Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NCXZhDYM1i4mkfLrjjxZYUGnF7w.roa
File: NCXZhDYM1i4mkfLrjjxZYUGnF7w.roa (raw, json)
Hash identifier: 52zwVGxGbzbYAHCsubVO6U3qtM+7J1Y9ncp1PlD/q6w=
Subject key identifier: 34:25:D9:84:36:0C:D6:2E:26:91:F2:EB:8E:3C:59:61:41:A7:17:BC
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03D14CC4
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NCXZhDYM1i4mkfLrjjxZYUGnF7w.roa
Signing time: Sat 01 Jan 2022 08:04:27 +0000
ROA not before: Sat 01 Jan 2022 08:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46450
IP address blocks: 155.193.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64048324 (0x3d14cc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3425d984360cd62e2691f2eb8e3c596141a717bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:02:d2:70:e2:1e:bb:0f:8a:99:4b:8e:3c:37:
fc:d1:7d:8c:d3:d9:0d:32:fd:a6:5b:b7:fb:5c:c0:
93:ae:2b:46:86:d0:3a:76:16:0b:fa:c7:67:74:46:
a6:c3:71:d9:ed:cf:b0:a3:0c:fa:b0:9a:0c:ce:16:
a3:d4:fc:63:6b:e9:1f:a9:95:49:de:df:89:0c:d9:
32:14:3a:31:f6:89:58:e8:a6:08:07:18:92:ce:47:
5b:b6:64:c0:95:c6:1c:62:6e:3b:5a:e1:15:a6:23:
58:6d:c1:fb:2c:b6:1c:0c:06:ee:0b:d7:f1:b4:ae:
42:b3:d0:4f:fd:bd:09:df:ab:d5:e0:18:ab:0f:5d:
4b:ba:d4:20:e8:9a:b9:e6:d8:de:9d:7d:9a:b8:cd:
a3:08:89:8c:b2:44:54:7f:9f:19:54:bb:76:35:bd:
fb:da:e2:60:a5:70:2a:79:bb:83:27:22:59:ee:e1:
e2:aa:1b:c1:c3:4d:d1:34:b8:27:5a:63:b6:32:0d:
e6:66:c5:0c:c9:b6:4f:c4:5f:1c:52:cf:dd:b4:39:
e2:15:4b:85:f9:3b:04:17:b2:63:3f:64:b0:d3:b2:
c4:3f:9d:2b:ee:8e:1c:97:20:a4:bb:ec:04:2e:80:
fb:6a:3a:c4:e8:fa:49:03:4f:69:b8:5b:0b:11:f2:
56:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:25:D9:84:36:0C:D6:2E:26:91:F2:EB:8E:3C:59:61:41:A7:17:BC
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/NCXZhDYM1i4mkfLrjjxZYUGnF7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.12.0/22
Signature Algorithm: sha256WithRSAEncryption
20:c5:da:25:78:36:55:96:1e:48:d6:09:e8:9b:87:38:0c:20:
e2:f3:86:07:7f:72:71:5e:2e:62:4f:77:a2:33:70:60:74:e3:
a7:a0:b6:10:be:30:41:b7:74:64:d3:68:d2:3e:06:8b:98:7e:
66:f4:3a:26:60:be:b8:a4:bf:7a:37:01:58:81:e5:67:dc:86:
8d:f9:cd:78:1f:65:e3:92:31:40:f3:27:63:0d:7a:e4:b9:16:
f4:7a:a4:f8:bf:1a:2e:8c:a3:81:d3:db:52:78:03:6b:d3:60:
b9:73:c5:64:96:ce:4d:0e:39:11:6b:d6:81:48:03:5f:15:39:
28:84:95:15:dd:1d:09:02:ae:db:4f:8c:f3:7c:94:01:5c:59:
b0:60:6e:81:a5:b3:9d:8b:b8:e5:92:3b:30:24:85:f6:97:20:
b3:0c:ad:d2:91:f2:91:cd:53:24:89:b9:cd:4c:a2:13:de:7f:
be:c8:92:a2:52:82:34:14:cd:3a:b2:ae:cc:15:d2:cd:5e:1a:
32:0a:2c:a5:12:fa:36:14:2a:24:8e:e0:5e:ac:9d:c6:e6:91:
e8:7b:89:2b:cd:58:06:a0:67:c2:92:b0:05:54:ce:e4:99:0f:
e1:f8:d3:b4:6b:03:13:cd:3b:41:44:b8:38:b5:da:f7:5f:b3:
02:c2:bc:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9FMxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQyNWQ5ODQzNjBj
ZDYyZTI2OTFmMmViOGUzYzU5NjE0MWE3MTdiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4C0nDiHrsPiplLjjw3/NF9jNPZDTL9plu3+1zAk64rRobQ
OnYWC/rHZ3RGpsNx2e3PsKMM+rCaDM4Wo9T8Y2vpH6mVSd7fiQzZMhQ6MfaJWOim
CAcYks5HW7ZkwJXGHGJuO1rhFaYjWG3B+yy2HAwG7gvX8bSuQrPQT/29Cd+r1eAY
qw9dS7rUIOiauebY3p19mrjNowiJjLJEVH+fGVS7djW9+9riYKVwKnm7gyciWe7h
4qobwcNN0TS4J1pjtjIN5mbFDMm2T8RfHFLP3bQ54hVLhfk7BBeyYz9ksNOyxD+d
K+6OHJcgpLvsBC6A+2o6xOj6SQNPabhbCxHyVqUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0JdmENgzWLiaR8uuOPFlhQacXvDAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L05DWFpoRFlNMWk0bWtmTHJqanhaWVVHbkY3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApvBDDANBgkqhkiG9w0BAQsFAAOC
AQEAIMXaJXg2VZYeSNYJ6JuHOAwg4vOGB39ycV4uYk93ojNwYHTjp6C2EL4wQbd0
ZNNo0j4Gi5h+ZvQ6JmC+uKS/ejcBWIHlZ9yGjfnNeB9l45IxQPMnYw165LkW9Hqk
+L8aLoyjgdPbUngDa9NguXPFZJbOTQ45EWvWgUgDXxU5KISVFd0dCQKu20+M83yU
AVxZsGBugaWznYu45ZI7MCSF9pcgswyt0pHykc1TJIm5zUyiE95/vsiSolKCNBTN
OrKuzBXSzV4aMgospRL6NhQqJI7gXqydxuaR6HuJK81YBqBnwpKwBVTO5JkP4fjT
tGsDE807QUS4OLXa91+zAsK8+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org