Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/HZisvxyv9mO0G7SbuLelVwN1u80.roa
File: HZisvxyv9mO0G7SbuLelVwN1u80.roa (raw, json)
Hash identifier: CX5vFa3cYCWpDNxtX3hnPgilVX5AgETRSQzh+IRiCGk=
Subject key identifier: 1D:98:AC:BF:1C:AF:F6:63:B4:1B:B4:9B:B8:B7:A5:57:03:75:BB:CD
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01837D51B7964E0132F7C15A0460D37D58D6
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/HZisvxyv9mO0G7SbuLelVwN1u80.roa
Signing time: Tue 27 Sep 2022 05:00:50 +0000
ROA not before: Tue 27 Sep 2022 05:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 155.193.229.0/24 maxlen: 24
155.193.250.0/24 maxlen: 24
155.193.251.0/24 maxlen: 24
155.193.32.0/19 maxlen: 19
155.193.248.0/24 maxlen: 24
155.193.249.0/24 maxlen: 24
155.193.163.0/24 maxlen: 24
155.193.161.0/24 maxlen: 24
155.193.162.0/24 maxlen: 24
155.193.160.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:51:b7:96:4e:01:32:f7:c1:5a:04:60:d3:7d:58:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Sep 27 05:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d98acbf1caff663b41bb49bb8b7a5570375bbcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:6e:7a:c6:d6:61:ce:12:fa:48:cb:15:8d:
55:ab:4b:56:be:31:77:37:18:c3:be:cb:51:41:da:
b6:7e:cc:d7:89:1e:cc:cf:d6:bc:fe:18:9b:96:8c:
c9:ba:dc:d6:d1:b2:fb:69:67:0a:8f:8f:22:28:95:
52:16:71:4c:45:c8:16:a3:74:77:16:20:ee:b6:e5:
17:b1:4f:94:cd:0e:c9:7e:a7:06:cf:7a:d2:42:a2:
6c:da:f5:7f:b8:b1:fd:69:6e:d0:ee:63:19:6f:d1:
0e:32:a1:08:85:d1:10:14:d1:64:9f:c9:ce:62:11:
04:db:90:39:f7:76:f4:68:4c:16:2d:c8:13:15:63:
d6:f0:27:d7:86:dd:c3:12:d5:34:63:f7:4f:f0:e4:
21:07:9d:d7:4c:c3:1f:eb:25:04:d2:d9:d2:7b:c9:
60:e8:5d:92:f6:a3:4b:3e:15:15:97:c4:76:ed:fb:
64:6e:2d:0e:01:b0:fe:f5:47:df:e3:96:ea:28:2b:
ef:9c:4e:12:54:52:73:58:a3:e6:3f:c7:20:22:88:
a3:f5:7a:78:df:27:78:e4:de:63:88:1b:88:e4:71:
85:81:55:1f:cc:81:97:8f:05:ee:0c:0f:15:39:1f:
6e:6c:d3:07:97:56:e8:79:59:58:84:6e:99:b4:14:
75:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:98:AC:BF:1C:AF:F6:63:B4:1B:B4:9B:B8:B7:A5:57:03:75:BB:CD
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/HZisvxyv9mO0G7SbuLelVwN1u80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.32.0/19
155.193.160.0/22
155.193.229.0/24
155.193.248.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:23:e9:60:19:88:96:ea:b2:b2:61:1f:06:ba:ae:7c:97:ce:
cd:b0:be:b0:6e:0c:bf:d0:a4:f2:b8:e5:9d:13:47:26:9b:cb:
07:94:6d:3d:ac:66:4e:0b:8a:19:2b:7f:c3:c3:ec:2d:67:57:
ac:9d:7c:a2:31:2d:80:08:ac:71:67:0b:44:f7:0e:7a:e9:48:
58:92:3a:e7:b9:b8:2e:2d:81:d2:39:50:be:6f:22:44:a5:ba:
cd:17:50:79:61:b7:75:e6:7c:ff:e8:2f:4f:71:ae:6a:5d:89:
3b:99:86:41:1a:aa:56:c0:a3:25:b0:f4:d9:82:be:3d:b3:ff:
ea:89:72:2c:fd:22:bd:4b:ac:4c:fd:9b:ca:25:4e:f6:c0:83:
30:00:ff:07:93:cf:5c:c3:c4:49:94:4a:1f:57:ee:c7:40:11:
e7:df:ec:12:24:93:9a:32:32:e5:f6:1c:0b:9e:f0:d0:cc:0b:
1d:ce:f1:92:70:24:11:0b:28:c6:94:7e:0b:b1:4a:b1:24:46:
9c:13:12:3d:6e:3f:8c:41:67:dd:77:d7:3f:68:20:6b:f1:3f:
79:63:d8:56:10:d1:81:9a:6a:f1:ad:06:8c:24:be:30:75:d2:
f7:f4:c1:34:e1:e9:36:1c:98:cc:8b:76:fb:79:57:be:cb:ee:
af:7d:05:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYN9UbeWTgEy98FaBGDTfVjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIwOTI3MDUwMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk4YWNiZjFjYWZmNjYzYjQxYmI0OWJiOGI3YTU1NzAzNzViYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8luesbWYc4S+kjLFY1Vq0tWvjF3
NxjDvstRQdq2fszXiR7Mz9a8/hiblozJutzW0bL7aWcKj48iKJVSFnFMRcgWo3R3
FiDutuUXsU+UzQ7JfqcGz3rSQqJs2vV/uLH9aW7Q7mMZb9EOMqEIhdEQFNFkn8nO
YhEE25A593b0aEwWLcgTFWPW8CfXht3DEtU0Y/dP8OQhB53XTMMf6yUE0tnSe8lg
6F2S9qNLPhUVl8R27ftkbi0OAbD+9Uff45bqKCvvnE4SVFJzWKPmP8cgIoij9Xp4
3yd45N5jiBuI5HGFgVUfzIGXjwXuDA8VOR9ubNMHl1boeVlYhG6ZtBR19wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB2YrL8cr/ZjtBu0m7i3pVcDdbvNMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvSFppc3Z4eXY5bU8wRzdTYnVMZWxWd04xdTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFm8EgAwQC
m8GgAwQAm8HlAwQCm8H4MA0GCSqGSIb3DQEBCwUAA4IBAQCsI+lgGYiW6rKyYR8G
uq58l87NsL6wbgy/0KTyuOWdE0cmm8sHlG09rGZOC4oZK3/Dw+wtZ1esnXyiMS2A
CKxxZwtE9w566UhYkjrnubguLYHSOVC+byJEpbrNF1B5Ybd15nz/6C9Pca5qXYk7
mYZBGqpWwKMlsPTZgr49s//qiXIs/SK9S6xM/ZvKJU72wIMwAP8Hk89cw8RJlEof
V+7HQBHn3+wSJJOaMjLl9hwLnvDQzAsdzvGScCQRCyjGlH4LsUqxJEacExI9bj+M
QWfdd9c/aCBr8T95Y9hWENGBmmrxrQaMJL4wddL39ME04ek2HJjMi3b7eVe+y+6v
fQWg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org