Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/wXT_mOrykIeqI3iBWOfxvMFWUaE.roa
File: wXT_mOrykIeqI3iBWOfxvMFWUaE.roa (raw, json)
Hash identifier: 8duaFykEwtSIStTf9HFETdLdejJTfmBsECC8GfiAD9M=
Subject key identifier: C1:74:FF:98:EA:F2:90:87:AA:23:78:81:58:E7:F1:BC:C1:56:51:A1
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03CEF1C0
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/wXT_mOrykIeqI3iBWOfxvMFWUaE.roa
Signing time: Sat 01 Jan 2022 08:04:25 +0000
ROA not before: Sat 01 Jan 2022 08:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 155.193.32.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63893952 (0x3cef1c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c174ff98eaf29087aa23788158e7f1bcc15651a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:31:b4:66:ad:6f:a6:44:bb:d4:04:de:d6:
b7:1e:54:38:2e:ce:e1:7d:22:af:25:42:fa:e7:51:
1b:7e:d3:0d:b8:37:4e:a6:4d:fd:50:7e:46:2d:01:
0e:47:88:8a:0b:2f:1c:26:a6:7b:15:bf:ce:46:fc:
a0:a3:d9:10:49:96:7a:7f:2f:96:ef:fd:af:47:10:
46:b6:ca:eb:e8:e6:19:d9:fb:40:70:6b:e7:7a:41:
a7:46:dd:85:96:26:83:42:11:c2:40:f9:c4:5b:55:
b5:b4:ab:5a:7f:44:56:88:c1:9c:51:30:29:50:42:
fb:bc:0e:c2:f1:97:02:0c:a4:e0:b4:08:44:6b:7e:
3a:b6:bd:63:37:a0:02:81:d2:57:ee:58:37:b9:b3:
df:c3:fd:90:54:90:d9:34:33:66:f2:41:b7:c5:b2:
a7:04:c0:d2:2d:06:fb:2d:9c:c8:28:04:e8:1c:9a:
39:fd:e5:77:f4:82:82:29:17:c4:d1:33:e4:c3:5d:
25:2c:f0:0e:31:6a:3c:50:3b:a9:1c:58:71:e4:bf:
3e:59:b1:dd:aa:ed:e7:a2:56:1c:21:ee:13:53:51:
fc:29:ba:03:01:5c:75:c8:1c:9a:ac:f8:8e:9e:5d:
21:3f:7d:4d:a1:78:a6:f0:49:02:84:90:51:86:79:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:74:FF:98:EA:F2:90:87:AA:23:78:81:58:E7:F1:BC:C1:56:51:A1
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/wXT_mOrykIeqI3iBWOfxvMFWUaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:c4:b5:c1:29:78:0e:42:9b:d3:07:cd:2b:e8:14:78:98:d4:
19:48:a6:45:be:90:f6:3e:ca:f6:1a:12:b6:08:e3:24:eb:94:
84:cb:ed:3f:ac:01:ac:f2:3a:df:15:17:5f:54:3c:3f:d3:81:
cb:ac:22:df:db:99:c2:92:8a:64:d6:e9:9f:8b:dc:d0:59:de:
4b:9d:ac:2c:73:f7:87:29:15:a7:f7:dd:e3:da:5e:23:84:e1:
bb:1a:cf:54:ad:4f:c0:fb:a4:e7:bd:30:a0:17:43:0d:c8:cb:
1e:e7:cb:c8:ce:9b:b5:a7:04:e2:36:18:27:5c:e2:6c:69:4a:
9d:e6:6b:3c:4c:4e:43:86:46:7e:01:f2:7a:af:b6:f7:37:f3:
f8:d6:d2:6f:0d:5a:2c:dc:1f:d1:db:eb:c6:d5:d3:e5:ce:9e:
09:9a:ab:c9:5b:fa:79:9d:d6:6a:79:bd:f4:c0:7e:5b:29:09:
77:4c:e2:a5:a0:b8:5f:8a:94:8b:28:f3:92:c1:62:c9:9c:31:
81:74:c6:56:6a:1e:08:3c:3e:42:7f:33:66:f0:23:2c:be:ee:
ef:aa:ec:d3:4f:21:c2:8a:a1:be:8f:90:78:d3:42:0a:cc:44:
17:5b:dc:e8:7c:14:bf:b2:d9:e7:d3:72:7e:26:4c:bf:2a:5a:
f1:d0:b3:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA87xwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE3NGZmOThlYWYy
OTA4N2FhMjM3ODgxNThlN2YxYmNjMTU2NTFhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG0MbRmrW+mRLvUBN7Wtx5UOC7O4X0iryVC+udRG37TDbg3
TqZN/VB+Ri0BDkeIigsvHCamexW/zkb8oKPZEEmWen8vlu/9r0cQRrbK6+jmGdn7
QHBr53pBp0bdhZYmg0IRwkD5xFtVtbSrWn9EVojBnFEwKVBC+7wOwvGXAgyk4LQI
RGt+Ora9YzegAoHSV+5YN7mz38P9kFSQ2TQzZvJBt8WypwTA0i0G+y2cyCgE6Bya
Of3ld/SCgikXxNEz5MNdJSzwDjFqPFA7qRxYceS/Plmx3art56JWHCHuE1NR/Cm6
AwFcdcgcmqz4jp5dIT99TaF4pvBJAoSQUYZ5H0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTBdP+Y6vKQh6ojeIFY5/G8wVZRoTAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L3dYVF9tT3J5a0llcUkzaUJXT2Z4dk1GV1VhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBZvBIDANBgkqhkiG9w0BAQsFAAOC
AQEAS8S1wSl4DkKb0wfNK+gUeJjUGUimRb6Q9j7K9hoStgjjJOuUhMvtP6wBrPI6
3xUXX1Q8P9OBy6wi39uZwpKKZNbpn4vc0FneS52sLHP3hykVp/fd49peI4ThuxrP
VK1PwPuk570woBdDDcjLHufLyM6btacE4jYYJ1zibGlKneZrPExOQ4ZGfgHyeq+2
9zfz+NbSbw1aLNwf0dvrxtXT5c6eCZqryVv6eZ3Wanm99MB+WykJd0zipaC4X4qU
iyjzksFiyZwxgXTGVmoeCDw+Qn8zZvAjLL7u76rs008hwoqhvo+QeNNCCsxEF1vc
6HwUv7LZ59NyfiZMvypa8dCzlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org