Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qi_2zcaYl5bvJU2IhuydrhSEdEQ.roa
File: qi_2zcaYl5bvJU2IhuydrhSEdEQ.roa (raw, json)
Hash identifier: 1chiLbMt6PPsM4/eL1RfN72w/do0f4i3EdUQcdRLffk=
Subject key identifier: AA:2F:F6:CD:C6:98:97:96:EF:25:4D:88:86:EC:9D:AE:14:84:74:44
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03D06A9B
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qi_2zcaYl5bvJU2IhuydrhSEdEQ.roa
Signing time: Sat 01 Jan 2022 08:04:26 +0000
ROA not before: Sat 01 Jan 2022 08:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31715
IP address blocks: 155.193.16.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63990427 (0x3d06a9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa2ff6cdc6989796ef254d8886ec9dae14847444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4d:9e:6b:2a:46:74:a5:d6:68:8f:ea:51:e1:
07:32:8c:7c:ee:26:69:50:9e:b8:0a:de:cc:5b:15:
31:d5:96:6d:a7:0b:7f:13:13:e2:88:b8:d8:fa:96:
b6:50:e5:13:f8:2e:43:b1:4d:3b:e6:27:a6:e5:3d:
bb:57:3f:19:e4:01:ad:b0:1a:30:8e:07:ba:ae:29:
be:e0:19:2d:f6:1f:1b:6c:05:17:2a:e3:c3:eb:80:
ed:60:b8:46:6d:ee:02:1b:f0:fc:e1:31:c6:f9:1a:
db:f4:ed:dd:c7:1b:88:32:b4:88:44:82:17:37:b5:
4c:b9:e4:e6:67:4a:d8:25:d1:c2:57:95:3c:0b:4f:
6b:41:54:0b:97:b2:f1:0f:55:b9:b8:4b:28:61:7b:
b1:4b:16:eb:b7:f2:a4:32:a8:e0:6e:6f:3f:e9:13:
da:19:7b:ce:b9:19:5d:0b:81:d4:80:e8:69:d6:b9:
ae:2a:d0:0e:72:68:9a:62:94:e4:ca:39:62:8c:30:
f4:52:e2:39:39:3f:de:43:d8:53:73:c2:03:df:97:
4a:16:01:3a:34:bb:81:85:0b:ef:4e:2c:3d:21:73:
a8:6b:0b:31:25:ea:bb:17:bf:bd:21:af:00:57:f2:
04:f6:6a:26:49:29:c9:94:0d:98:0e:21:39:08:bc:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2F:F6:CD:C6:98:97:96:EF:25:4D:88:86:EC:9D:AE:14:84:74:44
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/qi_2zcaYl5bvJU2IhuydrhSEdEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.16.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:64:ce:8c:3c:d8:d2:25:72:cc:94:da:92:02:69:13:eb:a1:
9f:ac:04:0c:5a:7e:83:ca:77:ae:b2:4a:82:dc:9a:94:f0:c7:
d4:c0:ed:08:63:b4:be:67:69:cb:ae:ff:a3:4f:ce:96:17:7b:
e6:f3:6b:81:06:fb:ee:29:ae:0f:6e:aa:8e:4d:df:7f:4b:65:
6a:fa:0d:97:ca:9d:1d:4e:55:95:e4:33:a3:e4:24:50:f9:79:
2b:ae:4e:82:4c:b5:c4:cd:37:f2:8d:8e:c0:5b:76:48:36:2f:
80:f6:12:60:2b:a0:75:60:51:0e:0d:8d:59:44:c0:c8:fa:fb:
5a:73:1a:a1:87:59:97:12:09:f7:d3:bf:11:82:e2:5b:6b:19:
0b:aa:35:3e:da:db:b1:db:9b:48:69:08:df:2e:db:ec:be:74:
a9:84:d0:c2:e2:f8:f4:e3:2f:ae:b1:1c:f5:c3:47:5c:c1:ab:
db:d3:a5:c9:1c:b2:7d:ff:bd:42:8e:db:a3:73:39:72:a1:77:
6e:10:08:c5:13:c1:7c:a5:1b:57:f4:cd:69:cc:e0:72:be:0b:
66:1c:a5:f2:27:de:f8:09:3b:66:9f:cc:f0:0d:94:3a:fe:7d:
18:05:01:0d:fd:e0:16:a4:46:ef:8a:3c:71:18:a1:1e:05:31:
7d:cd:be:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9BqmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWEyZmY2Y2RjNjk4
OTc5NmVmMjU0ZDg4ODZlYzlkYWUxNDg0NzQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpNnmsqRnSl1miP6lHhBzKMfO4maVCeuArezFsVMdWWbacL
fxMT4oi42PqWtlDlE/guQ7FNO+YnpuU9u1c/GeQBrbAaMI4Huq4pvuAZLfYfG2wF
Fyrjw+uA7WC4Rm3uAhvw/OExxvka2/Tt3ccbiDK0iESCFze1TLnk5mdK2CXRwleV
PAtPa0FUC5ey8Q9VubhLKGF7sUsW67fypDKo4G5vP+kT2hl7zrkZXQuB1IDoada5
rirQDnJommKU5Mo5Yoww9FLiOTk/3kPYU3PCA9+XShYBOjS7gYUL704sPSFzqGsL
MSXquxe/vSGvAFfyBPZqJkkpyZQNmA4hOQi8p2sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSqL/bNxpiXlu8lTYiG7J2uFIR0RDAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L3FpXzJ6Y2FZbDVidkpVMklodXlkcmhTRWRFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJvBEDANBgkqhkiG9w0BAQsFAAOC
AQEAL2TOjDzY0iVyzJTakgJpE+uhn6wEDFp+g8p3rrJKgtyalPDH1MDtCGO0vmdp
y67/o0/Olhd75vNrgQb77imuD26qjk3ff0tlavoNl8qdHU5VleQzo+QkUPl5K65O
gky1xM038o2OwFt2SDYvgPYSYCugdWBRDg2NWUTAyPr7WnMaoYdZlxIJ99O/EYLi
W2sZC6o1PtrbsdubSGkI3y7b7L50qYTQwuL49OMvrrEc9cNHXMGr29OlyRyyff+9
Qo7bo3M5cqF3bhAIxRPBfKUbV/TNaczgcr4LZhyl8ife+Ak7Zp/M8A2UOv59GAUB
Df3gFqRG74o8cRihHgUxfc2+MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org