Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/uUFpsyY_sehneGGwGfz4_e-0qio.roa
File: uUFpsyY_sehneGGwGfz4_e-0qio.roa (raw, json)
Hash identifier: 78RqLCejaei95Z86r4I4lcZ9qhoTTqGFXXAwBXFwHqU=
Subject key identifier: B9:41:69:B3:26:3F:B1:E8:67:78:61:B0:19:FC:F8:FD:EF:B4:AA:2A
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018CC725770901154EF0590F2B9C0ADED715
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/uUFpsyY_sehneGGwGfz4_e-0qio.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204175
IP address blocks: 185.74.195.0/24 maxlen: 24
185.74.194.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.219.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:77:09:01:15:4e:f0:59:0f:2b:9c:0a:de:d7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b94169b3263fb1e8677861b019fcf8fdefb4aa2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:62:9e:20:06:8e:0a:8e:ab:12:c4:b4:c3:11:
75:28:96:c8:e9:f4:fd:b1:fa:8d:c5:22:0b:26:43:
50:f0:32:ff:8a:bf:15:7c:00:cf:7f:c5:2c:7b:7a:
3a:eb:3a:80:f7:1f:d3:50:16:b6:48:cf:48:50:cb:
31:b8:2b:bc:af:56:45:ef:ad:4a:f5:c8:55:45:07:
40:28:3a:8b:b4:26:37:ce:e5:0c:65:db:d0:b2:6b:
27:13:dc:e7:91:9e:b4:e4:91:9a:86:56:05:4a:4d:
1d:fa:83:0a:66:51:c0:1f:a0:4c:40:c2:e6:71:1f:
19:80:87:c1:81:12:ed:2c:b0:81:fb:5d:57:67:2c:
80:ff:d3:d7:d3:e5:0a:9f:63:0b:31:f1:42:44:b6:
b2:b8:69:46:69:24:1e:84:ff:11:1a:e4:13:35:03:
c2:72:a9:50:fe:1f:ec:e2:e6:3e:32:54:15:24:e6:
31:31:4d:d4:57:69:ae:e2:b1:28:7e:1c:40:7f:14:
c8:00:74:45:b9:1d:55:cc:10:c4:dc:d4:f5:5e:0d:
ae:67:7c:c3:a2:29:51:22:0e:86:65:6d:ca:e2:29:
e4:15:b3:30:92:fa:a4:37:c6:1c:3b:94:49:ff:ac:
a8:0d:0e:95:06:b8:f7:12:35:43:50:6b:be:02:cd:
a4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:41:69:B3:26:3F:B1:E8:67:78:61:B0:19:FC:F8:FD:EF:B4:AA:2A
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/uUFpsyY_sehneGGwGfz4_e-0qio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.194.0/23
185.194.25.0/24
185.219.219.0/24
Signature Algorithm: sha256WithRSAEncryption
16:3b:d7:79:22:a8:80:ed:67:03:28:62:1e:c8:5d:6e:b9:90:
b4:0d:dd:30:c9:80:7f:67:58:b6:1a:4e:07:ed:c7:26:d0:82:
c7:74:d2:74:dd:25:63:a8:45:82:09:ed:d2:a6:50:69:50:fe:
81:8f:37:cb:4b:63:a2:4e:17:7b:cc:82:1e:e5:27:65:f5:b1:
f8:c1:33:24:dd:b5:b1:b5:08:af:d9:95:7c:7b:c9:ee:9f:9a:
90:e7:f3:d2:ce:b3:88:ac:75:23:44:85:ee:de:c7:aa:55:99:
45:ae:e1:46:47:44:5a:c9:a4:e6:70:04:d1:4c:37:f3:b8:92:
cf:00:e4:87:68:57:ed:51:28:d8:7b:f8:d6:25:f9:58:ce:be:
38:6f:60:a3:66:b0:48:52:cc:71:08:a9:fb:2e:b3:06:b0:85:
57:61:40:cc:43:23:b8:08:9b:f0:c8:10:b3:3d:95:58:d1:78:
b3:89:62:bf:d1:b9:50:5e:36:2f:76:43:f6:78:db:83:74:fb:
8f:d9:eb:15:c7:f8:23:dd:ef:90:3a:08:0a:af:52:bb:43:84:
9a:58:61:3d:a3:70:2f:28:7a:36:c4:e6:22:1d:0e:c5:a3:74:
ca:0c:20:85:55:9d:dc:f7:ee:86:f9:6c:c5:c3:32:fb:a7:4e:
78:a5:35:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJXcJARVO8FkPK5wK3tcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQxNjliMzI2M2ZiMWU4Njc3ODYxYjAxOWZjZjhmZGVmYjRhYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmKeIAaOCo6rEsS0wxF1KJbI6fT9
sfqNxSILJkNQ8DL/ir8VfADPf8Use3o66zqA9x/TUBa2SM9IUMsxuCu8r1ZF761K
9chVRQdAKDqLtCY3zuUMZdvQsmsnE9znkZ605JGahlYFSk0d+oMKZlHAH6BMQMLm
cR8ZgIfBgRLtLLCB+11XZyyA/9PX0+UKn2MLMfFCRLayuGlGaSQehP8RGuQTNQPC
cqlQ/h/s4uY+MlQVJOYxMU3UV2mu4rEofhxAfxTIAHRFuR1VzBDE3NT1Xg2uZ3zD
oilRIg6GZW3K4inkFbMwkvqkN8YcO5RJ/6yoDQ6VBrj3EjVDUGu+As2kxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLlBabMmP7HoZ3hhsBn8+P3vtKoqMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvdVVGcHN5WV9zZWhuZUdHd0dmejRfZS0wcWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUrCAwQA
ucIZAwQAudvbMA0GCSqGSIb3DQEBCwUAA4IBAQAWO9d5IqiA7WcDKGIeyF1uuZC0
Dd0wyYB/Z1i2Gk4H7ccm0ILHdNJ03SVjqEWCCe3SplBpUP6BjzfLS2OiThd7zIIe
5Sdl9bH4wTMk3bWxtQiv2ZV8e8nun5qQ5/PSzrOIrHUjRIXu3seqVZlFruFGR0Ra
yaTmcATRTDfzuJLPAOSHaFftUSjYe/jWJflYzr44b2CjZrBIUsxxCKn7LrMGsIVX
YUDMQyO4CJvwyBCzPZVY0XiziWK/0blQXjYvdkP2eNuDdPuP2esVx/gj3e+QOggK
r1K7Q4SaWGE9o3AvKHo2xOYiHQ7Fo3TKDCCFVZ3c9+6G+WzFwzL7p054pTXS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:10 2025 by rpki-client