Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHoWbF-VlONk38XadpZyH1hsvV0.roa
File: zHoWbF-VlONk38XadpZyH1hsvV0.roa (raw, json)
Hash identifier: 7G09rcdYcpBukV+frPYTRuedwSP7lu1Ic9VXvhXICKk=
Subject key identifier: CC:7A:16:6C:5F:95:94:E3:64:DF:C5:DA:76:96:72:1F:58:6C:BD:5D
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 03CFC1EB
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHoWbF-VlONk38XadpZyH1hsvV0.roa
Signing time: Sat 01 Jan 2022 08:04:26 +0000
ROA not before: Sat 01 Jan 2022 08:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29066
IP address blocks: 155.193.0.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63947243 (0x3cfc1eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 1 08:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc7a166c5f9594e364dfc5da7696721f586cbd5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6b:c6:52:b0:68:c2:da:ec:ad:4e:41:46:03:
b7:56:63:0b:7b:fd:c8:d5:ff:bd:a0:47:4f:10:3c:
69:7b:b0:b5:dd:29:39:9e:2b:25:75:43:bf:60:6b:
b8:19:0b:50:72:63:a6:b0:ca:d8:7a:d4:03:5a:06:
10:32:0a:71:11:2d:3b:72:7d:9f:c3:8c:53:12:28:
87:de:3d:79:d5:17:f8:d3:ac:1a:e6:63:70:99:b5:
62:d0:86:3b:a2:2d:e2:ee:2b:d1:a8:f2:ff:2f:97:
ee:cb:ea:a9:49:8b:95:e3:c8:d4:4e:fe:64:2c:73:
8d:b0:c9:b2:0a:d5:1c:ed:e2:0c:67:93:89:92:29:
22:65:a7:f8:f2:fa:e9:ef:fa:1e:6f:59:d9:8a:2c:
94:ee:17:59:4c:dd:14:60:f3:cb:c0:4c:90:a0:f5:
c4:fd:90:d1:80:4c:13:11:1c:55:06:ff:37:66:de:
f6:85:f6:6d:c5:16:a0:0f:06:fc:00:59:d8:38:3a:
bc:40:73:43:49:c7:f9:91:31:ef:42:52:4d:62:b0:
48:2c:f7:cc:c1:08:28:7b:25:ab:2e:e1:8d:f6:37:
19:88:47:eb:25:38:1f:e5:ac:c4:7f:77:07:7c:fd:
e0:29:9d:de:61:6b:c5:e0:8c:47:a5:15:56:50:ef:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7A:16:6C:5F:95:94:E3:64:DF:C5:DA:76:96:72:1F:58:6C:BD:5D
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zHoWbF-VlONk38XadpZyH1hsvV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.0.0/23
Signature Algorithm: sha256WithRSAEncryption
73:8e:ff:a3:cd:de:b1:d1:41:f0:83:13:e7:9a:5e:2b:81:50:
97:fb:e0:60:b6:c0:d6:ff:12:e7:4b:e9:bb:93:c5:6a:51:0c:
42:a9:bd:53:82:8e:8f:9d:ac:94:de:6b:eb:68:d7:62:12:32:
00:fe:ca:87:d7:e9:af:0e:f5:6e:d2:e9:d2:db:41:e0:df:af:
77:c6:f5:9c:56:98:c6:d5:2d:78:17:c3:bc:87:6a:2e:ec:e4:
d3:c8:83:88:b4:aa:71:1f:66:c0:db:61:28:43:09:e9:3d:7a:
a8:b5:75:c7:2d:51:7a:33:46:ba:37:2d:c2:9e:13:89:60:e4:
b3:c5:e4:b5:bc:04:22:41:0b:8a:32:e6:c9:b7:1a:e9:78:14:
6e:1b:87:46:67:3d:ff:04:4b:7d:1a:6d:dc:ae:3d:d7:69:83:
21:08:e2:40:c7:b4:08:f5:e7:65:13:92:cd:e2:09:e7:95:f8:
07:1a:a1:b0:16:b9:5b:0c:f0:2e:1f:a3:c5:f5:3d:73:23:06:
cc:f1:29:c4:84:b4:fc:13:67:af:da:cf:c6:84:57:05:ad:f3:
3f:8c:95:34:77:0c:41:95:93:40:ae:fb:e8:89:72:7c:f0:d9:
b0:ea:94:b3:25:38:bf:62:c9:b7:12:76:3f:cd:22:b4:ad:14:
14:5e:8a:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8/B6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDNlNDQ3ZWRiOGE1ZTBlMWIxZDdmNWNkYzI4N2MzNjRhNWZiMGI1MB4XDTIyMDEw
MTA4MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M3YTE2NmM1Zjk1
OTRlMzY0ZGZjNWRhNzY5NjcyMWY1ODZjYmQ1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBrxlKwaMLa7K1OQUYDt1ZjC3v9yNX/vaBHTxA8aXuwtd0p
OZ4rJXVDv2BruBkLUHJjprDK2HrUA1oGEDIKcREtO3J9n8OMUxIoh949edUX+NOs
GuZjcJm1YtCGO6It4u4r0ajy/y+X7svqqUmLlePI1E7+ZCxzjbDJsgrVHO3iDGeT
iZIpImWn+PL66e/6Hm9Z2YoslO4XWUzdFGDzy8BMkKD1xP2Q0YBMExEcVQb/N2be
9oX2bcUWoA8G/ABZ2Dg6vEBzQ0nH+ZEx70JSTWKwSCz3zMEIKHslqy7hjfY3GYhH
6yU4H+WsxH93B3z94Cmd3mFrxeCMR6UVVlDvb8sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMehZsX5WU42Tfxdp2lnIfWGy9XTAfBgNVHSMEGDAWgBR0PkR+24peDhsd
f1zcKHw2Sl+wtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RENUVmdHVLWGc0YkhYOWMzQ2g4TmtwZnNMVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvYTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8x
L3pIb1diRi1WbE9OazM4WGFkcFp5SDFoc3ZWMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
YTFhZTcwLTc5OTYtNDY4Ny1hMGQ3LTVlMGY0YWI4MDliYi8xL2RENUVmdHVLWGc0
YkhYOWMzQ2g4TmtwZnNMVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZvBADANBgkqhkiG9w0BAQsFAAOC
AQEAc47/o83esdFB8IMT55peK4FQl/vgYLbA1v8S50vpu5PFalEMQqm9U4KOj52s
lN5r62jXYhIyAP7Kh9fprw71btLp0ttB4N+vd8b1nFaYxtUteBfDvIdqLuzk08iD
iLSqcR9mwNthKEMJ6T16qLV1xy1RejNGujctwp4TiWDks8XktbwEIkELijLmybca
6XgUbhuHRmc9/wRLfRpt3K4912mDIQjiQMe0CPXnZROSzeIJ55X4BxqhsBa5Wwzw
Lh+jxfU9cyMGzPEpxIS0/BNnr9rPxoRXBa3zP4yVNHcMQZWTQK776IlyfPDZsOqU
syU4v2LJtxJ2P80itK0UFF6KHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org