Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/pfKNcmqVUn8svCqKHCEYTabN0bo.roa
File: pfKNcmqVUn8svCqKHCEYTabN0bo.roa (raw, json)
Hash identifier: DUyYwHY4HF/9h+9VCpJrGD7CG7i69x4m44Oh842yQ4o=
Subject key identifier: A5:F2:8D:72:6A:95:52:7F:2C:BC:2A:8A:1C:21:18:4D:A6:CD:D1:BA
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018DB1D412C607A6DFFE2CDF99A286C29C21
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/pfKNcmqVUn8svCqKHCEYTabN0bo.roa
Signing time: Fri 16 Feb 2024 12:11:21 +0000
ROA not before: Fri 16 Feb 2024 12:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.74.192.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.164.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.167.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.80.0/24 maxlen: 24
185.178.81.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.16.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.192.182.0/24 maxlen: 24
185.194.24.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:d4:12:c6:07:a6:df:fe:2c:df:99:a2:86:c2:9c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Feb 16 12:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5f28d726a95527f2cbc2a8a1c21184da6cdd1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:e1:4b:34:0c:0d:54:4b:46:3b:c5:b0:02:
64:a2:29:09:52:11:bf:48:60:5a:bc:5e:0f:7b:bb:
0e:a2:07:77:28:d9:09:4f:a2:b0:b5:ff:02:9b:e2:
43:f9:ee:45:7c:3c:44:9a:2e:c3:6e:bf:85:72:ab:
3b:f9:82:bd:eb:2c:7c:4d:bc:4b:63:d8:56:a0:aa:
3f:e2:1d:a4:6d:f1:3d:f7:e0:f9:98:29:b0:b4:d5:
79:00:a7:00:52:51:ce:e5:ee:0e:c8:2b:46:14:c7:
9c:28:0e:e7:31:31:4a:bf:52:65:a9:55:b7:db:32:
fd:8a:94:bc:7e:43:39:81:4d:4d:a9:9e:1c:61:6e:
12:f3:99:62:b7:40:98:df:9d:bc:d1:7f:a4:43:61:
92:64:a1:f5:47:51:d7:1c:e0:32:5d:fa:32:38:b1:
e6:6d:36:1c:6f:6a:16:1f:e6:d9:3d:2c:0a:9d:4f:
d8:29:28:e2:7e:b6:df:39:60:d8:61:e8:05:78:b1:
62:92:b4:8a:7a:2e:d5:0f:e9:91:f9:96:ea:97:41:
97:a9:93:1f:f1:21:a3:31:24:5e:9f:b4:cf:72:61:
58:ae:2e:1e:7a:1f:27:05:5f:18:20:cd:8f:40:55:
c1:50:34:3c:40:e9:61:13:75:34:04:02:d3:bf:14:
58:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F2:8D:72:6A:95:52:7F:2C:BC:2A:8A:1C:21:18:4D:A6:CD:D1:BA
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/pfKNcmqVUn8svCqKHCEYTabN0bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/24
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.182.0/24
185.194.24.0/24
185.194.26.0/23
185.219.216.0/22
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
76:b9:66:68:f8:ab:b7:53:e0:a8:3e:13:e2:ef:e7:55:d8:9a:
da:4a:87:12:73:29:91:3d:f4:bc:e2:f4:60:18:b0:9e:6e:1f:
eb:8c:9c:af:f3:97:7e:99:50:a4:06:d2:ae:3c:09:1c:52:17:
f5:95:1b:2d:84:8d:ff:2e:3b:00:e0:10:64:1f:a5:3b:cc:4c:
5c:bf:08:6a:72:da:0e:1f:b0:44:0f:5d:5d:1f:82:e3:07:f4:
b9:d2:8f:e5:cb:8e:aa:96:50:56:14:70:b5:64:5a:7f:0b:fa:
21:f3:be:8e:02:c9:94:b2:6f:37:2c:f2:5c:19:fc:54:a1:b4:
f5:48:08:d8:41:7b:9a:7e:55:7e:62:be:06:a6:00:c4:5a:8f:
7b:39:f0:fe:a0:40:c9:46:ba:62:fc:06:2c:bb:70:c9:c3:0b:
13:ee:75:cb:22:2d:59:16:4b:2e:0f:97:f4:69:48:7d:d6:e0:
e2:2d:1d:3a:aa:8d:9d:f8:18:e6:f1:c5:1e:97:23:cd:2b:24:
60:02:ab:44:7e:2b:ce:c6:35:d0:ab:36:ba:ba:9d:19:e9:b1:
71:cb:5e:45:c1:25:b5:33:63:83:1a:86:33:f2:2b:36:d7:6e:
02:eb:df:13:da:f4:3c:f0:9c:79:67:9f:91:b5:37:8c:45:8b:
76:85:18:ca
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY2x1BLGB6bf/izfmaKGwpwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMjE2MTIxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYyOGQ3MjZhOTU1MjdmMmNiYzJhOGExYzIxMTg0ZGE2Y2RkMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZPhSzQMDVRLRjvFsAJkoikJUhG/
SGBavF4Pe7sOogd3KNkJT6Kwtf8Cm+JD+e5FfDxEmi7Dbr+Fcqs7+YK96yx8TbxL
Y9hWoKo/4h2kbfE99+D5mCmwtNV5AKcAUlHO5e4OyCtGFMecKA7nMTFKv1JlqVW3
2zL9ipS8fkM5gU1NqZ4cYW4S85lit0CY35280X+kQ2GSZKH1R1HXHOAyXfoyOLHm
bTYcb2oWH+bZPSwKnU/YKSjifrbfOWDYYegFeLFikrSKei7VD+mR+Zbql0GXqZMf
8SGjMSRen7TPcmFYri4eeh8nBV8YIM2PQFXBUDQ8QOlhE3U0BALTvxRYXwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKXyjXJqlVJ/LLwqihwhGE2mzdG6MB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvcGZLTmNtcVZVbjhzdkNxS0hDRVlUYWJOMGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAuUrAAwQC
uaOkAwQCubJQAwQCubcQAwQAucC2AwQAucIYAwQBucIaAwQCudvYAwQAueGUMA0E
AgACMAcDBQAqBUrAMA0GCSqGSIb3DQEBCwUAA4IBAQB2uWZo+Ku3U+CoPhPi7+dV
2JraSocScymRPfS84vRgGLCebh/rjJyv85d+mVCkBtKuPAkcUhf1lRsthI3/LjsA
4BBkH6U7zExcvwhqctoOH7BED11dH4LjB/S50o/ly46qllBWFHC1ZFp/C/oh876O
AsmUsm83LPJcGfxUobT1SAjYQXuaflV+Yr4GpgDEWo97OfD+oEDJRrpi/AYsu3DJ
wwsT7nXLIi1ZFksuD5f0aUh91uDiLR06qo2d+Bjm8cUelyPNKyRgAqtEfivOxjXQ
qza6up0Z6bFxy15FwSW1M2ODGoYz8is2124C698T2vQ88Jx5Z5+RtTeMRYt2hRjK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org