Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/dQ8vf9Ai-QsF7feRr9vVqR2FEi0.roa
File: dQ8vf9Ai-QsF7feRr9vVqR2FEi0.roa (raw, json)
Hash identifier: x2sWVkBt3VUh1Zarus5RdFH6hS7Djg2eoI7lbZvzyIY=
Subject key identifier: 75:0F:2F:7F:D0:22:F9:0B:05:ED:F7:91:AF:DB:D5:A9:1D:85:12:2D
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0189787E8EA3630B8797F184B28548ED04E0
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/dQ8vf9Ai-QsF7feRr9vVqR2FEi0.roa
Signing time: Fri 21 Jul 2023 12:48:27 +0000
ROA not before: Fri 21 Jul 2023 12:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204175
IP address blocks: 185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.219.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:7e:8e:a3:63:0b:87:97:f1:84:b2:85:48:ed:04:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jul 21 12:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=750f2f7fd022f90b05edf791afdbd5a91d85122d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c6:dd:22:40:f6:02:b4:a4:2f:2b:77:86:31:
da:dc:69:ed:1c:6c:96:bc:b3:7f:9f:dd:11:39:35:
f5:3a:10:0f:3d:1b:4c:a8:a0:04:d7:68:7a:1e:4e:
82:ce:24:e4:83:bf:85:bc:33:89:92:d1:61:19:89:
65:dd:c4:95:02:31:42:57:6e:75:b7:85:a6:07:6d:
ae:59:a6:e1:52:04:43:59:31:26:99:5a:ac:d7:2f:
93:f8:29:fc:2f:da:fd:c1:5f:a0:b0:db:99:35:fe:
e4:f4:55:6a:39:f0:52:73:4d:c5:5a:05:9e:b6:81:
d4:50:8c:99:bc:92:5d:83:d7:25:65:f8:05:b6:4d:
e2:82:ee:e7:50:68:c9:87:c5:8e:71:66:5e:4e:3f:
6c:11:a6:4b:c6:7a:16:3b:d2:88:f0:b1:71:20:52:
59:b7:49:62:d5:6a:97:ca:3c:3e:e8:4b:f0:06:b0:
17:7d:9e:55:9b:e3:93:00:26:fd:a2:7d:4c:04:30:
06:fa:5e:85:5c:48:45:85:7d:32:ee:da:42:80:6f:
e1:d3:3d:a7:4d:66:8c:be:f3:8b:99:44:41:58:63:
8d:ee:31:b0:52:d3:9b:eb:5a:c9:44:ef:66:df:83:
7c:89:2d:19:e1:f4:0a:82:13:58:55:ae:53:0d:5a:
3a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0F:2F:7F:D0:22:F9:0B:05:ED:F7:91:AF:DB:D5:A9:1D:85:12:2D
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/dQ8vf9Ai-QsF7feRr9vVqR2FEi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.194.0/23
185.194.25.0/24
185.219.219.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e4:05:5c:77:be:17:27:c1:55:56:08:32:f1:74:b4:ba:16:
8e:a8:45:96:5f:61:cc:85:8f:4d:06:39:a2:b9:18:92:7d:92:
56:e4:df:d4:2e:d8:19:37:83:f5:35:08:ee:9c:ed:51:9f:56:
f1:25:41:e4:2a:04:c2:80:38:42:2d:df:16:07:2e:ca:f0:39:
d2:6c:92:d3:60:e9:fe:84:e0:84:ce:d1:f3:ca:e1:8b:db:48:
6b:7f:72:f6:ae:aa:98:78:67:45:97:40:7b:11:12:38:e2:77:
65:46:4d:6b:a9:fc:fc:8c:97:c5:5a:89:99:1a:44:d5:69:81:
b3:6f:4f:d3:18:3c:96:e6:10:41:51:58:29:24:4f:f2:0d:0f:
13:df:51:d6:2b:c5:d2:2e:00:3f:a3:a4:f2:0a:f1:25:43:cb:
54:16:a3:59:77:2c:1c:d1:b0:69:43:83:c9:e6:2f:28:d4:d3:
d9:58:a3:bd:53:68:29:9c:83:fe:18:d2:d5:19:e8:d3:a8:a2:
75:a7:c2:27:0b:6b:63:e4:69:e5:d3:86:3a:74:67:47:90:60:
4c:2c:f0:13:61:41:97:83:de:2e:17:6f:2a:98:ce:11:f0:90:
02:0d:3b:33:96:79:8a:df:c9:95:d9:1e:24:34:33:a4:c8:b6:
29:25:10:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYl4fo6jYwuHl/GEsoVI7QTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwNzIxMTI0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBmMmY3ZmQwMjJmOTBiMDVlZGY3OTFhZmRiZDVhOTFkODUxMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcbdIkD2ArSkLyt3hjHa3GntHGyW
vLN/n90ROTX1OhAPPRtMqKAE12h6Hk6CziTkg7+FvDOJktFhGYll3cSVAjFCV251
t4WmB22uWabhUgRDWTEmmVqs1y+T+Cn8L9r9wV+gsNuZNf7k9FVqOfBSc03FWgWe
toHUUIyZvJJdg9clZfgFtk3igu7nUGjJh8WOcWZeTj9sEaZLxnoWO9KI8LFxIFJZ
t0li1WqXyjw+6EvwBrAXfZ5Vm+OTACb9on1MBDAG+l6FXEhFhX0y7tpCgG/h0z2n
TWaMvvOLmURBWGON7jGwUtOb61rJRO9m34N8iS0Z4fQKghNYVa5TDVo6TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUPL3/QIvkLBe33ka/b1akdhRItMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvZFE4dmY5QWktUXNGN2ZlUnI5dlZxUjJGRWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUrCAwQA
ucIZAwQAudvbMA0GCSqGSIb3DQEBCwUAA4IBAQCw5AVcd74XJ8FVVggy8XS0uhaO
qEWWX2HMhY9NBjmiuRiSfZJW5N/ULtgZN4P1NQjunO1Rn1bxJUHkKgTCgDhCLd8W
By7K8DnSbJLTYOn+hOCEztHzyuGL20hrf3L2rqqYeGdFl0B7ERI44ndlRk1rqfz8
jJfFWomZGkTVaYGzb0/TGDyW5hBBUVgpJE/yDQ8T31HWK8XSLgA/o6TyCvElQ8tU
FqNZdywc0bBpQ4PJ5i8o1NPZWKO9U2gpnIP+GNLVGejTqKJ1p8InC2tj5Gnl04Y6
dGdHkGBMLPATYUGXg94uF28qmM4R8JACDTszlnmK38mV2R4kNDOkyLYpJRD5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:50 2025 by rpki-client