Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/g9Ws0jGYRDYNuQGiy4W0MYprTqA.roa
File: g9Ws0jGYRDYNuQGiy4W0MYprTqA.roa (raw, json)
Hash identifier: gHCTSg9htT8ieyK7BTtTId+Wtz3LTfUe4sJlZiAbN2c=
Subject key identifier: 83:D5:AC:D2:31:98:44:36:0D:B9:01:A2:CB:85:B4:31:8A:6B:4E:A0
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01848D30B387BC679B8EE20725AF8543B3C6
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/g9Ws0jGYRDYNuQGiy4W0MYprTqA.roa
Signing time: Sat 19 Nov 2022 00:01:29 +0000
ROA not before: Sat 19 Nov 2022 00:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 155.193.229.0/24 maxlen: 24
192.6.252.0/22 maxlen: 22
155.193.32.0/19 maxlen: 19
155.193.250.0/24 maxlen: 24
155.193.251.0/24 maxlen: 24
155.193.248.0/24 maxlen: 24
155.193.249.0/24 maxlen: 24
192.6.64.0/22 maxlen: 22
192.25.232.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
155.193.163.0/24 maxlen: 24
155.193.161.0/24 maxlen: 24
155.193.162.0/24 maxlen: 24
155.193.160.0/24 maxlen: 24
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8d:30:b3:87:bc:67:9b:8e:e2:07:25:af:85:43:b3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Nov 19 00:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83d5acd2319844360db901a2cb85b4318a6b4ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:04:38:c6:fb:af:37:8e:3d:50:f3:29:6c:
88:77:e3:a0:54:c0:a3:c1:52:3f:0f:e0:fc:dc:77:
96:18:bb:da:5c:b9:9a:26:86:5d:a8:a1:54:20:df:
b5:d5:be:c2:6e:f6:3e:b5:ba:b4:b7:59:7c:56:69:
20:64:3a:ed:05:d7:3e:fc:5d:10:d2:12:41:b0:d6:
1f:ec:2d:71:44:94:1f:d1:6f:1a:0c:1f:01:e6:f7:
0d:42:e2:67:24:29:52:2a:e3:db:ff:e0:eb:62:58:
2b:93:da:d6:4a:e4:1f:69:00:13:03:41:01:8a:a8:
33:85:00:ae:9a:96:a0:13:e8:45:a5:65:c2:44:31:
a0:c6:72:b9:15:d2:2e:f3:3d:30:8a:dc:e5:c8:ae:
e6:a7:c0:58:ef:4d:af:ca:90:3b:41:34:74:eb:05:
8e:d2:cb:1a:1e:82:88:de:c6:92:76:c0:27:f5:fa:
6c:98:13:f9:c8:06:23:a9:26:25:4e:0c:b5:d4:a2:
ba:3f:e0:fd:cb:6d:5c:cd:99:f4:39:44:69:74:f5:
5f:0b:ff:10:20:6f:ee:ab:e2:63:07:52:3c:f5:b7:
a3:cf:88:72:13:d8:89:42:49:30:57:53:d4:a1:2e:
d4:9c:6f:3f:42:44:44:8a:30:6b:71:2b:9a:77:74:
03:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D5:AC:D2:31:98:44:36:0D:B9:01:A2:CB:85:B4:31:8A:6B:4E:A0
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/g9Ws0jGYRDYNuQGiy4W0MYprTqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.32.0/19
155.193.160.0/22
155.193.229.0/24
155.193.248.0/22
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
96:ea:98:40:7f:d2:59:b5:9d:34:fc:30:55:63:03:31:59:13:
79:0f:60:75:03:fb:f5:8e:5f:6e:36:27:bf:d9:4a:54:69:39:
e8:47:49:88:96:db:5f:8e:44:f4:ea:b2:6d:2e:2f:6c:35:c0:
31:84:62:a7:c0:d0:e7:a6:24:5b:fc:3d:8c:19:18:f5:dc:93:
1a:a2:d8:2d:ff:69:1b:e7:3d:24:2d:70:5b:dc:44:c0:79:41:
47:cc:39:1d:2d:3f:8b:5f:e1:42:6b:6d:73:81:29:fe:61:67:
14:90:70:bf:96:fb:85:41:47:f8:d3:b3:6a:c5:7d:f7:7e:5d:
9b:c4:f0:47:1d:fe:f1:ee:d5:1f:13:60:08:f4:f2:a8:8b:ac:
ac:7a:61:70:38:34:e0:54:bf:ff:44:e8:c1:15:82:02:53:81:
42:02:0a:dd:1e:a5:df:2b:62:b7:f1:55:85:7a:7f:2d:41:37:
43:98:4a:c2:91:d8:63:b0:49:f3:e0:7b:f4:43:0c:a0:fc:ef:
37:05:a6:8e:54:3c:82:61:b3:6c:1a:a2:cb:ae:09:3c:ad:80:
e4:c8:36:8e:46:5e:28:90:bb:5d:3f:2d:a0:35:0a:ba:2f:69:
90:71:65:3e:45:8d:89:f2:8f:0f:49:7b:68:dc:f9:c8:52:1a:
78:a7:c5:6b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYSNMLOHvGebjuIHJa+FQ7PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIxMTE5MDAwMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Q1YWNkMjMxOTg0NDM2MGRiOTAxYTJjYjg1YjQzMThhNmI0ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAEEOMb7rzeOPVDzKWyId+OgVMCj
wVI/D+D83HeWGLvaXLmaJoZdqKFUIN+11b7CbvY+tbq0t1l8VmkgZDrtBdc+/F0Q
0hJBsNYf7C1xRJQf0W8aDB8B5vcNQuJnJClSKuPb/+DrYlgrk9rWSuQfaQATA0EB
iqgzhQCumpagE+hFpWXCRDGgxnK5FdIu8z0witzlyK7mp8BY702vypA7QTR06wWO
0ssaHoKI3saSdsAn9fpsmBP5yAYjqSYlTgy11KK6P+D9y21czZn0OURpdPVfC/8Q
IG/uq+JjB1I89bejz4hyE9iJQkkwV1PUoS7UnG8/QkREijBrcSuad3QDpwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIPVrNIxmEQ2DbkBosuFtDGKa06gMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvZzlXczBqR1lSRFlOdVFHaXk0VzBNWXByVHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQFm8EgAwQC
m8GgAwQAm8HlAwQCm8H4AwQCwAZAAwQCwAasAwQCwAb8AwQCwBm0AwQCwBnIAwQC
wBnQAwQCwBnoAwQCwBn0AwQCwIkYMA0GCSqGSIb3DQEBCwUAA4IBAQCW6phAf9JZ
tZ00/DBVYwMxWRN5D2B1A/v1jl9uNie/2UpUaTnoR0mIlttfjkT06rJtLi9sNcAx
hGKnwNDnpiRb/D2MGRj13JMaotgt/2kb5z0kLXBb3ETAeUFHzDkdLT+LX+FCa21z
gSn+YWcUkHC/lvuFQUf407NqxX33fl2bxPBHHf7x7tUfE2AI9PKoi6ysemFwODTg
VL//ROjBFYICU4FCAgrdHqXfK2K38VWFen8tQTdDmErCkdhjsEnz4Hv0Qwyg/O83
BaaOVDyCYbNsGqLLrgk8rYDkyDaORl4okLtdPy2gNQq6L2mQcWU+RY2J8o8PSXto
3PnIUhp4p8Vr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org