Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/iESB267Xo2UZ9bAw-sOkKhrF4vU.roa
File: iESB267Xo2UZ9bAw-sOkKhrF4vU.roa (raw, json)
Hash identifier: D5XJJ8wEOCeZk+fqhaAbqEKXhY61ks0+PcWsyZrv+T4=
Subject key identifier: 88:44:81:DB:AE:D7:A3:65:19:F5:B0:30:FA:C3:A4:2A:1A:C5:E2:F5
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01864C4BF36C8AA8797EEDDB80684B832AC6
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/iESB267Xo2UZ9bAw-sOkKhrF4vU.roa
Signing time: Mon 13 Feb 2023 19:41:31 +0000
ROA not before: Mon 13 Feb 2023 19:41:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 155.193.32.0/19 maxlen: 19
192.6.64.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
155.193.163.0/24 maxlen: 24
155.193.161.0/24 maxlen: 24
155.193.162.0/24 maxlen: 24
155.193.160.0/24 maxlen: 24
155.193.229.0/24 maxlen: 24
192.6.252.0/22 maxlen: 22
166.108.20.0/24 maxlen: 24
166.108.24.0/24 maxlen: 24
166.108.23.0/24 maxlen: 24
166.108.21.0/24 maxlen: 24
166.108.22.0/24 maxlen: 24
155.193.250.0/24 maxlen: 24
155.193.251.0/24 maxlen: 24
155.193.248.0/24 maxlen: 24
155.193.249.0/24 maxlen: 24
166.108.26.0/24 maxlen: 24
166.108.27.0/24 maxlen: 24
166.108.25.0/24 maxlen: 24
192.25.232.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:4b:f3:6c:8a:a8:79:7e:ed:db:80:68:4b:83:2a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Feb 13 19:41:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884481dbaed7a36519f5b030fac3a42a1ac5e2f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:6e:10:bd:2c:b4:91:de:f2:5b:75:fc:15:
62:14:1d:89:03:c9:c6:72:48:56:31:7f:88:f9:33:
a0:40:22:b9:d3:74:b0:c8:5e:8c:05:f4:e8:95:b3:
87:a3:95:67:c7:4a:17:f6:9c:1c:45:37:9e:a2:35:
bd:3d:ba:54:2c:c1:13:28:f8:1c:cb:d8:d8:b0:54:
a0:5e:59:1c:af:53:f3:c3:71:27:3e:ad:f4:74:de:
1a:d1:3a:f1:a7:f3:5d:42:a1:ef:72:3b:5d:23:de:
f4:c6:fe:35:e8:78:c0:1c:f1:ef:8a:af:ab:a4:34:
48:c9:c9:56:81:de:7e:23:9c:d4:42:5d:e3:c2:e6:
90:5d:05:85:d0:3b:71:cb:3b:70:b0:48:4f:cd:34:
f2:11:bc:8b:c5:e0:de:10:98:bc:38:1e:f1:48:82:
16:8b:99:ab:a1:0b:a5:95:c5:fa:a8:49:30:97:45:
45:bc:40:e0:5f:53:17:3a:74:2c:f1:19:99:f4:df:
96:7c:63:35:07:36:45:02:21:15:6d:e9:5f:f8:b5:
80:61:de:cf:82:2d:18:56:7c:aa:67:fb:7e:a9:08:
28:80:3c:53:7f:21:56:93:57:50:ec:d4:eb:1e:1c:
02:71:91:d5:80:6d:f6:fc:98:44:82:46:07:a0:b6:
98:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:44:81:DB:AE:D7:A3:65:19:F5:B0:30:FA:C3:A4:2A:1A:C5:E2:F5
