Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/TkeGSwemwIi7GqncvzXLDOcm2mU.roa
File: TkeGSwemwIi7GqncvzXLDOcm2mU.roa (raw, json)
Hash identifier: cjwjDg/vxzfHsV6Y8XXmWnDNwVSY0zRnt8U5sqVYPYg=
Subject key identifier: 4E:47:86:4B:07:A6:C0:88:BB:1A:A9:DC:BF:35:CB:0C:E7:26:DA:65
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018572FA71E5ED4EC6398D7BFE4D7866CE91
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/TkeGSwemwIi7GqncvzXLDOcm2mU.roa
Signing time: Mon 02 Jan 2023 14:54:53 +0000
ROA not before: Mon 02 Jan 2023 14:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:71:e5:ed:4e:c6:39:8d:7b:fe:4d:78:66:ce:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 2 14:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e47864b07a6c088bb1aa9dcbf35cb0ce726da65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e1:97:21:a9:bd:94:85:79:d3:18:70:86:88:
72:db:04:62:2e:cc:46:5b:88:c0:29:2c:09:27:6d:
75:31:f3:7b:aa:d7:f8:0c:d3:ec:b8:da:3f:06:0a:
79:ea:d4:37:55:00:a4:a8:e9:92:b0:63:e6:9c:1d:
21:65:2d:51:cb:15:2f:79:f9:49:c1:93:9b:ed:8f:
0b:17:ea:69:19:51:36:46:7f:81:c3:3a:fe:85:ad:
9a:5d:3d:d2:8a:bf:2e:ee:ce:db:5d:48:b7:f0:69:
92:64:12:d0:92:75:bd:45:e8:0a:56:df:ce:81:2d:
b4:95:bc:6a:c4:f1:26:0e:fc:27:5f:10:f8:df:9b:
4b:1e:59:a7:00:54:4d:0c:77:63:e8:35:44:45:5d:
33:61:91:56:71:3f:ab:99:90:ea:08:0c:7f:38:d9:
4b:a7:cc:fb:9f:22:6c:66:28:97:f7:50:8a:9c:5f:
5c:54:5b:95:98:d4:2f:e8:13:f4:8c:ac:76:da:fb:
d3:05:72:5a:dd:2e:fb:80:3d:18:df:e6:f9:8f:e0:
16:3f:4c:c4:1d:44:8a:69:55:cf:1c:a5:c9:74:3b:
d8:aa:69:a5:14:07:07:4f:02:cf:a1:1f:ca:58:5a:
d0:8c:cf:21:d4:c6:5b:3a:ce:6b:fa:6a:61:84:ce:
5d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:47:86:4B:07:A6:C0:88:BB:1A:A9:DC:BF:35:CB:0C:E7:26:DA:65
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/TkeGSwemwIi7GqncvzXLDOcm2mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:22:4d:58:40:e9:d3:25:b3:24:43:d2:bd:f0:d0:e0:db:6e:
74:59:cc:44:a0:b6:20:68:eb:83:62:c3:7e:80:73:0b:59:dd:
d2:3e:28:c7:1c:0e:cc:1e:7d:d9:89:7d:a9:9b:30:9e:b9:59:
e6:58:d9:40:eb:0b:d6:1d:bd:3d:6f:57:9e:a3:9b:9d:fd:1a:
1f:9b:ba:8e:ab:53:c8:a9:bc:83:1a:a0:3d:58:5b:c7:49:da:
fe:3e:59:21:d2:d1:63:d6:3e:9c:47:c2:f7:e5:b5:54:20:10:
d5:36:a5:57:c4:88:81:0e:86:26:de:10:7c:23:ef:82:50:15:
5b:16:fc:78:4d:ad:9a:e7:2b:90:37:0b:a2:a7:fb:d5:e7:75:
ec:15:b9:01:63:f6:f7:a8:9a:26:25:86:02:dc:35:76:ef:8c:
ad:6c:e0:26:a7:a9:d3:6f:8c:0a:3d:d8:87:2a:8b:ab:ba:ad:
09:f4:a1:4d:36:e6:31:62:b8:7b:c0:92:ba:6e:7b:7f:1a:6a:
c8:81:16:83:85:3b:08:b3:0c:b9:e7:93:1b:bb:bd:6a:8f:d2:
f5:9b:3c:96:b0:ad:e1:30:73:7f:a4:51:8d:c3:29:b3:0c:4d:
4d:c5:f8:8b:69:77:3d:4c:87:71:1a:cc:3e:f8:f3:9b:4d:0c:
5b:45:59:92
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVy+nHl7U7GOY17/k14Zs6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMTAyMTQ1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ3ODY0YjA3YTZjMDg4YmIxYWE5ZGNiZjM1Y2IwY2U3MjZkYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOGXIam9lIV50xhwhohy2wRiLsxG
W4jAKSwJJ211MfN7qtf4DNPsuNo/Bgp56tQ3VQCkqOmSsGPmnB0hZS1RyxUveflJ
wZOb7Y8LF+ppGVE2Rn+Bwzr+ha2aXT3Sir8u7s7bXUi38GmSZBLQknW9RegKVt/O
gS20lbxqxPEmDvwnXxD435tLHlmnAFRNDHdj6DVERV0zYZFWcT+rmZDqCAx/ONlL
p8z7nyJsZiiX91CKnF9cVFuVmNQv6BP0jKx22vvTBXJa3S77gD0Y3+b5j+AWP0zE
HUSKaVXPHKXJdDvYqmmlFAcHTwLPoR/KWFrQjM8h1MZbOs5r+mphhM5dHwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFE5HhksHpsCIuxqp3L81ywznJtplMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvVGtlR1N3ZW13SWk3R3FuY3Z6WExET2NtMm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQCeIk1YQOnTJbMkQ9K98NDg
2250WcxEoLYgaOuDYsN+gHMLWd3SPijHHA7MHn3ZiX2pmzCeuVnmWNlA6wvWHb09
b1eeo5ud/Rofm7qOq1PIqbyDGqA9WFvHSdr+Plkh0tFj1j6cR8L35bVUIBDVNqVX
xIiBDoYm3hB8I++CUBVbFvx4Ta2a5yuQNwuip/vV53XsFbkBY/b3qJomJYYC3DV2
74ytbOAmp6nTb4wKPdiHKouruq0J9KFNNuYxYrh7wJK6bnt/GmrIgRaDhTsIswy5
55Mbu71qj9L1mzyWsK3hMHN/pFGNwymzDE1NxfiLaXc9TIdxGsw++PObTQxbRVmS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org