Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/CUKWTwsUpFg2B1IL9q1jGVbBI3g.roa
File: CUKWTwsUpFg2B1IL9q1jGVbBI3g.roa (raw, json)
Hash identifier: fjE4jBkFp7ex5r9ov+thlygDeuGL+IhooC5b8XsaiZA=
Subject key identifier: 09:42:96:4F:0B:14:A4:58:36:07:52:0B:F6:AD:63:19:56:C1:23:78
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018570FBD73ACB2C4342BCEC7392A8F5927D
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/CUKWTwsUpFg2B1IL9q1jGVbBI3g.roa
Signing time: Mon 02 Jan 2023 05:37:10 +0000
ROA not before: Mon 02 Jan 2023 05:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394844
IP address blocks: 155.193.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d7:3a:cb:2c:43:42:bc:ec:73:92:a8:f5:92:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 05:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0942964f0b14a4583607520bf6ad631956c12378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:44:81:0f:8a:49:80:ce:0e:64:04:47:5b:36:
3e:f4:29:75:8c:f1:e1:d4:92:e1:ce:53:bb:92:5f:
cd:9d:c7:2d:dd:56:53:68:68:5e:4c:53:5e:dd:21:
e1:a3:76:df:bd:08:54:3c:04:b7:55:91:1a:78:a0:
ef:07:d1:39:1a:03:57:eb:5d:a4:f6:21:ef:63:2b:
43:5a:9d:e4:c7:e7:a3:78:68:31:8b:d5:1f:7e:61:
4f:ce:0b:72:58:35:b9:a5:0b:8c:da:ab:2e:a8:f7:
82:b4:aa:14:fe:1b:e7:cb:74:bd:ad:be:cc:b2:28:
13:0e:aa:63:d9:2a:20:ec:1e:87:39:ec:02:83:89:
5c:41:65:23:07:a2:fa:e3:33:75:de:9e:63:a9:1f:
5a:62:ac:35:d8:20:56:6c:53:bd:4f:30:4c:61:4a:
8d:37:02:47:9c:50:d5:18:6f:95:4d:b0:7f:08:71:
b4:30:45:56:ee:86:88:23:cb:f2:72:1e:56:2e:ec:
2e:fe:b5:5d:78:85:1b:41:cb:11:96:95:dd:56:d7:
f9:f9:67:d8:80:22:c8:79:14:69:1b:61:7d:f3:37:
17:e5:8c:a1:e7:ea:17:09:e1:30:c8:cb:8c:2f:2a:
d1:bc:97:dc:fa:cf:28:ff:ed:33:56:10:f0:0a:e0:
7f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:42:96:4F:0B:14:A4:58:36:07:52:0B:F6:AD:63:19:56:C1:23:78
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/CUKWTwsUpFg2B1IL9q1jGVbBI3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.4.0/22
Signature Algorithm: sha256WithRSAEncryption
21:dc:44:49:48:1a:88:cb:f6:73:3f:5b:de:04:c8:a6:b5:59:
ee:b9:ba:0d:13:59:7a:32:07:64:28:2e:d2:fe:28:9d:d3:6b:
63:87:01:cf:28:ca:94:bd:76:4a:0b:90:91:83:7c:e3:b4:77:
46:70:55:95:e4:1f:ed:ef:c9:6f:74:6c:12:ad:05:a3:63:2b:
85:eb:69:d2:1a:d7:59:36:aa:21:8f:a2:96:3f:65:27:cd:ab:
e3:44:70:8a:1a:2b:b0:59:ad:48:a6:05:d3:45:36:63:f8:11:
83:df:e5:0e:a8:54:21:58:46:f5:f1:4b:e9:c1:b4:8f:91:58:
ec:4d:6d:66:e2:ed:dc:41:5d:8f:f8:09:f1:3f:77:11:22:18:
10:c8:11:97:9c:4b:a2:3d:ab:6b:3b:c1:48:2a:df:6b:e2:ce:
01:bf:06:74:a9:ef:b5:d5:f9:62:6a:c7:ee:fe:c4:b1:f7:96:
da:44:e7:71:31:8e:a3:17:fe:d2:e5:6d:2f:37:d1:9e:13:cb:
a5:cd:d1:d9:e9:fd:7f:01:c4:ac:de:0a:48:fd:12:e8:37:80:
96:d1:b5:c4:5a:5c:12:6a:bb:bc:4d:48:dc:0e:2d:ba:95:e9:
3c:f3:fa:46:48:7a:b2:82:cb:0a:1b:87:fe:f7:67:3a:a3:ae:
9c:4c:a7:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+9c6yyxDQrzsc5Ko9ZJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwMTAyMDUzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQyOTY0ZjBiMTRhNDU4MzYwNzUyMGJmNmFkNjMxOTU2YzEyMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUSBD4pJgM4OZARHWzY+9Cl1jPHh
1JLhzlO7kl/Nncct3VZTaGheTFNe3SHho3bfvQhUPAS3VZEaeKDvB9E5GgNX612k
9iHvYytDWp3kx+ejeGgxi9UffmFPzgtyWDW5pQuM2qsuqPeCtKoU/hvny3S9rb7M
sigTDqpj2Sog7B6HOewCg4lcQWUjB6L64zN13p5jqR9aYqw12CBWbFO9TzBMYUqN
NwJHnFDVGG+VTbB/CHG0MEVW7oaII8vych5WLuwu/rVdeIUbQcsRlpXdVtf5+WfY
gCLIeRRpG2F98zcX5Yyh5+oXCeEwyMuMLyrRvJfc+s8o/+0zVhDwCuB/CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlClk8LFKRYNgdSC/atYxlWwSN4MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvQ1VLV1R3c1VwRmcyQjFJTDlxMWpHVmJCSTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCm8EEMA0G
CSqGSIb3DQEBCwUAA4IBAQAh3ERJSBqIy/ZzP1veBMimtVnuuboNE1l6MgdkKC7S
/iid02tjhwHPKMqUvXZKC5CRg3zjtHdGcFWV5B/t78lvdGwSrQWjYyuF62nSGtdZ
Nqohj6KWP2UnzavjRHCKGiuwWa1IpgXTRTZj+BGD3+UOqFQhWEb18UvpwbSPkVjs
TW1m4u3cQV2P+AnxP3cRIhgQyBGXnEuiPatrO8FIKt9r4s4BvwZ0qe+11fliasfu
/sSx95baROdxMY6jF/7S5W0vN9GeE8ulzdHZ6f1/AcSs3gpI/RLoN4CW0bXEWlwS
aru8TUjcDi26lek88/pGSHqygssKG4f+92c6o66cTKdU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org