Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/cJ9bP6uNR1oty86x_abAFjJNeuw.roa
File: cJ9bP6uNR1oty86x_abAFjJNeuw.roa (raw, json)
Hash identifier: yIOCw97tIQU6052n0TVkcOHsXPvA6CqWP5RihuoxReA=
Subject key identifier: 70:9F:5B:3F:AB:8D:47:5A:2D:CB:CE:B1:FD:A6:C0:16:32:4D:7A:EC
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0183B23FBB51F6255357F4A430850A848911
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/cJ9bP6uNR1oty86x_abAFjJNeuw.roa
Signing time: Fri 07 Oct 2022 11:41:04 +0000
ROA not before: Fri 07 Oct 2022 11:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212988
IP address blocks: 185.221.190.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.221.188.0/24 maxlen: 24
185.221.189.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/24 maxlen: 24
185.219.219.0/24 maxlen: 24
185.219.217.0/24 maxlen: 24
185.219.218.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b2:3f:bb:51:f6:25:53:57:f4:a4:30:85:0a:84:89:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Oct 7 11:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=709f5b3fab8d475a2dcbceb1fda6c016324d7aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2a:c5:47:07:0b:36:94:cd:96:a7:b6:b6:c8:
09:5f:ed:d4:dc:46:75:72:1b:c5:c8:3a:3a:53:72:
59:f4:b9:5e:0e:ff:40:04:a0:8e:6d:ee:10:cf:94:
b8:fa:21:07:25:ea:69:a0:90:99:7f:cf:91:93:33:
99:fe:1f:ed:7e:3c:2a:7d:e3:47:a4:2f:2e:c6:59:
77:6d:97:ff:48:06:47:7a:18:09:09:da:b0:1e:36:
22:9a:f5:68:5f:d5:93:0d:06:d9:77:3e:4c:17:93:
ed:80:20:85:6b:5a:e6:92:98:37:96:08:09:aa:10:
f8:ad:a8:6b:bf:37:0f:d5:19:fa:2b:47:ad:ac:ea:
78:56:44:b3:5b:c7:b4:aa:95:4a:81:eb:5e:2f:60:
0f:95:50:fc:32:b5:0d:ca:ab:b2:a6:e6:bf:d0:2e:
c7:45:c8:a9:8a:d8:6b:d5:de:3e:15:9b:d9:f1:5d:
91:8f:b1:52:5f:11:fb:20:7d:4e:86:11:c2:f1:0b:
0a:c0:b0:5d:d7:cf:d1:0a:20:d6:7a:b7:ef:1b:b9:
26:2d:9f:c4:68:85:39:2a:76:73:06:ec:8a:c4:9a:
d2:00:85:6f:dd:f3:fb:2f:c3:7a:e0:13:7b:3f:1a:
f5:b8:42:33:b9:d9:53:01:2a:12:13:62:46:0d:de:
e5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9F:5B:3F:AB:8D:47:5A:2D:CB:CE:B1:FD:A6:C0:16:32:4D:7A:EC
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/cJ9bP6uNR1oty86x_abAFjJNeuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.26.0/23
185.219.216.0/22
185.221.188.0/22
Signature Algorithm: sha256WithRSAEncryption
41:2f:64:21:cf:31:aa:42:cd:41:65:c4:3d:d2:5f:7c:f1:c4:
b3:2f:00:9a:47:45:d8:c8:a7:12:4c:03:31:d1:8a:86:0a:ce:
ef:c2:34:3f:8b:18:e6:ec:fa:1e:62:13:c9:ba:65:db:8f:3c:
17:3f:3f:0a:73:f9:92:3f:22:ce:2b:30:13:47:00:cd:43:ba:
e6:ad:b4:8c:a1:44:ad:6e:b2:83:5b:82:58:8e:f4:e5:85:94:
4e:76:b0:d7:da:67:ef:11:c1:53:2f:d5:94:3d:5f:43:e1:50:
00:28:49:09:f6:e0:54:a8:18:24:0a:33:05:fb:a4:e4:a0:6b:
76:14:3d:81:50:e9:ae:52:9b:a0:87:dd:67:6b:1a:ae:53:33:
63:00:ea:ca:3e:0a:bc:ac:5d:5e:72:29:77:5e:61:9c:a7:c6:
77:0d:92:eb:e5:95:3a:93:95:43:ee:dd:4f:c6:01:38:21:1b:
64:7a:78:73:af:fc:34:6f:b5:b5:54:ff:c1:3f:a4:19:2b:52:
4b:cb:26:ca:7a:63:0b:ee:b0:17:e8:31:30:24:94:1a:f4:51:
95:97:50:55:fa:59:e3:09:ef:99:b2:e6:29:17:b1:2c:42:5f:
91:4a:63:52:d3:21:7a:47:64:ce:21:c3:d0:b5:9f:e0:6d:ac:
2d:06:ee:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOyP7tR9iVTV/SkMIUKhIkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjIxMDA3MTE0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDlmNWIzZmFiOGQ0NzVhMmRjYmNlYjFmZGE2YzAxNjMyNGQ3YWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCrFRwcLNpTNlqe2tsgJX+3U3EZ1
chvFyDo6U3JZ9LleDv9ABKCObe4Qz5S4+iEHJeppoJCZf8+RkzOZ/h/tfjwqfeNH
pC8uxll3bZf/SAZHehgJCdqwHjYimvVoX9WTDQbZdz5MF5PtgCCFa1rmkpg3lggJ
qhD4rahrvzcP1Rn6K0etrOp4VkSzW8e0qpVKgeteL2APlVD8MrUNyquypua/0C7H
Rcipithr1d4+FZvZ8V2Rj7FSXxH7IH1OhhHC8QsKwLBd18/RCiDWerfvG7kmLZ/E
aIU5KnZzBuyKxJrSAIVv3fP7L8N64BN7Pxr1uEIzudlTASoSE2JGDd7l1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCfWz+rjUdaLcvOsf2mwBYyTXrsMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvY0o5YlA2dU5SMW90eTg2eF9hYkFGakpOZXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBucIaAwQC
udvYAwQCud28MA0GCSqGSIb3DQEBCwUAA4IBAQBBL2QhzzGqQs1BZcQ90l988cSz
LwCaR0XYyKcSTAMx0YqGCs7vwjQ/ixjm7PoeYhPJumXbjzwXPz8Kc/mSPyLOKzAT
RwDNQ7rmrbSMoUStbrKDW4JYjvTlhZROdrDX2mfvEcFTL9WUPV9D4VAAKEkJ9uBU
qBgkCjMF+6TkoGt2FD2BUOmuUpugh91naxquUzNjAOrKPgq8rF1ecil3XmGcp8Z3
DZLr5ZU6k5VD7t1PxgE4IRtkenhzr/w0b7W1VP/BP6QZK1JLyybKemML7rAX6DEw
JJQa9FGVl1BV+lnjCe+ZsuYpF7EsQl+RSmNS0yF6R2TOIcPQtZ/gbawtBu6+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:33 2025 by rpki-client