Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/VTyQCUyXBcppbmQ6JESUlKA86uQ.roa
File: VTyQCUyXBcppbmQ6JESUlKA86uQ.roa (raw, json)
Hash identifier: kuYF3r69hV/BRJMaG3LfAPkCyTAcTwHfLaD/6ceGEw8=
Subject key identifier: 55:3C:90:09:4C:97:05:CA:69:6E:64:3A:24:44:94:94:A0:3C:EA:E4
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0184C6C3F14FB4C3EBAC2AE992749837D99B
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/VTyQCUyXBcppbmQ6JESUlKA86uQ.roa
Signing time: Wed 30 Nov 2022 04:20:40 +0000
ROA not before: Wed 30 Nov 2022 04:20:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 192.53.136.0/21 maxlen: 21
155.193.2.0/23 maxlen: 23
192.53.64.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c6:c3:f1:4f:b4:c3:eb:ac:2a:e9:92:74:98:37:d9:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Nov 30 04:20:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=553c90094c9705ca696e643a24449494a03ceae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:92:27:e5:7c:79:b6:24:a6:7d:54:66:69:
f3:f4:e7:b1:f9:77:77:25:86:04:a6:0b:0c:15:00:
a2:77:e7:ad:10:78:57:c2:0f:31:7b:59:aa:43:e8:
69:0e:c4:bd:6d:97:91:e8:a9:a3:7d:5b:77:6d:87:
b1:39:6d:ec:3f:17:30:37:80:de:ec:a7:4a:ce:b4:
92:d1:81:eb:f0:86:a1:1d:60:de:c8:c6:40:4e:2a:
ed:c8:b6:4c:bf:97:e1:aa:8d:de:1d:1f:70:d9:65:
46:98:ae:fc:37:1c:6e:b0:71:c2:e1:ff:d7:ba:46:
ca:87:17:f5:36:cd:1f:e8:0c:30:86:8f:87:a2:88:
85:90:3f:a4:f2:c0:a5:83:e9:86:62:b4:3f:e2:33:
cf:07:74:ad:46:bf:2e:32:09:68:6a:88:66:c2:f0:
88:5d:df:5d:bf:ac:bd:93:08:f4:b4:08:c9:1e:07:
2f:03:48:0a:68:55:56:12:dc:56:e2:cf:75:08:dd:
82:d5:d0:d4:91:66:e2:ba:1d:09:cd:8f:84:26:fe:
3b:c3:a8:a0:ff:3b:a9:b4:5a:6e:b7:74:a7:76:cf:
cd:4c:63:57:d3:77:d2:3f:e4:24:2e:80:24:89:e8:
5c:6f:fc:2a:ac:e7:aa:2c:ac:e4:30:0e:f2:f6:a3:
3f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3C:90:09:4C:97:05:CA:69:6E:64:3A:24:44:94:94:A0:3C:EA:E4
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/VTyQCUyXBcppbmQ6JESUlKA86uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.2.0/23
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:0e:f8:6a:76:a6:12:4a:d1:78:b3:a4:72:b1:0b:5a:be:1f:
09:2d:7a:f8:72:3f:27:ee:ef:c8:c5:bb:91:de:1c:5b:53:c2:
a8:1e:9d:c3:d7:2d:66:bd:e8:bf:10:ca:02:9d:47:fd:16:4f:
0d:5a:cb:2d:ad:97:c4:64:0c:b4:17:ef:27:fc:8b:09:ee:8c:
54:6f:04:82:bc:02:5e:58:c0:85:83:9c:23:43:2b:c5:7b:a1:
60:c3:d6:ef:b3:0b:5b:ad:fa:d9:1a:2c:cd:06:88:37:16:25:
45:21:7b:06:70:d2:3e:ad:aa:72:a9:42:50:16:22:af:9d:7b:
b0:d5:5f:7e:22:f0:44:da:b2:67:bf:87:a9:ab:b8:bb:8d:43:
14:08:78:4a:03:d2:8e:1b:0c:7d:d7:36:04:17:2c:a1:fb:5f:
49:10:83:40:c1:2e:99:e3:97:eb:b6:95:18:9a:a2:e4:92:83:
17:82:a8:e4:5e:19:46:2d:89:41:f3:1e:03:50:a5:4b:4d:a4:
f8:a3:f5:ce:93:41:50:e9:6c:44:56:4c:88:84:d4:b0:03:9e:
17:ad:16:df:b9:32:6e:cf:bb:64:6f:41:86:81:68:43:33:44:
cc:0c:ae:0d:ce:ce:76:86:ad:c3:98:aa:59:d2:64:bf:89:2c:
81:21:31:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTGw/FPtMPrrCrpknSYN9mbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIxMTMwMDQyMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNjOTAwOTRjOTcwNWNhNjk2ZTY0M2EyNDQ0OTQ5NGEwM2NlYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgmSJ+V8ebYkpn1UZmnz9Oex+Xd3
JYYEpgsMFQCid+etEHhXwg8xe1mqQ+hpDsS9bZeR6KmjfVt3bYexOW3sPxcwN4De
7KdKzrSS0YHr8IahHWDeyMZATirtyLZMv5fhqo3eHR9w2WVGmK78NxxusHHC4f/X
ukbKhxf1Ns0f6Awwho+HooiFkD+k8sClg+mGYrQ/4jPPB3StRr8uMgloaohmwvCI
Xd9dv6y9kwj0tAjJHgcvA0gKaFVWEtxW4s91CN2C1dDUkWbiuh0JzY+EJv47w6ig
/zuptFput3Snds/NTGNX03fSP+QkLoAkiehcb/wqrOeqLKzkMA7y9qM/NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFU8kAlMlwXKaW5kOiRElJSgPOrkMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvVlR5UUNVeVhCY3BwYm1RNkpFU1VsS0E4NnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBm8ECAwQD
wDVAAwQDwDWIMA0GCSqGSIb3DQEBCwUAA4IBAQBdDvhqdqYSStF4s6RysQtavh8J
LXr4cj8n7u/IxbuR3hxbU8KoHp3D1y1mvei/EMoCnUf9Fk8NWsstrZfEZAy0F+8n
/IsJ7oxUbwSCvAJeWMCFg5wjQyvFe6Fgw9bvswtbrfrZGizNBog3FiVFIXsGcNI+
rapyqUJQFiKvnXuw1V9+IvBE2rJnv4epq7i7jUMUCHhKA9KOGwx91zYEFyyh+19J
EINAwS6Z45frtpUYmqLkkoMXgqjkXhlGLYlB8x4DUKVLTaT4o/XOk0FQ6WxEVkyI
hNSwA54XrRbfuTJuz7tkb0GGgWhDM0TMDK4Nzs52hq3DmKpZ0mS/iSyBITEz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org