Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/QXBQERm79xL52hRgc-K0AvVslQc.roa
File: QXBQERm79xL52hRgc-K0AvVslQc.roa (raw, json)
Hash identifier: 3c7XkwZFg4Xm+67AHgf8Kg8sQ7Xh7inG6R6UiBjLqX4=
Subject key identifier: 41:70:50:11:19:BB:F7:12:F9:DA:14:60:73:E2:B4:02:F5:6C:95:07
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0186A8B68A14F5E0037B52448381A6B6EAE2
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/QXBQERm79xL52hRgc-K0AvVslQc.roa
Signing time: Fri 03 Mar 2023 18:23:00 +0000
ROA not before: Fri 03 Mar 2023 18:23:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 155.193.14.0/24 maxlen: 24
155.193.80.0/22 maxlen: 22
155.193.1.0/24 maxlen: 24
155.193.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:b6:8a:14:f5:e0:03:7b:52:44:83:81:a6:b6:ea:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Mar 3 18:23:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4170501119bbf712f9da146073e2b402f56c9507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:67:72:7d:f2:80:26:60:2f:6e:54:1b:30:
07:c4:57:f6:fb:5a:d9:3c:2c:04:57:24:4c:9f:5c:
ac:96:71:2f:c5:1f:5d:5b:bc:70:b1:f6:3e:f4:2b:
1d:d4:87:9f:25:32:7b:47:f1:2d:bc:c2:6c:b0:66:
c0:91:a2:c0:c7:46:5b:99:7d:a0:53:33:3c:ad:ae:
c1:e7:7c:b7:ef:86:d3:87:e7:b3:ab:ff:20:4f:b7:
64:da:8c:5a:4e:a1:73:1d:4c:ec:89:a5:e2:a8:fe:
59:5c:1a:c1:68:33:8b:75:83:0e:f0:a3:11:a5:d8:
77:91:ee:81:38:b3:b3:ba:42:e5:f4:8b:6a:20:44:
8e:e8:78:bb:f6:a5:f8:c4:69:1c:e8:8c:67:9f:4c:
53:7d:ca:f5:3a:bc:d4:89:41:7e:5a:57:4a:45:c3:
0a:d9:50:f8:d1:e5:6d:22:a0:85:59:11:be:76:5d:
c8:cf:43:c5:e1:86:89:d1:e4:1f:aa:5c:dd:fc:4b:
b3:e8:30:86:ee:95:e3:a8:98:88:d5:eb:6c:9a:75:
bb:34:71:b1:8e:b4:48:28:f9:a5:4a:19:4b:08:ed:
1e:29:d8:97:79:25:71:5b:b0:31:de:aa:59:f5:ae:
50:aa:97:5b:6f:78:08:67:3b:39:fd:bb:8d:69:43:
1f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:70:50:11:19:BB:F7:12:F9:DA:14:60:73:E2:B4:02:F5:6C:95:07
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/QXBQERm79xL52hRgc-K0AvVslQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.1.0/24
155.193.8.0/22
155.193.14.0/24
155.193.80.0/22
Signature Algorithm: sha256WithRSAEncryption
06:72:4f:90:db:9a:c8:2f:98:c1:7c:3b:2d:f7:76:f9:9d:2f:
5c:ba:16:77:f9:8d:53:44:a4:4c:59:49:4d:5e:5b:f6:8b:bd:
f8:c9:5a:f6:6a:46:4e:2f:06:50:67:46:39:a4:54:f0:f7:f1:
de:a8:4e:15:51:24:a0:82:38:2d:3d:e8:d7:46:5d:f5:5e:e8:
0b:65:9b:14:cd:1e:8e:92:28:c8:56:63:3e:8b:00:fa:74:b8:
a7:a0:01:39:83:3d:06:6c:41:f7:c5:52:1a:b1:55:8c:b0:d2:
57:a9:91:b2:ee:b5:85:07:5a:ca:13:7c:92:6e:86:35:d5:30:
df:a7:9e:81:1b:c1:84:64:26:19:fd:47:d2:86:76:46:12:98:
71:ff:dc:51:c2:18:1b:2f:e5:4d:ac:45:bd:ad:de:74:53:df:
17:72:f6:55:ec:16:66:27:70:3e:63:8c:d4:92:44:40:19:3e:
80:65:1d:1a:4f:5d:4d:7d:78:bb:93:f8:06:bc:c7:d8:66:cb:
af:96:d9:e6:e6:61:6e:a0:b6:15:80:bb:78:76:5c:57:77:69:
1a:48:d8:a7:e1:3e:5a:33:9d:0b:24:f2:b7:29:45:9c:d1:71:
53:75:fa:a8:f2:33:50:54:b5:7b:89:1d:8b:44:07:6c:4d:55:
83:b2:d0:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaotooU9eADe1JEg4GmturiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwMzAzMTgyMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTcwNTAxMTE5YmJmNzEyZjlkYTE0NjA3M2UyYjQwMmY1NmM5NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKBncn3ygCZgL25UGzAHxFf2+1rZ
PCwEVyRMn1yslnEvxR9dW7xwsfY+9Csd1IefJTJ7R/EtvMJssGbAkaLAx0ZbmX2g
UzM8ra7B53y374bTh+ezq/8gT7dk2oxaTqFzHUzsiaXiqP5ZXBrBaDOLdYMO8KMR
pdh3ke6BOLOzukLl9ItqIESO6Hi79qX4xGkc6Ixnn0xTfcr1OrzUiUF+WldKRcMK
2VD40eVtIqCFWRG+dl3Iz0PF4YaJ0eQfqlzd/Euz6DCG7pXjqJiI1etsmnW7NHGx
jrRIKPmlShlLCO0eKdiXeSVxW7Ax3qpZ9a5Qqpdbb3gIZzs5/buNaUMf9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEFwUBEZu/cS+doUYHPitAL1bJUHMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvUVhCUUVSbTc5eEw1MmhSZ2MtSzBBdlZzbFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAm8EBAwQC
m8EIAwQAm8EOAwQCm8FQMA0GCSqGSIb3DQEBCwUAA4IBAQAGck+Q25rIL5jBfDst
93b5nS9cuhZ3+Y1TRKRMWUlNXlv2i734yVr2akZOLwZQZ0Y5pFTw9/HeqE4VUSSg
gjgtPejXRl31XugLZZsUzR6OkijIVmM+iwD6dLinoAE5gz0GbEH3xVIasVWMsNJX
qZGy7rWFB1rKE3ySboY11TDfp56BG8GEZCYZ/UfShnZGEphx/9xRwhgbL+VNrEW9
rd50U98XcvZV7BZmJ3A+Y4zUkkRAGT6AZR0aT11NfXi7k/gGvMfYZsuvltnm5mFu
oLYVgLt4dlxXd2kaSNin4T5aM50LJPK3KUWc0XFTdfqo8jNQVLV7iR2LRAdsTVWD
stA9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org