Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/roNntrP1g2pHaeNSRcNSaJjlNlU.roa
File: roNntrP1g2pHaeNSRcNSaJjlNlU.roa (raw, json)
Hash identifier: 3dI4Melu7LIc8RThWqpWbqV+AbO/6ecyO+57BKDYCQ0=
Subject key identifier: AE:83:67:B6:B3:F5:83:6A:47:69:E3:52:45:C3:52:68:98:E5:36:55
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01890CF65591F5DEF02356CE08D3C341DEAD
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/roNntrP1g2pHaeNSRcNSaJjlNlU.roa
Signing time: Fri 30 Jun 2023 15:40:17 +0000
ROA not before: Fri 30 Jun 2023 15:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28920
IP address blocks: 155.193.14.0/24 maxlen: 24
158.120.72.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:f6:55:91:f5:de:f0:23:56:ce:08:d3:c3:41:de:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jun 30 15:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae8367b6b3f5836a4769e35245c3526898e53655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:95:f0:51:c1:3f:ef:de:11:8a:31:2c:f5:
77:0b:fc:24:2a:c8:02:b4:1a:e3:f0:15:4f:88:e8:
e9:6e:0f:4f:25:57:63:d3:e7:0a:21:c3:f9:0d:ae:
45:bc:3d:37:ec:22:e9:eb:64:33:93:a7:fb:74:08:
45:62:51:40:ba:e4:8e:b4:4e:e6:5e:4b:e6:e5:91:
fb:9b:75:17:c4:a7:a8:b9:36:d0:84:42:0c:54:dd:
79:ce:90:27:15:da:b8:2b:9b:d8:b4:88:ea:cf:2b:
6d:37:72:fc:24:c5:fb:61:72:02:05:f7:6a:80:8d:
bb:7f:4a:31:0b:7d:af:d3:0a:54:ef:50:a2:71:94:
68:2f:4f:91:3f:af:21:3f:49:71:a0:99:d1:c8:85:
5f:af:b0:d9:25:e2:c5:c4:28:40:79:63:f0:04:10:
09:8b:e0:5f:af:77:ea:ca:d9:23:4f:47:a2:74:6a:
90:8e:b6:1e:dd:80:c6:a1:af:21:8c:b0:3d:aa:4b:
ed:d7:8d:ea:2f:35:b8:df:33:0b:33:f5:2d:c2:cc:
0d:ab:e2:56:2e:71:aa:79:b7:2f:70:ac:2d:73:b1:
ab:7d:4e:41:9a:fb:dc:84:0a:e7:a8:ef:0e:f2:01:
34:09:fa:3e:89:b9:c5:29:6d:14:3b:ef:0a:c6:23:
e1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:83:67:B6:B3:F5:83:6A:47:69:E3:52:45:C3:52:68:98:E5:36:55
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/roNntrP1g2pHaeNSRcNSaJjlNlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.14.0/24
158.120.72.0/23
Signature Algorithm: sha256WithRSAEncryption
07:19:fe:73:20:41:02:ed:92:31:db:1c:1c:67:05:4b:ed:7a:
7b:1a:06:16:1b:db:4a:87:ca:82:44:b2:51:b1:a3:7a:8a:6c:
48:72:c7:cb:09:de:d4:2a:24:11:fc:79:ea:93:b5:d2:66:d3:
c0:d0:61:27:71:74:9f:8d:79:cb:60:cf:f1:3a:d2:e3:05:6b:
74:bd:32:8e:10:03:c4:29:ca:18:c7:c1:d5:6b:84:9b:c5:97:
84:d4:07:9e:8b:99:bf:11:a9:73:b0:83:8d:e2:39:e5:14:37:
65:9b:c9:92:31:ff:19:e4:2f:be:64:67:6a:1b:40:bb:68:77:
ac:87:08:cf:2d:fa:d3:0b:16:cf:bc:ad:65:27:2b:d0:de:45:
c7:a4:23:a0:f7:2f:70:16:e2:be:5b:e4:4f:70:c4:bb:68:db:
a6:36:de:8e:a6:85:ff:69:bc:49:2b:39:88:c0:ba:4a:61:8d:
9b:aa:70:06:81:ce:f0:00:ec:f4:7e:a3:aa:e4:7c:cb:9e:5e:
60:dc:fa:11:5d:76:47:9a:5e:65:ae:a8:27:f8:6c:24:70:f2:
30:47:13:67:3e:9a:06:24:ad:1a:6f:c4:3d:e4:9b:2c:3f:ff:
f1:07:df:cf:c3:1c:35:f2:e8:f1:fe:7e:29:9f:75:20:ba:35:
6b:77:36:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkM9lWR9d7wI1bOCNPDQd6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwNjMwMTU0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTgzNjdiNmIzZjU4MzZhNDc2OWUzNTI0NWMzNTI2ODk4ZTUzNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPOV8FHBP+/eEYoxLPV3C/wkKsgC
tBrj8BVPiOjpbg9PJVdj0+cKIcP5Da5FvD037CLp62Qzk6f7dAhFYlFAuuSOtE7m
Xkvm5ZH7m3UXxKeouTbQhEIMVN15zpAnFdq4K5vYtIjqzyttN3L8JMX7YXICBfdq
gI27f0oxC32v0wpU71CicZRoL0+RP68hP0lxoJnRyIVfr7DZJeLFxChAeWPwBBAJ
i+Bfr3fqytkjT0eidGqQjrYe3YDGoa8hjLA9qkvt143qLzW43zMLM/UtwswNq+JW
LnGqebcvcKwtc7GrfU5BmvvchArnqO8O8gE0Cfo+ibnFKW0UO+8KxiPhmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK6DZ7az9YNqR2njUkXDUmiY5TZVMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvcm9ObnRyUDFnMnBIYWVOU1JjTlNhSmpsTmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAm8EOAwQB
nnhIMA0GCSqGSIb3DQEBCwUAA4IBAQAHGf5zIEEC7ZIx2xwcZwVL7Xp7GgYWG9tK
h8qCRLJRsaN6imxIcsfLCd7UKiQR/Hnqk7XSZtPA0GEncXSfjXnLYM/xOtLjBWt0
vTKOEAPEKcoYx8HVa4SbxZeE1Aeei5m/EalzsION4jnlFDdlm8mSMf8Z5C++ZGdq
G0C7aHeshwjPLfrTCxbPvK1lJyvQ3kXHpCOg9y9wFuK+W+RPcMS7aNumNt6OpoX/
abxJKzmIwLpKYY2bqnAGgc7wAOz0fqOq5HzLnl5g3PoRXXZHml5lrqgn+GwkcPIw
RxNnPpoGJK0ab8Q95JssP//xB9/Pwxw18ujx/n4pn3UgujVrdzY+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org