Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_zbWpNrW1iRPPU3o7wjmAwdWc4o.roa
File: _zbWpNrW1iRPPU3o7wjmAwdWc4o.roa (raw, json)
Hash identifier: 51vmFgnUxM1lCx7k4kYxthvCofVJZzLmpAIZeozTq/M=
Subject key identifier: FF:36:D6:A4:DA:D6:D6:24:4F:3D:4D:E8:EF:08:E6:03:07:56:73:8A
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03D28A83
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_zbWpNrW1iRPPU3o7wjmAwdWc4o.roa
Signing time: Sat 01 Jan 2022 08:04:28 +0000
ROA not before: Sat 01 Jan 2022 08:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394844
IP address blocks: 155.193.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64129667 (0x3d28a83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff36d6a4dad6d6244f3d4de8ef08e6030756738a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:93:8a:14:f2:25:fc:35:96:60:8f:88:ab:15:
c8:5e:d7:30:3d:7d:ec:56:87:53:6f:56:53:f9:16:
ba:6a:8b:c6:0c:5a:36:bb:33:1e:d6:74:f0:8a:2f:
45:f1:d2:b5:ad:a3:ef:de:49:4c:ea:6d:9b:a4:eb:
e4:e3:5d:bc:58:72:6c:2b:c9:4e:83:4a:1c:6e:44:
ff:60:cf:cc:31:d8:4c:5e:93:0e:85:c6:34:3a:ab:
e9:28:f0:81:2b:b8:8f:4e:01:61:8b:fa:c3:ed:b1:
1f:dd:e0:a4:cb:66:6d:7e:b4:c7:fc:bb:0b:d8:56:
fd:19:6f:68:d8:dd:84:d4:6c:2c:9d:7f:0c:26:e3:
2b:04:10:55:c2:b0:e6:bb:53:0c:bb:cd:00:bb:14:
cd:27:d7:af:41:2f:e6:b9:ea:17:ed:3b:c1:33:14:
7e:7b:f8:74:d8:0e:61:97:0d:c6:bf:14:a9:fc:8b:
85:a8:9e:45:7f:60:1a:ed:57:28:67:85:ab:3c:54:
07:13:28:64:3a:97:71:25:ea:d9:97:85:a2:b0:a2:
3d:2c:7f:21:91:b9:35:52:a0:0a:1e:8c:7c:30:5b:
df:0c:1c:04:4e:31:da:45:a8:d5:16:f7:e5:96:3d:
f9:18:ea:65:fd:45:04:ad:77:bb:4f:55:53:5f:8a:
d6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:36:D6:A4:DA:D6:D6:24:4F:3D:4D:E8:EF:08:E6:03:07:56:73:8A
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/_zbWpNrW1iRPPU3o7wjmAwdWc4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.4.0/22
Signature Algorithm: sha256WithRSAEncryption
07:e6:52:2e:00:1a:ad:74:0b:3f:c1:6f:0b:95:e9:63:90:22:
86:8b:97:63:de:9a:b5:a9:87:bc:e8:78:45:93:fd:45:55:01:
aa:ac:fe:7a:f5:3c:b2:fd:cb:7f:1a:57:2c:b8:9b:90:8b:30:
9a:81:b1:60:f4:10:d6:a4:38:28:0d:74:75:92:a1:0a:fb:d6:
91:61:e2:ef:1f:08:4d:f8:f3:e6:47:42:88:68:46:4f:0e:ce:
74:b8:31:58:7a:44:5d:ac:19:f9:27:33:24:3a:30:d4:4d:f7:
f7:e6:0a:68:25:5f:e9:d9:08:70:3f:00:99:de:b3:bc:28:a1:
23:8c:5b:59:31:32:f2:85:ce:0e:e4:ae:cb:ca:eb:02:e8:79:
23:56:10:1d:f3:2c:11:23:4b:3d:8b:1a:55:30:84:85:d1:4a:
26:2e:6c:87:ee:10:5e:87:5d:92:4e:8b:f8:e3:94:b5:ce:43:
3f:12:ab:0e:c1:a5:6f:f5:71:a8:aa:07:86:ce:21:3b:fd:8d:
e1:ad:ff:b5:d1:f2:d2:de:27:e3:b3:53:93:fd:1b:3c:0a:8d:
af:d3:34:ca:71:72:d7:18:0e:6c:98:d3:67:8c:1a:a3:21:df:
1e:e6:96:68:5c:2a:72:15:80:6f:1b:f6:2a:10:13:1d:f6:fe:
39:5e:9c:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9KKgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYzNmQ2YTRkYWQ2
ZDYyNDRmM2Q0ZGU4ZWYwOGU2MDMwNzU2NzM4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKTihTyJfw1lmCPiKsVyF7XMD197FaHU29WU/kWumqLxgxa
NrszHtZ08IovRfHSta2j795JTOptm6Tr5ONdvFhybCvJToNKHG5E/2DPzDHYTF6T
DoXGNDqr6SjwgSu4j04BYYv6w+2xH93gpMtmbX60x/y7C9hW/RlvaNjdhNRsLJ1/
DCbjKwQQVcKw5rtTDLvNALsUzSfXr0Ev5rnqF+07wTMUfnv4dNgOYZcNxr8UqfyL
haieRX9gGu1XKGeFqzxUBxMoZDqXcSXq2ZeForCiPSx/IZG5NVKgCh6MfDBb3wwc
BE4x2kWo1Rb35ZY9+RjqZf1FBK13u09VU1+K1vECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT/Ntak2tbWJE89TejvCOYDB1ZzijAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L196YldwTnJXMWlSUFBVM283d2ptQXdkV2M0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApvBBDANBgkqhkiG9w0BAQsFAAOC
AQEAB+ZSLgAarXQLP8FvC5XpY5AihouXY96atamHvOh4RZP9RVUBqqz+evU8sv3L
fxpXLLibkIswmoGxYPQQ1qQ4KA10dZKhCvvWkWHi7x8ITfjz5kdCiGhGTw7OdLgx
WHpEXawZ+SczJDow1E339+YKaCVf6dkIcD8Amd6zvCihI4xbWTEy8oXODuSuy8rr
Auh5I1YQHfMsESNLPYsaVTCEhdFKJi5sh+4QXoddkk6L+OOUtc5DPxKrDsGlb/Vx
qKoHhs4hO/2N4a3/tdHy0t4n47NTk/0bPAqNr9M0ynFy1xgObJjTZ4waoyHfHuaW
aFwqchWAbxv2KhATHfb+OV6cVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org