Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/i3sop_SY2soUuIB3ecngQc7qmqE.roa
File: i3sop_SY2soUuIB3ecngQc7qmqE.roa (raw, json)
Hash identifier: IEWpRl29AeLo9Sj+8Pdor2JfDO6A5OCsYkDToXI1O5E=
Subject key identifier: 8B:7B:28:A7:F4:98:DA:CA:14:B8:80:77:79:C9:E0:41:CE:EA:9A:A1
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0184880735157C0721765DD078A3F4ED14AB
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/i3sop_SY2soUuIB3ecngQc7qmqE.roa
Signing time: Thu 17 Nov 2022 23:58:04 +0000
ROA not before: Thu 17 Nov 2022 23:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 155.193.16.0/20 maxlen: 20
155.193.128.0/17 maxlen: 17
192.46.184.0/21 maxlen: 21
192.46.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:88:07:35:15:7c:07:21:76:5d:d0:78:a3:f4:ed:14:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Nov 17 23:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b7b28a7f498daca14b8807779c9e041ceea9aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:48:79:af:c1:da:df:5f:13:08:6c:f9:6e:73:
a3:65:8e:37:ae:67:e4:77:e7:04:83:22:8a:dd:79:
15:ba:1e:33:57:ba:c2:56:2c:59:ce:ba:df:c7:0c:
c5:c9:a5:50:4e:46:ff:49:09:88:8e:19:e6:db:c7:
75:5a:36:73:c3:40:b5:7d:93:f5:6c:39:f7:0d:ac:
bb:cb:05:7d:0b:87:c8:9e:c7:5b:48:32:26:4c:6c:
4b:68:15:b0:56:7d:bd:48:d4:6b:85:dd:d0:4d:67:
ef:80:8c:35:08:61:a8:b2:5a:f6:6d:d7:07:98:d2:
4b:63:07:c8:3c:28:db:52:d1:25:d3:a4:73:a7:6c:
28:9a:37:92:36:b7:2f:f6:e2:12:dc:d1:11:5a:27:
c8:f5:65:0c:43:5e:1b:55:dc:f3:f6:9e:99:e4:b7:
b6:9f:76:d0:8b:8b:82:87:fc:63:cf:66:5b:31:a7:
70:66:3f:47:c0:4a:d4:e0:58:bf:74:b0:19:ef:b2:
f5:5e:15:2d:8e:71:f8:2b:53:73:6a:bc:23:f2:d3:
90:70:a5:7b:db:7b:85:d0:38:70:82:b1:9c:ed:28:
cd:74:1a:e6:f6:ea:7c:22:3f:a1:24:96:b3:ab:1e:
ed:dc:64:f7:42:96:41:0a:a3:4f:c7:9c:16:77:25:
24:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7B:28:A7:F4:98:DA:CA:14:B8:80:77:79:C9:E0:41:CE:EA:9A:A1
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/i3sop_SY2soUuIB3ecngQc7qmqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.16.0/20
155.193.128.0/17
192.46.184.0/21
192.46.200.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0c:e5:4f:ff:00:30:e0:72:53:fa:85:10:08:fb:15:b3:d4:
f7:12:0b:ce:60:c0:8f:ae:61:9f:f9:b6:af:d8:5d:32:74:bd:
19:93:ab:20:0d:31:29:a0:b9:5e:dc:5a:9e:e7:d0:90:8e:3a:
6a:49:d5:f1:ec:d7:77:1a:2f:30:cc:59:59:77:f9:67:4c:33:
cb:0d:fc:63:20:d3:40:09:be:b6:23:cd:14:22:cf:c5:3f:5b:
6a:a7:61:5a:0d:7f:a1:04:2f:96:ce:e7:5f:e6:3a:66:7e:fc:
c0:9d:d1:96:37:46:35:82:a4:17:66:55:fc:34:22:7f:e0:38:
6c:ff:0f:c8:4b:72:94:91:58:24:c8:18:20:24:fb:d9:24:a7:
73:6e:43:db:f7:2c:d0:ca:9c:fa:37:e8:1f:f9:17:1e:b6:4c:
91:e7:fd:51:66:3e:9a:b9:03:9d:15:b2:a6:81:47:c9:87:ad:
78:7b:c6:16:35:56:12:90:61:cd:82:84:84:a8:62:62:d2:d2:
77:bf:d9:bb:39:bb:c9:f1:a2:aa:e4:16:ae:a7:0e:57:e2:ce:
96:80:2e:05:10:19:17:02:8e:53:c5:01:93:37:3b:e1:dd:6d:
3b:9d:06:73:13:1a:06:69:e1:ac:c8:14:5a:de:e8:d8:28:c7:
51:fc:e2:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSIBzUVfAchdl3QeKP07RSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIxMTE3MjM1ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjdiMjhhN2Y0OThkYWNhMTRiODgwNzc3OWM5ZTA0MWNlZWE5YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUh5r8Ha318TCGz5bnOjZY43rmfk
d+cEgyKK3XkVuh4zV7rCVixZzrrfxwzFyaVQTkb/SQmIjhnm28d1WjZzw0C1fZP1
bDn3Day7ywV9C4fInsdbSDImTGxLaBWwVn29SNRrhd3QTWfvgIw1CGGoslr2bdcH
mNJLYwfIPCjbUtEl06Rzp2womjeSNrcv9uIS3NERWifI9WUMQ14bVdzz9p6Z5Le2
n3bQi4uCh/xjz2ZbMadwZj9HwErU4Fi/dLAZ77L1XhUtjnH4K1Nzarwj8tOQcKV7
23uF0DhwgrGc7SjNdBrm9up8Ij+hJJazqx7t3GT3QpZBCqNPx5wWdyUkuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIt7KKf0mNrKFLiAd3nJ4EHO6pqhMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvaTNzb3BfU1kyc29VdUlCM2VjbmdRYzdxbXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEm8EQAwQH
m8GAAwQDwC64AwQCwC7IMA0GCSqGSIb3DQEBCwUAA4IBAQBiDOVP/wAw4HJT+oUQ
CPsVs9T3EgvOYMCPrmGf+bav2F0ydL0Zk6sgDTEpoLle3Fqe59CQjjpqSdXx7Nd3
Gi8wzFlZd/lnTDPLDfxjINNACb62I80UIs/FP1tqp2FaDX+hBC+Wzudf5jpmfvzA
ndGWN0Y1gqQXZlX8NCJ/4Dhs/w/IS3KUkVgkyBggJPvZJKdzbkPb9yzQypz6N+gf
+RcetkyR5/1RZj6auQOdFbKmgUfJh614e8YWNVYSkGHNgoSEqGJi0tJ3v9m7ObvJ
8aKq5Baupw5X4s6WgC4FEBkXAo5TxQGTNzvh3W07nQZzExoGaeGsyBRa3ujYKMdR
/OLO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org