Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/Rs7tQ5enalBCT3CIAj-KwTr2Asg.roa
File: Rs7tQ5enalBCT3CIAj-KwTr2Asg.roa (raw, json)
Hash identifier: cwXJutMlcqxFhQdurysWE0YoIhXMHVaL6GbSsjfr2ko=
Subject key identifier: 46:CE:ED:43:97:A7:6A:50:42:4F:70:88:02:3F:8A:C1:3A:F6:02:C8
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0ABE93D3
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/Rs7tQ5enalBCT3CIAj-KwTr2Asg.roa
Signing time: Mon 04 Apr 2022 20:51:48 +0000
ROA not before: Mon 04 Apr 2022 20:51:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204175
IP address blocks: 185.218.191.0/24 maxlen: 24
185.218.190.0/24 maxlen: 24
185.218.189.0/24 maxlen: 24
185.218.188.0/24 maxlen: 24
185.218.188.0/22 maxlen: 22
185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.193.0/24 maxlen: 24
185.225.151.0/24 maxlen: 24
185.225.150.0/24 maxlen: 24
185.225.149.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180261843 (0xabe93d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Apr 4 20:51:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46ceed4397a76a50424f7088023f8ac13af602c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:f8:2e:31:28:08:61:88:6c:17:fe:18:24:ac:
ba:c8:2f:71:38:9f:06:4b:73:56:ef:55:db:b1:a0:
a2:8e:57:2b:d8:e6:45:22:58:36:cc:3a:3b:7a:e4:
56:4e:81:10:f2:3f:d5:ba:a0:02:2a:50:ce:b9:9b:
88:b2:bf:8e:72:22:17:d7:09:8e:1d:46:55:3f:eb:
e8:cd:b1:d2:30:85:69:14:ea:23:27:3d:f4:bc:52:
c6:f8:38:55:f6:45:dc:bf:62:c1:0b:5a:15:cb:38:
2c:e0:0f:9e:4c:21:c0:f1:4e:3d:dd:e8:ce:62:91:
eb:b3:6d:de:76:1b:98:36:fb:22:9f:61:70:a1:34:
0d:7b:99:9b:d1:24:c5:bf:a4:48:de:86:4b:b5:31:
1c:00:f9:e3:70:ef:04:02:55:df:c4:2d:52:2b:3e:
fc:3b:2e:4b:c8:ce:74:9c:63:ed:af:66:b9:f3:7b:
d5:4d:03:dc:2c:38:0b:ac:f2:83:0d:e5:33:a6:32:
aa:8c:ac:91:2e:7e:32:a6:7c:0d:77:be:34:24:75:
e2:db:ed:74:23:94:17:3d:48:1b:1e:6b:df:8a:28:
51:e7:db:97:9a:83:c6:b7:1b:6c:c2:99:36:8d:03:
84:63:a3:82:8c:71:5a:d8:40:12:99:bd:0d:01:ba:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CE:ED:43:97:A7:6A:50:42:4F:70:88:02:3F:8A:C1:3A:F6:02:C8
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/Rs7tQ5enalBCT3CIAj-KwTr2Asg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.193.0-185.74.195.255
185.218.188.0/22
185.225.149.0-185.225.151.255
Signature Algorithm: sha256WithRSAEncryption
0f:17:46:17:a1:f6:86:47:ea:e6:bc:05:9c:64:d9:ed:4f:f7:
