Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kACMNEhNPS8zaTzQ0bto7-X6CeE.roa
File: kACMNEhNPS8zaTzQ0bto7-X6CeE.roa (raw, json)
Hash identifier: TBWB2mZZnXM6euXykIVTSguQh8Rh7i1StfFbDClFjbE=
Subject key identifier: 90:00:8C:34:48:4D:3D:2F:33:69:3C:D0:D1:BB:68:EF:E5:FA:09:E1
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0186DDEF585D338B18BE6CA98515A166BDCF
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kACMNEhNPS8zaTzQ0bto7-X6CeE.roa
Signing time: Tue 14 Mar 2023 02:24:55 +0000
ROA not before: Tue 14 Mar 2023 02:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 155.193.80.0/22 maxlen: 22
155.193.1.0/24 maxlen: 24
155.193.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dd:ef:58:5d:33:8b:18:be:6c:a9:85:15:a1:66:bd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Mar 14 02:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90008c34484d3d2f33693cd0d1bb68efe5fa09e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:cb:0a:b4:8e:de:f1:10:ee:79:44:c1:4f:
2e:c1:13:28:c4:8d:a6:b7:f1:54:9d:59:1a:e8:88:
7c:df:91:2b:dc:34:d6:13:ef:e9:a4:dd:0e:d2:11:
c5:cf:dc:45:d9:fe:21:61:c7:bd:cf:6e:ba:a4:c6:
cd:c5:9d:75:4d:ee:d7:6b:4d:02:b0:b9:36:c6:1a:
a9:6c:e7:f1:25:6d:88:69:17:32:f6:79:7d:98:96:
16:37:a2:14:77:b5:92:29:83:03:f7:92:fe:2f:0b:
9e:ce:46:c8:b9:73:30:53:ca:a8:5d:d6:7f:be:cf:
04:e8:87:af:10:f3:33:89:50:69:39:fd:6f:d5:fd:
27:bc:52:4f:91:50:52:88:eb:54:24:76:6f:6b:92:
83:c9:05:70:25:1f:95:19:ae:5f:db:e9:b3:62:48:
c7:6e:7a:f7:b1:d8:78:ca:05:9d:9a:91:de:de:01:
59:45:f3:72:7e:d6:dd:7a:b0:cc:88:50:53:e2:21:
67:3d:1a:0b:2f:28:f9:10:5a:85:70:d2:5f:56:a2:
c1:51:85:a0:42:97:61:be:a1:d6:7a:d0:37:d4:a4:
bc:ba:f7:16:24:83:c4:8b:0f:f3:bb:0e:27:f1:86:
24:d9:ee:3d:7d:75:14:c1:2e:4a:d1:10:33:d6:ac:
49:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:00:8C:34:48:4D:3D:2F:33:69:3C:D0:D1:BB:68:EF:E5:FA:09:E1
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kACMNEhNPS8zaTzQ0bto7-X6CeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.1.0/24
155.193.8.0/22
155.193.80.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:b5:c2:2f:59:5e:2b:21:12:f9:a0:e1:62:b9:13:32:ea:d4:
3e:b9:81:95:c7:c2:a3:85:b0:78:a4:c9:44:30:84:2f:0e:2f:
bc:13:37:02:4e:c9:20:4b:2f:d1:5d:b7:c7:5f:77:e9:23:5f:
a6:2b:89:b3:84:d8:65:ac:d0:ab:e7:97:79:c4:62:5a:5c:24:
26:58:a0:ad:e5:06:e1:a4:74:dc:83:63:89:34:ac:49:88:e2:
a7:47:d6:55:14:35:d3:da:be:fe:a2:9d:72:71:73:cf:76:63:
84:3a:ab:40:01:c9:e8:87:c9:5d:db:8c:2e:c0:97:af:5c:b6:
88:26:be:a2:36:e7:5b:59:1d:97:12:57:ab:60:39:51:9c:0a:
b3:5c:9d:3f:8b:00:60:b8:f0:a1:62:e5:54:b7:9e:ed:6b:18:
63:66:01:d5:4d:53:c9:8c:6b:74:04:20:eb:48:be:7c:3e:08:
ce:a0:87:35:a5:05:eb:b8:ba:5f:7f:ec:42:8a:e9:5e:00:d6:
87:d3:93:f8:d9:4d:33:1c:a1:30:ad:d0:3e:8a:37:2c:01:e1:
3b:0e:5a:d2:26:8e:09:12:98:58:64:89:04:5b:07:d4:9c:48:
7e:9d:2d:46:c3:9a:fd:bd:00:38:15:f9:ee:59:43:f5:6c:a5:
50:f5:4b:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbd71hdM4sYvmyphRWhZr3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwMzE0MDIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDAwOGMzNDQ4NGQzZDJmMzM2OTNjZDBkMWJiNjhlZmU1ZmEwOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrDLCrSO3vEQ7nlEwU8uwRMoxI2m
t/FUnVka6Ih835Er3DTWE+/ppN0O0hHFz9xF2f4hYce9z266pMbNxZ11Te7Xa00C
sLk2xhqpbOfxJW2IaRcy9nl9mJYWN6IUd7WSKYMD95L+LwuezkbIuXMwU8qoXdZ/
vs8E6IevEPMziVBpOf1v1f0nvFJPkVBSiOtUJHZva5KDyQVwJR+VGa5f2+mzYkjH
bnr3sdh4ygWdmpHe3gFZRfNyftbderDMiFBT4iFnPRoLLyj5EFqFcNJfVqLBUYWg
QpdhvqHWetA31KS8uvcWJIPEiw/zuw4n8YYk2e49fXUUwS5K0RAz1qxJMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJAAjDRITT0vM2k80NG7aO/l+gnhMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEva0FDTU5FaE5QUzh6YVR6UTBidG83LVg2Q2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAm8EBAwQC
m8EIAwQCm8FQMA0GCSqGSIb3DQEBCwUAA4IBAQC5tcIvWV4rIRL5oOFiuRMy6tQ+
uYGVx8KjhbB4pMlEMIQvDi+8EzcCTskgSy/RXbfHX3fpI1+mK4mzhNhlrNCr55d5
xGJaXCQmWKCt5QbhpHTcg2OJNKxJiOKnR9ZVFDXT2r7+op1ycXPPdmOEOqtAAcno
h8ld24wuwJevXLaIJr6iNudbWR2XElerYDlRnAqzXJ0/iwBguPChYuVUt57taxhj
ZgHVTVPJjGt0BCDrSL58PgjOoIc1pQXruLpff+xCiuleANaH05P42U0zHKEwrdA+
ijcsAeE7DlrSJo4JEphYZIkEWwfUnEh+nS1Gw5r9vQA4FfnuWUP1bKVQ9Usc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org