Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHQmKYFp-GKj3hxtb5iVpWTTZ5U.roa
File: zHQmKYFp-GKj3hxtb5iVpWTTZ5U.roa (raw, json)
Hash identifier: hl+kBFsgj2Uj/ZJwqzYU75grwReTWY5fpmWBoTbBH30=
Subject key identifier: CC:74:26:29:81:69:F8:62:A3:DE:1C:6D:6F:98:95:A5:64:D3:67:95
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018964F72BDEDC8764FB14A4E7C506E79A48
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHQmKYFp-GKj3hxtb5iVpWTTZ5U.roa
Signing time: Mon 17 Jul 2023 17:47:47 +0000
ROA not before: Mon 17 Jul 2023 17:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 155.193.16.0/20 maxlen: 20
155.193.56.0/21 maxlen: 21
192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
198.151.95.0/24 maxlen: 24
198.151.93.0/24 maxlen: 24
155.193.128.0/17 maxlen: 17
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
198.151.71.0/24 maxlen: 24
198.151.67.0/24 maxlen: 24
198.151.65.0/24 maxlen: 24
198.151.69.0/24 maxlen: 24
198.151.73.0/24 maxlen: 24
198.151.77.0/24 maxlen: 24
198.151.75.0/24 maxlen: 24
198.151.81.0/24 maxlen: 24
198.151.79.0/24 maxlen: 24
198.151.83.0/24 maxlen: 24
198.151.85.0/24 maxlen: 24
198.151.87.0/24 maxlen: 24
198.151.91.0/24 maxlen: 24
198.151.89.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:f7:2b:de:dc:87:64:fb:14:a4:e7:c5:06:e7:9a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jul 17 17:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc7426298169f862a3de1c6d6f9895a564d36795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:f1:d1:15:35:f0:40:2a:17:5f:e1:9a:90:
90:3f:6c:27:67:f1:04:be:85:7d:0e:9b:66:aa:1e:
63:e6:19:db:3d:7d:02:d3:83:6b:48:14:66:2b:ab:
f6:38:0d:53:51:aa:b4:6f:26:d6:7c:89:67:e7:45:
28:57:11:07:d8:cc:f7:22:08:dd:bf:dd:c6:b8:e9:
e3:db:08:09:da:e7:2f:a1:2b:29:57:8e:a4:57:95:
d1:b4:d6:ed:6b:db:3e:8f:b3:96:06:30:b0:d9:df:
60:b9:46:e9:57:33:5a:2c:33:30:97:01:4b:11:19:
cc:2e:be:fb:55:64:33:44:7b:e3:fe:72:82:ef:ab:
c3:fb:7d:b0:4f:c6:cb:e2:32:0f:a7:dc:ea:e0:8a:
72:99:ec:8a:30:dd:bb:7d:79:22:05:4c:b0:0c:fd:
25:30:2a:1c:2d:94:ba:eb:ec:f8:df:b9:50:34:36:
0f:f0:bb:6a:e8:39:11:9f:b9:2d:6d:06:3a:e2:32:
f9:2e:b6:1f:5f:6a:9b:63:35:f4:ff:83:17:b3:7c:
a1:b6:49:c1:de:97:2c:fb:e9:5f:12:04:75:5c:28:
e3:01:82:d2:e2:e0:6c:e8:5b:6e:58:ce:4e:30:14:
7d:eb:24:00:57:81:23:df:79:3d:b8:e3:33:28:13:
41:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:74:26:29:81:69:F8:62:A3:DE:1C:6D:6F:98:95:A5:64:D3:67:95
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHQmKYFp-GKj3hxtb5iVpWTTZ5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.16.0/20
155.193.56.0/21
155.193.128.0/17
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
198.151.65.0/24