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/iESB267Xo2UZ9bAw-sOkKhrF4vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.32.0/19
155.193.160.0/22
155.193.229.0/24
155.193.248.0/22
166.108.20.0-166.108.27.255
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
54:cd:3c:5a:ac:fc:f9:95:36:2c:4f:15:4f:89:52:ee:1f:2f:
15:e0:d6:57:af:3f:7c:ca:38:4a:2f:7b:03:a6:e4:c6:f3:b3:
6d:38:74:0d:07:1f:cf:bb:39:3f:19:4c:a1:ad:4c:54:65:d9:
b6:97:db:10:3b:0c:be:5f:92:51:e1:d5:c0:39:49:d4:db:7f:
7a:1f:a6:7f:e2:fe:7d:e3:a4:4c:49:b7:28:09:97:0c:0b:4a:
9c:4c:be:c0:ee:95:9e:f1:3e:20:a4:8c:95:53:58:0b:92:02:
30:e9:15:e9:49:d0:9b:9c:99:89:27:b9:c8:a1:f3:6e:24:46:
83:79:a8:1d:54:ae:66:57:17:9d:5a:7b:e3:8e:54:00:c4:5f:
66:2e:7d:01:cd:57:6e:03:ce:d9:fc:de:f0:cd:88:5f:dc:e6:
1d:21:c5:bf:43:b5:9b:4a:ac:27:f1:5e:48:ff:60:5c:9e:1a:
49:50:a8:7b:5a:93:27:3d:0e:7f:62:0e:2b:64:ef:0a:17:1c:
2e:a7:db:32:81:e4:f9:72:5e:33:1f:88:e2:20:97:f9:37:82:
2d:d3:b4:c5:66:96:35:a3:09:9b:86:2c:4a:69:b3:0a:ff:f4:
85:c7:23:6b:8c:60:c4:81:d5:4a:41:e9:4f:6f:b7:e6:70:0f:
93:7d:e1:0d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYZMS/Nsiqh5fu3bgGhLgyrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwMjEzMTk0MTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ0ODFkYmFlZDdhMzY1MTlmNWIwMzBmYWMzYTQyYTFhYzVlMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRVuEL0stJHe8lt1/BViFB2JA8nG
ckhWMX+I+TOgQCK503SwyF6MBfTolbOHo5Vnx0oX9pwcRTeeojW9PbpULMETKPgc
y9jYsFSgXlkcr1Pzw3EnPq30dN4a0Trxp/NdQqHvcjtdI970xv416HjAHPHviq+r
pDRIyclWgd5+I5zUQl3jwuaQXQWF0DtxyztwsEhPzTTyEbyLxeDeEJi8OB7xSIIW
i5mroQullcX6qEkwl0VFvEDgX1MXOnQs8RmZ9N+WfGM1BzZFAiEVbelf+LWAYd7P
gi0YVnyqZ/t+qQgogDxTfyFWk1dQ7NTrHhwCcZHVgG32/JhEgkYHoLaY8wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFIhEgduu16NlGfWwMPrDpCoaxeL1MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvaUVTQjI2N1hvMlVaOWJBdy1zT2tLaHJGNHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQFm8EgAwQC
m8GgAwQAm8HlAwQCm8H4MAwDBAKmbBQDBAKmbBgDBALABkADBALABqwDBALABvwD
BALAGbQDBALAGcgDBALAGdADBALAGegDBALAGfQDBALAiRgwDQYJKoZIhvcNAQEL
BQADggEBAFTNPFqs/PmVNixPFU+JUu4fLxXg1levP3zKOEovewOm5Mbzs204dA0H
H8+7OT8ZTKGtTFRl2baX2xA7DL5fklHh1cA5SdTbf3ofpn/i/n3jpExJtygJlwwL
SpxMvsDulZ7xPiCkjJVTWAuSAjDpFelJ0JucmYknucih824kRoN5qB1UrmZXF51a
e+OOVADEX2YufQHNV24Dztn83vDNiF/c5h0hxb9DtZtKrCfxXkj/YFyeGklQqHta
kyc9Dn9iDitk7woXHC6n2zKB5PlyXjMfiOIgl/k3gi3TtMVmljWjCZuGLEppswr/
9IXHI2uMYMSB1UpB6U9vt+ZwD5N94Q0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org