Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/n4JBL5EpINKsTumC7Hd4VNl7iMk.roa
File: n4JBL5EpINKsTumC7Hd4VNl7iMk.roa (raw, json)
Hash identifier: vJw4ymZBabQN9J5YPUJJ9x8qr36l68MJ4nkLCFjJL3g=
Subject key identifier: 9F:82:41:2F:91:29:20:D2:AC:4E:E9:82:EC:77:78:54:D9:7B:88:C9
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0185A02557B08093AEB82ECE1121A4516CE6
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/n4JBL5EpINKsTumC7Hd4VNl7iMk.roa
Signing time: Wed 11 Jan 2023 09:24:39 +0000
ROA not before: Wed 11 Jan 2023 09:24:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.19.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.183.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.192.180.0/22 maxlen: 22
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:25:57:b0:80:93:ae:b8:2e:ce:11:21:a4:51:6c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 11 09:24:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f82412f912920d2ac4ee982ec777854d97b88c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:94:fb:85:04:0b:1e:e5:40:86:3b:a7:9a:6f:
62:51:af:bd:fb:98:da:5e:4d:aa:b4:29:67:80:f2:
d8:91:ed:a1:2a:48:9f:f7:55:fd:9d:4f:09:17:6a:
82:2d:81:80:da:56:ea:82:a4:84:26:a1:c7:be:42:
69:01:e3:d7:67:b9:32:f8:2c:3d:17:a1:70:b2:99:
50:0f:17:b1:02:04:37:cc:f9:75:b4:09:60:a1:70:
8c:2d:48:18:20:a9:d5:92:bf:fa:b7:ec:29:23:20:
ec:dd:1e:a1:60:75:b1:fe:57:4e:2d:5e:a5:fe:a9:
3c:b4:2b:4c:c1:8a:be:ad:3a:f3:aa:cc:80:87:50:
76:a8:5b:7e:f9:f5:40:14:eb:92:f0:84:ce:78:06:
ac:2c:eb:4b:6e:5e:9c:8d:cf:91:8d:fb:39:5a:da:
5f:2d:92:e2:1b:38:48:a6:3b:00:49:71:e4:0c:7f:
31:d0:0d:70:e4:0d:3e:95:b4:e5:a7:ab:26:c0:dd:
98:2f:fb:e4:de:4a:7a:4c:3d:8b:2d:b9:54:98:ea:
d1:ca:e1:0c:aa:9d:0d:20:9b:5f:7a:e6:ae:85:16:
83:a9:66:0e:dd:fa:91:11:cf:37:b0:36:19:92:d3:
26:38:09:b0:96:48:33:54:d5:48:77:20:a1:92:c2:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:82:41:2F:91:29:20:D2:AC:4E:E9:82:EC:77:78:54:D9:7B:88:C9
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/n4JBL5EpINKsTumC7Hd4VNl7iMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0/22
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
32:8e:2b:3b:08:45:31:1d:c4:ed:5a:e5:a5:e7:7e:08:9d:96:
66:21:f3:31:8b:7e:28:09:0d:fd:2e:25:d2:95:aa:6a:2b:9a:
53:d4:de:d8:bc:1a:24:55:16:13:8a:9a:09:17:6e:6e:28:20:
ac:30:ee:67:ad:c6:98:f6:3a:b9:36:21:09:7c:9a:68:f5:bd:
73:ed:29:83:9e:59:6b:66:6e:77:4e:98:8f:af:72:9d:d5:9d:
2d:2d:84:fd:29:eb:8e:5a:88:ef:2c:76:4b:0c:5f:06:65:a1:
56:75:05:d6:75:53:a2:9a:a3:03:59:3e:e7:09:82:12:15:f9:
1b:b2:fc:4f:26:10:62:de:61:6a:13:f8:8b:65:0d:50:b1:75:
12:94:28:4e:61:18:93:41:4f:53:09:82:15:84:16:00:c7:ab:
22:e0:78:35:ed:7b:09:4b:f8:de:1e:6e:35:46:d1:26:be:5b:
56:b7:13:72:a4:e8:d8:4f:27:08:10:8e:d2:6e:1a:fe:1d:a9:
3a:35:e0:7c:ed:f7:04:de:d2:ae:71:2a:7c:90:7b:b3:48:45:
44:9a:d4:75:43:42:e4:af:90:37:a3:3b:b9:68:2b:a7:e0:60:
4e:2b:77:72:1d:09:de:64:81:26:2f:bd:d2:1e:6b:0d:34:85:
32:d6:1e:3a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYWgJVewgJOuuC7OESGkUWzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwMTExMDkyNDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgyNDEyZjkxMjkyMGQyYWM0ZWU5ODJlYzc3Nzg1NGQ5N2I4OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpT7hQQLHuVAhjunmm9iUa+9+5ja
Xk2qtClngPLYke2hKkif91X9nU8JF2qCLYGA2lbqgqSEJqHHvkJpAePXZ7ky+Cw9
F6FwsplQDxexAgQ3zPl1tAlgoXCMLUgYIKnVkr/6t+wpIyDs3R6hYHWx/ldOLV6l
/qk8tCtMwYq+rTrzqsyAh1B2qFt++fVAFOuS8ITOeAasLOtLbl6cjc+Rjfs5Wtpf
LZLiGzhIpjsASXHkDH8x0A1w5A0+lbTlp6smwN2YL/vk3kp6TD2LLblUmOrRyuEM
qp0NIJtfeuauhRaDqWYO3fqREc83sDYZktMmOAmwlkgzVNVIdyChksIQ2wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJ+CQS+RKSDSrE7pgux3eFTZe4jJMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvbjRKQkw1RXBJTktzVHVtQzdIZDRWTmw3aU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQCucC0AwQCucIYAwQCudvYAwQBueBeAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQAyjis7CEUxHcTtWuWl534I
nZZmIfMxi34oCQ39LiXSlapqK5pT1N7YvBokVRYTipoJF25uKCCsMO5nrcaY9jq5
NiEJfJpo9b1z7SmDnllrZm53TpiPr3Kd1Z0tLYT9KeuOWojvLHZLDF8GZaFWdQXW
dVOimqMDWT7nCYISFfkbsvxPJhBi3mFqE/iLZQ1QsXUSlChOYRiTQU9TCYIVhBYA
x6si4Hg17XsJS/jeHm41RtEmvltWtxNypOjYTycIEI7Sbhr+Hak6NeB87fcE3tKu
cSp8kHuzSEVEmtR1Q0Lkr5A3ozu5aCun4GBOK3dyHQneZIEmL73SHmsNNIUy1h46
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:42 2025 by rpki-client