Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KMgkNbk6MkrEkvJ0EUs8f1SrfDc.roa
File: KMgkNbk6MkrEkvJ0EUs8f1SrfDc.roa (raw, json)
Hash identifier: d1k4ZXwp0A8Qyu2OgDB1r/2j86gsQOMzJSJ5mrLru9c=
Subject key identifier: 28:C8:24:35:B9:3A:32:4A:C4:92:F2:74:11:4B:3C:7F:54:AB:7C:37
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03CE5008
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KMgkNbk6MkrEkvJ0EUs8f1SrfDc.roa
Signing time: Sat 01 Jan 2022 08:04:25 +0000
ROA not before: Sat 01 Jan 2022 08:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 155.193.128.0/17 maxlen: 17
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63852552 (0x3ce5008)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28c82435b93a324ac492f274114b3c7f54ab7c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e2:ba:3b:d9:db:b9:d5:bc:d7:3e:09:69:2e:
3d:4b:fb:b7:29:03:36:58:ff:db:ff:b1:1a:30:1c:
a1:20:1c:50:2e:70:b9:c4:e1:8c:4c:04:b4:ba:4d:
79:a7:68:ca:fc:99:9a:25:da:56:14:a6:d4:3a:a8:
09:7c:ac:3e:f8:8b:71:82:f3:99:a4:19:4c:a5:0d:
48:69:36:36:aa:27:5f:55:14:79:8e:1c:4c:0e:70:
27:26:d1:87:54:29:65:06:17:fa:cb:50:13:86:ae:
fa:bd:7a:d2:af:47:5b:f8:45:50:77:a4:cd:00:6a:
56:13:b0:89:61:11:d8:d1:08:c4:4e:75:86:a9:dc:
04:1c:f5:1f:74:79:46:d4:2a:44:8c:8d:24:f8:6b:
b0:98:fc:f2:14:11:06:e5:85:25:05:f5:73:11:9e:
c3:17:d9:de:96:b4:e4:a8:4d:b7:de:0b:7d:f1:02:
42:65:26:69:00:80:e2:51:35:59:25:f2:ce:28:b8:
45:e5:8a:5e:b8:71:73:34:3f:f6:52:d1:9a:70:fb:
5b:ee:4c:82:e5:27:dc:35:dd:25:07:20:28:1e:54:
a7:b3:31:49:8f:76:55:4c:74:66:4f:04:02:d0:23:
b2:4c:34:7f:a8:ab:e4:0c:a3:ef:e3:fd:35:6b:98:
fe:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C8:24:35:B9:3A:32:4A:C4:92:F2:74:11:4B:3C:7F:54:AB:7C:37
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/KMgkNbk6MkrEkvJ0EUs8f1SrfDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.128.0/17
Signature Algorithm: sha256WithRSAEncryption
22:43:2e:df:31:b0:9b:9d:34:32:77:10:09:5b:3c:83:19:c4:
c3:4a:db:64:d4:43:04:67:e2:e0:ef:0d:2e:28:ab:4e:3c:0d:
67:7c:6c:93:38:a5:45:dd:02:96:f6:95:57:5c:7b:76:14:4c:
ea:fd:7b:34:7c:47:24:47:f5:c5:f2:10:e6:58:ea:2e:b7:12:
46:9a:aa:48:e7:02:20:cc:92:cc:11:02:5f:45:a3:b1:51:13:
b1:14:d3:4b:0e:e8:f6:2d:73:5c:1e:db:72:c9:79:c2:d9:9b:
d0:d5:c6:03:9d:b2:9b:95:bc:9a:f1:c2:ad:02:35:f8:7f:b5:
fa:b3:0d:97:94:d4:af:23:44:7c:0e:0d:e3:49:0b:87:d0:73:
83:a1:08:f7:4b:5e:73:bd:2b:f4:b4:6a:26:ac:41:77:cf:87:
75:9f:75:7f:62:8a:c2:05:df:76:d0:cf:20:77:b9:25:b6:52:
af:48:91:30:b1:e3:d8:d5:fa:a4:4f:aa:be:4c:64:87:24:e6:
a9:70:37:73:c3:21:6b:71:e4:01:24:8e:26:06:44:5e:9e:7f:
96:0c:99:0a:c4:be:83:5b:2f:e4:0c:15:86:e2:06:41:09:aa:
1a:8f:ef:09:c6:b0:03:00:4c:cc:72:77:62:7f:3a:0d:47:98:
1e:6f:63:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA85QCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhjODI0MzViOTNh
MzI0YWM0OTJmMjc0MTE0YjNjN2Y1NGFiN2MzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObiujvZ27nVvNc+CWkuPUv7tykDNlj/2/+xGjAcoSAcUC5w
ucThjEwEtLpNeadoyvyZmiXaVhSm1DqoCXysPviLcYLzmaQZTKUNSGk2NqonX1UU
eY4cTA5wJybRh1QpZQYX+stQE4au+r160q9HW/hFUHekzQBqVhOwiWER2NEIxE51
hqncBBz1H3R5RtQqRIyNJPhrsJj88hQRBuWFJQX1cxGewxfZ3pa05KhNt94LffEC
QmUmaQCA4lE1WSXyzii4ReWKXrhxczQ/9lLRmnD7W+5MguUn3DXdJQcgKB5Up7Mx
SY92VUx0Zk8EAtAjskw0f6ir5Ayj7+P9NWuY/v8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQoyCQ1uToySsSS8nQRSzx/VKt8NzAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L0tNZ2tOYms2TWtyRWt2SjBFVXM4ZjFTcmZEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB5vBgDANBgkqhkiG9w0BAQsFAAOC
AQEAIkMu3zGwm500MncQCVs8gxnEw0rbZNRDBGfi4O8NLiirTjwNZ3xskzilRd0C
lvaVV1x7dhRM6v17NHxHJEf1xfIQ5ljqLrcSRpqqSOcCIMySzBECX0WjsVETsRTT
Sw7o9i1zXB7bcsl5wtmb0NXGA52ym5W8mvHCrQI1+H+1+rMNl5TUryNEfA4N40kL
h9Bzg6EI90tec70r9LRqJqxBd8+HdZ91f2KKwgXfdtDPIHe5JbZSr0iRMLHj2NX6
pE+qvkxkhyTmqXA3c8Mha3HkASSOJgZEXp5/lgyZCsS+g1sv5AwVhuIGQQmqGo/v
CcawAwBMzHJ3Yn86DUeYHm9jGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org