Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OWi9Ai8_QAq7UOZkaIZlO6hyqUY.roa
File: OWi9Ai8_QAq7UOZkaIZlO6hyqUY.roa (raw, json)
Hash identifier: jHpHuIPyG4L3Wm/eujM3geSPTy0PxW9GQDobesgQfiY=
Subject key identifier: 39:68:BD:02:2F:3F:40:0A:BB:50:E6:64:68:86:65:3B:A8:72:A9:46
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 01867E0D78F188320BDF569C7059E9E33699
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OWi9Ai8_QAq7UOZkaIZlO6hyqUY.roa
Signing time: Thu 23 Feb 2023 11:34:17 +0000
ROA not before: Thu 23 Feb 2023 11:34:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.182.0/24 maxlen: 24
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:0d:78:f1:88:32:0b:df:56:9c:70:59:e9:e3:36:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Feb 23 11:34:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3968bd022f3f400abb50e6646886653ba872a946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a7:e1:a2:74:86:1b:d9:b3:be:a1:60:7f:3b:
4f:e2:68:5b:1c:a0:57:80:36:00:f2:d3:97:58:ac:
b2:5e:ee:30:3c:d6:e4:16:78:9e:8f:13:51:de:3b:
f5:e6:15:bc:50:30:89:46:cd:77:d9:af:11:59:0f:
27:e3:95:f5:6f:9c:88:76:d1:f3:e6:00:3d:19:70:
d4:ef:9b:d3:60:f4:02:d7:25:2d:38:b2:6e:6f:f1:
e1:14:d0:a6:0f:b2:da:81:f2:e7:6f:3f:79:aa:91:
16:04:33:9a:f4:95:4b:e2:20:d2:da:80:50:2f:c3:
2b:a7:6e:5a:93:ec:fe:ae:b3:6c:7b:f2:bd:34:11:
5a:c8:23:87:86:68:3a:f0:12:95:5c:9f:a8:15:93:
8c:2d:e3:1f:e3:76:5e:86:d9:30:01:3f:b5:40:ab:
f4:a1:3d:b6:28:85:71:07:0d:4d:95:f5:f3:66:0f:
09:6a:a5:ae:54:71:17:31:49:65:33:0b:29:71:18:
c5:de:bb:bc:6e:24:42:a6:9b:f4:11:fd:34:1c:d3:
00:06:33:b8:00:56:4c:6b:30:a6:13:9b:b0:0b:47:
ca:3f:64:df:0c:f6:eb:55:22:4b:2c:1f:0c:17:75:
31:9b:eb:0d:18:af:2d:eb:cc:ac:6d:c0:10:e0:b7:
f7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:68:BD:02:2F:3F:40:0A:BB:50:E6:64:68:86:65:3B:A8:72:A9:46
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OWi9Ai8_QAq7UOZkaIZlO6hyqUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0-185.192.182.255
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:76:fb:32:ce:b4:b6:69:90:34:da:fd:2e:e7:d5:40:bd:4e:
44:54:3f:35:42:0c:5c:22:e4:90:fc:1b:d3:a1:75:20:3e:86:
5f:84:09:71:da:35:ce:dd:72:82:c4:dd:b3:a0:8e:fe:a4:42:
bb:a0:83:ab:f5:fe:63:1b:ef:34:87:7b:2f:0e:ba:5e:9f:a3:
ee:42:63:4c:7d:fe:3e:ea:66:ff:ee:70:bd:ac:57:51:02:d9:
69:1f:f6:31:b1:ac:9b:9c:15:f9:c1:b3:df:ff:42:b3:2c:e5:
09:cb:42:1f:b3:b7:73:4c:24:10:d6:f9:d7:5c:f2:77:65:55:
3f:cb:59:00:10:87:8c:41:28:77:5d:88:f5:f7:86:1c:fe:54:
70:74:8b:cd:ec:60:09:22:58:e2:a1:e0:2c:83:49:7b:f0:68:
c7:67:16:f9:1e:6a:0f:f5:96:3f:e5:0e:97:61:21:5f:6f:e4:
96:30:ae:e4:ff:75:c5:4c:c1:8e:d4:75:0a:dd:d0:7d:9f:ae:
12:3e:4f:50:ac:5b:b0:d6:a7:b8:fd:9d:8e:eb:0f:a8:40:a2:
90:04:be:1c:ea:f3:71:b8:1a:d8:ac:03:1e:5c:ac:e4:38:d6:
30:2b:59:94:12:1e:ab:f4:6c:bf:a6:f9:3f:de:e3:a8:64:34:
05:e5:fb:5d
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYZ+DXjxiDIL31accFnp4zaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMjIzMTEzNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY4YmQwMjJmM2Y0MDBhYmI1MGU2NjQ2ODg2NjUzYmE4NzJhOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKfhonSGG9mzvqFgfztP4mhbHKBX
gDYA8tOXWKyyXu4wPNbkFniejxNR3jv15hW8UDCJRs132a8RWQ8n45X1b5yIdtHz
5gA9GXDU75vTYPQC1yUtOLJub/HhFNCmD7LagfLnbz95qpEWBDOa9JVL4iDS2oBQ
L8Mrp25ak+z+rrNse/K9NBFayCOHhmg68BKVXJ+oFZOMLeMf43ZehtkwAT+1QKv0
oT22KIVxBw1NlfXzZg8JaqWuVHEXMUllMwspcRjF3ru8biRCppv0Ef00HNMABjO4
AFZMazCmE5uwC0fKP2TfDPbrVSJLLB8MF3Uxm+sNGK8t68ysbcAQ4Lf3rwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDlovQIvP0AKu1DmZGiGZTuocqlGMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvT1dpOUFpOF9RQXE3VU9aa2FJWmxPNmh5cVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQMAwDBAK5wLQDBAC5wLYDBAK5whgDBAK529gDBAG54F4D
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBALR2+zLOtLZp
kDTa/S7n1UC9TkRUPzVCDFwi5JD8G9OhdSA+hl+ECXHaNc7dcoLE3bOgjv6kQrug
g6v1/mMb7zSHey8Oul6fo+5CY0x9/j7qZv/ucL2sV1EC2Wkf9jGxrJucFfnBs9//
QrMs5QnLQh+zt3NMJBDW+ddc8ndlVT/LWQAQh4xBKHddiPX3hhz+VHB0i83sYAki
WOKh4CyDSXvwaMdnFvkeag/1lj/lDpdhIV9v5JYwruT/dcVMwY7UdQrd0H2frhI+
T1CsW7DWp7j9nY7rD6hAopAEvhzq83G4GtisAx5crOQ41jArWZQSHqv0bL+m+T/e
46hkNAXl+10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org