Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/aoCr7D8unhDFkrmDlA_M5dSlJRA.roa
File: aoCr7D8unhDFkrmDlA_M5dSlJRA.roa (raw, json)
Hash identifier: 8eup0QvdO3yC7qYN8Cv2+DKvjEXnUtY/0VpNt4Ycvu4=
Subject key identifier: 6A:80:AB:EC:3F:2E:9E:10:C5:92:B9:83:94:0F:CC:E5:D4:A5:25:10
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0184C731CEAC63B8CA126AF35FC57A423807
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/aoCr7D8unhDFkrmDlA_M5dSlJRA.roa
Signing time: Wed 30 Nov 2022 06:20:40 +0000
ROA not before: Wed 30 Nov 2022 06:20:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 155.193.80.0/22 maxlen: 22
155.193.1.0/24 maxlen: 24
155.193.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:31:ce:ac:63:b8:ca:12:6a:f3:5f:c5:7a:42:38:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Nov 30 06:20:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a80abec3f2e9e10c592b983940fcce5d4a52510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:b3:39:5b:59:54:18:cd:81:0f:95:6f:0a:
ea:5d:ab:10:38:53:78:52:dd:fb:6d:ed:f5:65:62:
42:c6:59:60:46:28:fc:36:13:3a:f4:b5:c1:b7:28:
b7:88:c3:f9:c1:96:82:dc:ff:d4:b2:38:31:d0:7e:
02:48:15:86:1e:ed:e9:61:11:fe:1f:ce:07:e4:12:
34:93:8a:9a:65:70:18:56:6f:60:2c:67:03:ec:de:
b0:55:8d:66:ef:22:be:66:a5:72:32:c4:6b:27:52:
f4:7a:8b:4d:b3:60:8f:4e:71:8d:77:2b:d8:f5:9f:
0a:67:12:b5:c3:c3:01:ee:1e:e7:4e:f7:82:3c:84:
15:04:ef:5b:52:2e:71:7b:7e:a5:0a:51:e6:04:46:
e5:77:29:99:7d:90:22:15:89:56:ba:3b:4f:ad:dd:
91:fc:3f:b0:ab:f7:97:c7:cd:63:91:ea:5b:69:74:
0c:93:e8:e2:53:9e:16:94:37:f2:b7:39:18:b5:d3:
ec:69:c3:68:df:5c:12:a0:fe:3f:bf:33:9a:19:e9:
f0:b9:f9:fc:63:f4:b0:c1:f0:55:93:5b:4a:75:b9:
8a:ff:80:01:76:ef:48:84:f6:23:cb:42:e6:e1:ef:
4b:77:2c:8a:7e:f5:43:08:9d:9a:06:f6:da:a8:26:
37:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:80:AB:EC:3F:2E:9E:10:C5:92:B9:83:94:0F:CC:E5:D4:A5:25:10
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/aoCr7D8unhDFkrmDlA_M5dSlJRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.1.0/24
155.193.8.0/22
155.193.80.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:53:03:54:68:21:48:95:4a:38:35:57:90:3a:b7:56:c2:61:
3a:91:4a:fc:29:20:ab:df:6e:f7:a8:16:1a:d4:e6:66:0c:e5:
dd:0d:15:40:d4:d3:fd:85:45:6d:6b:7d:08:36:c6:c8:43:cb:
48:2b:28:7a:26:d3:e9:7e:ca:23:33:3f:eb:7a:d4:a6:94:43:
ea:95:11:a3:e9:0f:28:1a:76:ed:4f:f1:b2:8e:6f:37:2d:11:
9e:f0:41:fb:4f:89:37:89:d3:89:43:20:af:3b:be:e4:42:1c:
d5:c3:6f:71:57:7f:05:02:a1:f4:65:33:ce:82:ea:6f:3d:d1:
ca:bf:cb:be:fa:15:be:41:d9:cc:b5:b2:99:a0:cb:0f:87:21:
43:75:5d:b1:5b:81:37:d3:6c:0d:5f:8c:f4:93:77:63:bf:d9:
5b:e0:8e:e6:fd:75:c8:af:5a:5e:3b:d7:8a:90:63:9a:34:05:
7a:a2:02:d5:1b:15:ee:ce:39:06:47:66:80:1b:9f:e9:c5:ae:
fc:03:0a:4c:b8:40:96:f4:e4:65:1d:be:d3:4b:9c:f2:79:40:
14:1b:73:4d:da:2e:d3:e2:c2:b8:2e:b9:3c:05:be:af:23:e7:
65:61:b4:2d:f5:38:b6:01:cb:57:d2:29:17:3c:03:be:e7:e3:
ae:04:2b:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTHMc6sY7jKEmrzX8V6QjgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIxMTMwMDYyMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgwYWJlYzNmMmU5ZTEwYzU5MmI5ODM5NDBmY2NlNWQ0YTUyNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK6zOVtZVBjNgQ+VbwrqXasQOFN4
Ut37be31ZWJCxllgRij8NhM69LXBtyi3iMP5wZaC3P/Usjgx0H4CSBWGHu3pYRH+
H84H5BI0k4qaZXAYVm9gLGcD7N6wVY1m7yK+ZqVyMsRrJ1L0eotNs2CPTnGNdyvY
9Z8KZxK1w8MB7h7nTveCPIQVBO9bUi5xe36lClHmBEbldymZfZAiFYlWujtPrd2R
/D+wq/eXx81jkepbaXQMk+jiU54WlDfytzkYtdPsacNo31wSoP4/vzOaGenwufn8
Y/SwwfBVk1tKdbmK/4ABdu9IhPYjy0Lm4e9LdyyKfvVDCJ2aBvbaqCY36QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqAq+w/Lp4QxZK5g5QPzOXUpSUQMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvYW9DcjdEOHVuaERGa3JtRGxBX001ZFNsSlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAm8EBAwQC
m8EIAwQCm8FQMA0GCSqGSIb3DQEBCwUAA4IBAQCwUwNUaCFIlUo4NVeQOrdWwmE6
kUr8KSCr3273qBYa1OZmDOXdDRVA1NP9hUVta30INsbIQ8tIKyh6JtPpfsojMz/r
etSmlEPqlRGj6Q8oGnbtT/Gyjm83LRGe8EH7T4k3idOJQyCvO77kQhzVw29xV38F
AqH0ZTPOgupvPdHKv8u++hW+QdnMtbKZoMsPhyFDdV2xW4E302wNX4z0k3djv9lb
4I7m/XXIr1peO9eKkGOaNAV6ogLVGxXuzjkGR2aAG5/pxa78AwpMuECW9ORlHb7T
S5zyeUAUG3NN2i7T4sK4Lrk8Bb6vI+dlYbQt9Ti2ActX0ikXPAO+5+OuBCuh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org