ed:3f:30:bf:d3:68:
c2:b3:bf:b8:99:33:4e:03:cc:db:88:7c:f7:21:a6:
39:c6:94:86:b0:9c:5d:bf:aa:01:05:0b:06:28:07:
bd:00:44:f4:70:ba:1e:1b:11:42:a7:5f:dd:bd:0e:
21:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F1:E0:22:9D:56:F2:58:02:D9:9A:FB:02:B5:D8:9E:46:47:B1:4C
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/NvHgIp1W8lgC2Zr7ArXYnkZHsUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.218.188.0/22
185.219.216.0/22
185.221.188.0/22
185.224.94.0/23
185.225.148.0/22
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:d4:1c:37:c5:71:c5:47:41:6b:68:67:92:1d:12:34:b9:80:
c3:4e:2f:57:be:27:c3:ff:c1:d1:76:2e:c2:50:97:1d:89:89:
71:47:bb:27:db:ab:8e:26:10:ea:21:65:b6:65:8e:73:c1:03:
9b:78:36:d2:ef:1e:1f:3f:e4:8d:70:31:d6:cf:b5:f4:24:bd:
14:cf:85:c2:57:02:49:c4:37:7e:9d:60:6f:1f:03:d8:88:21:
90:18:e4:9c:dd:df:4a:65:67:f4:07:a1:6c:1d:0e:91:b8:f5:
20:49:33:21:d4:3c:7a:f1:69:b1:9b:78:0e:12:bc:21:85:41:
43:b3:0b:7d:23:67:3f:36:62:6d:7f:d3:56:15:59:a9:d0:71:
b0:7f:49:3f:94:c2:42:e0:02:df:e0:57:04:56:a5:b9:76:09:
98:5e:6b:3f:78:2b:b2:4e:be:d6:35:29:36:6d:ee:32:d9:a6:
04:e7:6e:6d:0d:96:8c:8a:95:24:08:bd:d1:c9:de:0d:74:da:
ff:87:00:20:51:6b:5a:f4:9b:d6:3b:bc:d3:1d:6e:b6:82:97:
0f:e3:c9:78:d1:5d:24:11:3f:ef:e7:bc:40:f8:30:86:a8:aa:
7c:10:c0:d7:f3:11:e3:57:a5:36:ca:9c:e1:50:87:50:d2:14:
61:31:86:a8
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIECf8I5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmEzMTg2NTk3NzQyYTkyNmNkMjY1MDRlMWVkNzZmODU0M2ZkYjI2MB4XDTIyMDEx
MDEyNDU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZmMWUwMjI5ZDU2
ZjI1ODAyZDk5YWZiMDJiNWQ4OWU0NjQ3YjE0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJG9Y5I2kzgVKr/mhxSPbnhsWJtoOOysdb5s79tMPYYRvMmR
Bsi50UkjiiBInXhdbZxNsFU5FYEEfbqJUJ/2haMA1iMz4+YJdIPpqWgppiXwlY8u
ASBcGHab6c9GDv8YcQrbR4tDYT8xe7SWIOyLmpxp/6UwpkQjlzX5J84FyldQDuOE
dtOHeawoffuuh74NIjLOUk7sH2O52DiRZPyChGCjOXeCSAibNpqqkCYFS2gdeUOX
s1E8133Q8bq0LnqymNvMDX7nJeqr8mL+7T8wv9NowrO/uJkzTgPM24h89yGmOcaU
hrCcXb+qAQULBigHvQBE9HC6HhsRQqdf3b0OISECAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBQ28eAinVbyWALZmvsCtdieRkexTDAfBgNVHSMEGDAWgBRroxhll3QqkmzS
ZQTh7Xb4VD/bJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E2TVlaWmQwS3BKczBtVUU0ZTEyLUZRXzJ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8x
L052SGdJcDFXOGxnQzJacjdBclhZbmtaSHNVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8xL2E2TVlaWmQwS3BK
czBtVUU0ZTEyLUZRXzJ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEArlKwAMEArmjpAMEArmyUAMEArm3
EAMEArnAtAMEArnCGAMEArnavAMEArnb2AMEArndvAMEAbngXgMEArnhlDANBAIA
AjAHAwUAKgVKwDANBgkqhkiG9w0BAQsFAAOCAQEADtQcN8VxxUdBa2hnkh0SNLmA
w04vV74nw//B0XYuwlCXHYmJcUe7J9urjiYQ6iFltmWOc8EDm3g20u8eHz/kjXAx
1s+19CS9FM+FwlcCScQ3fp1gbx8D2IghkBjknN3fSmVn9AehbB0Okbj1IEkzIdQ8
evFpsZt4DhK8IYVBQ7MLfSNnPzZibX/TVhVZqdBxsH9JP5TCQuAC3+BXBFaluXYJ
mF5rP3grsk6+1jUpNm3uMtmmBOdubQ2WjIqVJAi90cneDXTa/4cAIFFrWvSb1ju8
0x1utoKXD+PJeNFdJBE/7+e8QPgwhqiqfBDA1/MR41elNsqc4VCHUNIUYTGGqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org