cc:6f:dc:b7:a7:71:68:49:22:c7:fc:28:96:f8:4e:4c:f8:3d:
19:b3:33:95:77:78:2a:bd:e1:ab:4a:a6:d4:f6:17:be:d3:97:
be:06:ae:f5:84:86:55:a4:8e:a8:1b:60:19:75:cf:c6:76:23:
68:c5:41:30:83:a4:ce:40:2e:9e:3a:7b:b7:6b:db:0b:0e:ed:
fe:17:54:79:3c:6a:b8:36:e3:aa:3d:f7:56:54:96:19:e0:f0:
82:64:c1:74:2b:de:90:75:0f:68:fd:24:c5:ae:5b:1d:5c:e5:
b9:f9:8a:88:62:1b:00:66:3b:6a:3d:16:7f:88:aa:c2:b2:04:
53:ed:b6:23:f7:4a:63:d7:73:93:07:ad:60:e8:94:f5:63:c7:
14:14:f9:b4:e5:e9:8f:e9:af:4a:50:bb:7b:b4:bd:11:35:9c:
ad:88:42:34:06:07:be:56:cc:b2:2d:f8:d7:a2:ed:25:34:12:
18:52:88:73:07:d4:41:9b:d2:57:53:18:61:69:90:c9:9c:9a:
9c:b3:c3:93:49:0e:f9:80:7a:d5:f5:68:ac:ad:14:d8:13:a4:
03:c7:9e:05:92:dd:d6:89:e8:7b:e4:55:4b:bc:33:91:cc:2d:
82:b7:4c:43
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECr6T0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YmEzMTg2NTk3NzQyYTkyNmNkMjY1MDRlMWVkNzZmODU0M2ZkYjI2MB4XDTIyMDQw
NDIwNTE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZjZWVkNDM5N2E3
NmE1MDQyNGY3MDg4MDIzZjhhYzEzYWY2MDJjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPj4LjEoCGGIbBf+GCSsusgvcTifBktzVu9V27Ggoo5XK9jm
RSJYNsw6O3rkVk6BEPI/1bqgAipQzrmbiLK/jnIiF9cJjh1GVT/r6M2x0jCFaRTq
Iyc99LxSxvg4VfZF3L9iwQtaFcs4LOAPnkwhwPFOPd3ozmKR67Nt3nYbmDb7Ip9h
cKE0DXuZm9Ekxb+kSN6GS7UxHAD543DvBAJV38QtUis+/DsuS8jOdJxj7a9mufN7
1U0D3Cw4C6zygw3lM6YyqoyskS5+MqZ8DXe+NCR14tvtdCOUFz1IGx5r34ooUefb
l5qDxrcbbMKZNo0DhGOjgoxxWthAEpm9DQG64qUCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRGzu1Dl6dqUEJPcIgCP4rBOvYCyDAfBgNVHSMEGDAWgBRroxhll3QqkmzS
ZQTh7Xb4VD/bJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2E2TVlaWmQwS3BKczBtVUU0ZTEyLUZRXzJ5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8x
L1JzN3RRNWVuYWxCQ1QzQ0lBai1Ld1RyMkFzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OWQ1OTEwLTlmNWUtNDQ2Yy04ZDNjLWJjMDA3ZjJkYWMyNC8xL2E2TVlaWmQwS3BK
czBtVUU0ZTEyLUZRXzJ5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIjAMAwQAuUrBAwQCuUrAAwQCudq8MAwD
BAC54ZUDBAO54ZAwDQYJKoZIhvcNAQELBQADggEBAA8XRheh9oZH6ua8BZxk2e1P
98xv3LencWhJIsf8KJb4Tkz4PRmzM5V3eCq94atKptT2F77Tl74GrvWEhlWkjqgb
YBl1z8Z2I2jFQTCDpM5ALp46e7dr2wsO7f4XVHk8arg246o991ZUlhng8IJkwXQr
3pB1D2j9JMWuWx1c5bn5iohiGwBmO2o9Fn+IqsKyBFPttiP3SmPXc5MHrWDolPVj
xxQU+bTl6Y/pr0pQu3u0vRE1nK2IQjQGB75WzLIt+Nei7SU0EhhSiHMH1EGb0ldT
GGFpkMmcmpyzw5NJDvmAetX1aKytFNgTpAPHngWS3daJ6HvkVUu8M5HMLYK3TEM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org