198.151.67.0/24
198.151.69.0/24
198.151.71.0/24
198.151.73.0/24
198.151.75.0/24
198.151.77.0/24
198.151.79.0/24
198.151.81.0/24
198.151.83.0/24
198.151.85.0/24
198.151.87.0/24
198.151.89.0/24
198.151.91.0/24
198.151.93.0/24
198.151.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:bc:d2:f3:3c:58:57:f7:38:ee:21:20:78:76:c9:db:35:3c:
44:3c:a8:de:42:26:89:4b:09:85:f5:be:3e:16:11:7d:9b:37:
37:5f:5f:df:eb:09:e8:c8:0a:59:2c:b2:f6:aa:34:48:40:6f:
88:70:7e:22:b9:c2:dd:08:c9:24:3f:27:5d:a0:18:10:a0:0b:
52:cb:0a:0b:65:22:c3:f5:3e:48:3b:a3:b8:f7:5f:4b:d4:05:
4e:e0:50:f2:97:b8:cd:6e:3b:21:d0:29:64:a1:87:fa:d3:49:
41:e1:cb:02:2d:e9:06:de:5e:ec:3e:97:cb:56:de:b0:f5:24:
c9:25:20:e2:1a:36:68:06:1e:1a:6c:2c:9e:8e:5e:de:81:42:
27:01:48:c1:80:e1:2c:ce:8f:64:fc:9a:38:4f:2c:51:fd:d9:
51:fa:04:c5:86:c1:db:05:02:d2:55:88:12:39:4a:b2:86:96:
66:f3:6d:c9:88:ab:49:ca:9c:7b:ad:78:68:01:4d:9f:3e:89:
14:f7:48:3d:c5:59:4e:b7:3a:44:ab:e2:9a:ac:d9:b7:28:64:
8c:6e:41:29:54:8e:25:09:5c:8d:55:11:8c:c5:d7:37:6a:f1:
46:5f:bb:64:41:67:df:43:87:56:b3:c0:2b:ef:f3:f6:6d:e3:
33:f1:a4:3d
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYlk9yve3Idk+xSk58UG55pIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjMwNzE3MTc0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc0MjYyOTgxNjlmODYyYTNkZTFjNmQ2Zjk4OTVhNTY0ZDM2Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbPx0RU18EAqF1/hmpCQP2wnZ/EE
voV9Dptmqh5j5hnbPX0C04NrSBRmK6v2OA1TUaq0bybWfIln50UoVxEH2Mz3Igjd
v93GuOnj2wgJ2ucvoSspV46kV5XRtNbta9s+j7OWBjCw2d9guUbpVzNaLDMwlwFL
ERnMLr77VWQzRHvj/nKC76vD+32wT8bL4jIPp9zq4IpymeyKMN27fXkiBUywDP0l
MCocLZS66+z437lQNDYP8Ltq6DkRn7ktbQY64jL5LrYfX2qbYzX0/4MXs3yhtknB
3pcs++lfEgR1XCjjAYLS4uBs6FtuWM5OMBR96yQAV4Ej33k9uOMzKBNBPwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFMx0JimBafhio94cbW+YlaVk02eVMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvekhRbUtZRnAtR0tqM2h4dGI1aVZwV1RUWjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBASb
wRADBAObwTgDBAebwYADBACeeDEDBACeeDMDBACeeDUDBACeeDcDBACeeDkDBACe
eDsDBACeeD0DBACeeD8DBAPALrgDBALALsgDBADGl0EDBADGl0MDBADGl0UDBADG
l0cDBADGl0kDBADGl0sDBADGl00DBADGl08DBADGl1EDBADGl1MDBADGl1UDBADG
l1cDBADGl1kDBADGl1sDBADGl10DBADGl18wDQYJKoZIhvcNAQELBQADggEBAE68
0vM8WFf3OO4hIHh2yds1PEQ8qN5CJolLCYX1vj4WEX2bNzdfX9/rCejIClkssvaq
NEhAb4hwfiK5wt0IySQ/J12gGBCgC1LLCgtlIsP1Pkg7o7j3X0vUBU7gUPKXuM1u
OyHQKWShh/rTSUHhywIt6QbeXuw+l8tW3rD1JMklIOIaNmgGHhpsLJ6OXt6BQicB
SMGA4SzOj2T8mjhPLFH92VH6BMWGwdsFAtJViBI5SrKGlmbzbcmIq0nKnHuteGgB
TZ8+iRT3SD3FWU63OkSr4pqs2bcoZIxuQSlUjiUJXI1VEYzF1zdq8UZfu2RBZ99D
h1azwCvv8/Zt4zPxpD0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:17 2024 by rpki-client on console-ams.rpki-client.org