Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/vw8iAlrPjfW8himX8J_dtraQRrM.roa
File: vw8iAlrPjfW8himX8J_dtraQRrM.roa (raw, json)
Hash identifier: 6jH9fk8QAvDIMHoOl18TXP+VqtG6exqFMsX0uXCLqZ0=
Subject key identifier: BF:0F:22:02:5A:CF:8D:F5:BC:86:29:97:F0:9F:DD:B6:B6:90:46:B3
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0189788F0A88CFA68D749A26B4EE70F43ABD
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/vw8iAlrPjfW8himX8J_dtraQRrM.roa
Signing time: Fri 21 Jul 2023 13:06:27 +0000
ROA not before: Fri 21 Jul 2023 13:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201453
IP address blocks: 185.183.17.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.16.0/22 maxlen: 22
185.183.18.0/24 maxlen: 24
185.183.19.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.178.83.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.81.0/24 maxlen: 24
185.178.80.0/24 maxlen: 24
185.225.148.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.164.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.167.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.224.94.0/24 maxlen: 24
185.194.24.0/22 maxlen: 22
185.194.24.0/24 maxlen: 24
185.74.192.0/24 maxlen: 24
185.74.192.0/22 maxlen: 22
185.192.182.0/24 maxlen: 24
185.192.181.0/24 maxlen: 24
185.192.180.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:8f:0a:88:cf:a6:8d:74:9a:26:b4:ee:70:f4:3a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jul 21 13:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf0f22025acf8df5bc862997f09fddb6b69046b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0f:a7:37:d6:1a:77:e7:7e:40:ed:86:79:17:
2c:6d:2a:0a:8b:d7:7f:e4:2a:83:55:af:2a:e6:e0:
b6:64:64:c5:9d:d8:f2:90:c1:54:a2:1a:4c:5c:6e:
bc:0d:69:fc:49:38:94:bc:29:0b:27:18:9f:ee:5b:
c7:da:22:08:21:75:86:06:16:98:a7:3a:fc:4e:66:
7c:69:9b:07:78:98:fe:6f:8e:8f:0d:29:95:08:d8:
fd:bc:96:35:7a:68:f2:22:3f:83:a8:80:96:03:ee:
81:bc:a5:4b:8b:45:00:ee:e2:15:49:4a:c2:fe:ae:
52:1e:c9:2f:f2:ac:f1:d2:4e:50:5e:08:81:93:6f:
c8:d9:b5:08:68:8b:8c:2c:66:a9:b8:98:62:09:7c:
14:52:f6:bc:05:07:5c:0e:13:cc:9c:58:f8:0f:22:
44:60:4c:8d:22:2b:20:fa:65:32:cb:4d:b0:23:c0:
7e:c7:bf:7b:b0:c7:94:9a:a9:6f:89:14:aa:aa:cf:
50:7d:6a:ec:e0:dc:24:fc:59:68:d1:ed:a3:7b:ac:
47:ff:39:88:d6:5b:48:c4:93:ee:fa:ad:2e:b4:61:
32:d1:f4:ad:73:69:92:24:ed:68:5e:18:47:64:5f:
43:58:3e:c3:6b:b1:ef:87:65:09:7d:53:dc:65:58:
77:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:0F:22:02:5A:CF:8D:F5:BC:86:29:97:F0:9F:DD:B6:B6:90:46:B3
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/vw8iAlrPjfW8himX8J_dtraQRrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/22
185.163.164.0/22
185.178.80.0/22
185.183.16.0/22
185.192.180.0-185.192.182.255
185.194.24.0/22
185.219.216.0/22
185.224.94.0/23
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
60:f0:48:4c:55:46:1c:e9:f4:5c:f8:a6:f9:01:cb:44:58:a8:
31:b5:9e:57:26:9e:1d:1e:31:75:cf:42:85:c9:42:90:dc:b9:
c7:af:c9:eb:cb:62:54:a6:5a:1a:4b:be:f7:a0:18:e4:03:e8:
dd:c7:d8:4b:64:59:b9:79:06:52:55:48:16:b9:2b:31:f6:2d:
3f:4d:18:dd:0a:4b:19:a8:bf:e6:24:1a:5c:db:9f:50:a3:69:
c9:22:4b:ba:be:25:1b:fb:08:2e:a0:df:15:2b:d7:f3:a4:10:
73:b9:5a:65:69:02:6c:09:cb:b1:44:1c:cb:03:8f:d7:27:d9:
ed:9a:b3:5a:d0:f4:df:ca:be:f5:50:b6:da:78:53:94:35:23:
b0:46:35:5c:fc:7c:34:2d:64:3d:3d:01:af:d8:10:cc:72:a4:
f6:d2:74:dd:e0:59:c4:a8:e6:b1:01:90:84:de:81:a9:67:a3:
18:d5:28:e2:1d:b6:b7:fe:68:c0:90:b7:33:25:83:ad:f7:aa:
da:aa:a8:a8:d9:83:7b:97:aa:89:8b:fb:37:01:cd:fa:40:e4:
6e:a3:95:de:1e:5b:4b:1c:bc:94:e6:84:d8:4c:d9:ff:51:3a:
a0:53:f1:a4:91:bf:02:67:4c:a1:c6:30:2f:13:00:4d:6f:c9:
40:f1:c6:57
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYl4jwqIz6aNdJomtO5w9Dq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjMwNzIxMTMwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjBmMjIwMjVhY2Y4ZGY1YmM4NjI5OTdmMDlmZGRiNmI2OTA0NmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Q+nN9Yad+d+QO2GeRcsbSoKi9d/
5CqDVa8q5uC2ZGTFndjykMFUohpMXG68DWn8STiUvCkLJxif7lvH2iIIIXWGBhaY
pzr8TmZ8aZsHeJj+b46PDSmVCNj9vJY1emjyIj+DqICWA+6BvKVLi0UA7uIVSUrC
/q5SHskv8qzx0k5QXgiBk2/I2bUIaIuMLGapuJhiCXwUUva8BQdcDhPMnFj4DyJE
YEyNIisg+mUyy02wI8B+x797sMeUmqlviRSqqs9QfWrs4Nwk/Flo0e2je6xH/zmI
1ltIxJPu+q0utGEy0fStc2mSJO1oXhhHZF9DWD7Da7Hvh2UJfVPcZVh3/wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFL8PIgJaz431vIYpl/Cf3ba2kEazMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvdnc4aUFsclBqZlc4aGltWDhKX2R0cmFRUnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCuUrAAwQC
uaOkAwQCubJQAwQCubcQMAwDBAK5wLQDBAC5wLYDBAK5whgDBAK529gDBAG54F4D
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBAGDwSExVRhzp
9Fz4pvkBy0RYqDG1nlcmnh0eMXXPQoXJQpDcucevyevLYlSmWhpLvvegGOQD6N3H
2EtkWbl5BlJVSBa5KzH2LT9NGN0KSxmov+YkGlzbn1CjackiS7q+JRv7CC6g3xUr
1/OkEHO5WmVpAmwJy7FEHMsDj9cn2e2as1rQ9N/KvvVQttp4U5Q1I7BGNVz8fDQt
ZD09Aa/YEMxypPbSdN3gWcSo5rEBkITegalnoxjVKOIdtrf+aMCQtzMlg633qtqq
qKjZg3uXqomL+zcBzfpA5G6jld4eW0scvJTmhNhM2f9ROqBT8aSRvwJnTKHGMC8T
AE1vyUDxxlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:50 2024 by rpki-client on console-ams.rpki-client.org