Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zolTa_te6O6uhnRU-XYDXpF0mjg.roa
File: zolTa_te6O6uhnRU-XYDXpF0mjg.roa (raw, json)
Hash identifier: l21t0sBPuxrLjca621gkTHhOoMfRZr6VU9CiIw920Cw=
Subject key identifier: CE:89:53:6B:FB:5E:E8:EE:AE:86:74:54:F9:76:03:5E:91:74:9A:38
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0184F2E98233072142C67FCB872D88955472
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zolTa_te6O6uhnRU-XYDXpF0mjg.roa
Signing time: Thu 08 Dec 2022 18:05:00 +0000
ROA not before: Thu 08 Dec 2022 18:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 155.193.16.0/20 maxlen: 20
155.193.128.0/17 maxlen: 17
192.46.184.0/22 maxlen: 22
192.46.184.0/21 maxlen: 21
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:e9:82:33:07:21:42:c6:7f:cb:87:2d:88:95:54:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Dec 8 18:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce89536bfb5ee8eeae867454f976035e91749a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:47:fb:a8:58:56:fb:6f:2c:0a:83:c2:66:4b:
ac:5f:91:fa:ec:05:45:f4:72:74:e3:36:b7:24:60:
b6:cd:b4:cb:54:54:b6:69:92:ed:59:29:06:32:59:
30:ea:83:0d:bd:19:9c:54:89:57:c3:6f:7c:55:61:
3f:c6:a3:85:fe:c5:3d:43:31:91:6c:45:2f:80:bd:
0a:bb:0b:47:88:47:87:9d:90:cd:2c:8c:98:2a:48:
ef:fe:22:f9:02:d2:99:5c:a3:53:37:9e:4d:4b:78:
79:28:30:e6:f6:8f:b7:c2:0e:6b:b3:f0:8f:58:9c:
8c:1c:bf:6f:8b:34:fa:74:8f:ca:77:36:84:56:84:
b5:04:66:ec:0c:f1:28:4b:6f:0b:79:1a:4a:d3:d8:
4e:ce:33:2d:be:af:79:85:eb:fb:05:f9:a2:90:fa:
96:6b:ce:10:e9:6f:ff:bb:29:c8:88:54:fc:21:cb:
86:4f:4c:05:73:ee:6e:89:4a:00:92:76:29:8b:3d:
44:7b:0d:d7:b0:1c:4f:b6:d0:28:c8:65:45:a8:fa:
fb:4f:8d:73:d3:21:d9:3d:25:28:17:80:1e:0a:fc:
09:ae:b4:f4:73:81:f2:7f:cf:ac:ba:05:f0:15:27:
16:4b:a3:fd:4c:45:64:8f:7d:3c:7e:6b:1a:00:6d:
a9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:89:53:6B:FB:5E:E8:EE:AE:86:74:54:F9:76:03:5E:91:74:9A:38
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/zolTa_te6O6uhnRU-XYDXpF0mjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.193.16.0/20
155.193.128.0/17
192.46.184.0/21
192.46.200.0/22
Signature Algorithm: sha256WithRSAEncryption
89:4b:0f:08:fb:49:00:b7:a2:01:4f:0e:e7:f4:42:02:76:7a:
4e:88:4d:ad:b1:0f:2a:6a:b5:49:8b:07:c1:82:f7:36:01:5d:
97:c3:c8:a1:99:e3:28:cc:95:9f:07:0d:35:c4:56:98:9c:9a:
61:a0:cc:fa:cf:ec:20:58:e8:9b:cf:c8:4b:71:de:c8:07:f2:
22:69:19:ce:39:d7:31:a2:28:ef:5b:73:00:fd:d5:ae:38:db:
30:50:8e:c1:ae:2b:cd:b8:32:5b:8b:02:f0:7d:13:29:99:0f:
da:4d:90:f3:43:74:7b:ce:ca:e3:6a:34:4f:14:83:e3:cc:e0:
ff:bf:00:5d:d1:22:04:81:3d:4a:c3:ac:81:73:06:b6:c7:61:
a9:2d:2a:e9:71:79:53:60:b8:b5:d3:7d:7c:17:0c:65:c9:2c:
f9:c0:ca:f6:b0:8e:e7:b3:62:8b:40:d8:91:2b:61:e6:07:ee:
7a:c6:ba:59:f3:e0:fd:6b:67:2c:78:ec:c3:2e:f9:a0:13:bf:
d0:f7:9e:00:00:19:c1:19:2e:5b:01:79:f3:f8:86:7c:ca:63:
fa:44:c2:02:11:7d:46:7f:9e:a1:13:a3:f9:c9:b2:6b:88:ef:
e0:4f:06:d6:d6:28:73:a7:3d:8c:2b:d2:6b:22:98:c7:94:45:
e1:be:bb:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTy6YIzByFCxn/Lhy2IlVRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjIxMjA4MTgwNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTg5NTM2YmZiNWVlOGVlYWU4Njc0NTRmOTc2MDM1ZTkxNzQ5YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0f7qFhW+28sCoPCZkusX5H67AVF
9HJ04za3JGC2zbTLVFS2aZLtWSkGMlkw6oMNvRmcVIlXw298VWE/xqOF/sU9QzGR
bEUvgL0KuwtHiEeHnZDNLIyYKkjv/iL5AtKZXKNTN55NS3h5KDDm9o+3wg5rs/CP
WJyMHL9vizT6dI/KdzaEVoS1BGbsDPEoS28LeRpK09hOzjMtvq95hev7BfmikPqW
a84Q6W//uynIiFT8IcuGT0wFc+5uiUoAknYpiz1Eew3XsBxPttAoyGVFqPr7T41z
0yHZPSUoF4AeCvwJrrT0c4Hyf8+sugXwFScWS6P9TEVkj308fmsaAG2pHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM6JU2v7XujuroZ0VPl2A16RdJo4MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvem9sVGFfdGU2TzZ1aG5SVS1YWURYcEYwbWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEm8EQAwQH
m8GAAwQDwC64AwQCwC7IMA0GCSqGSIb3DQEBCwUAA4IBAQCJSw8I+0kAt6IBTw7n
9EICdnpOiE2tsQ8qarVJiwfBgvc2AV2Xw8ihmeMozJWfBw01xFaYnJphoMz6z+wg
WOibz8hLcd7IB/IiaRnOOdcxoijvW3MA/dWuONswUI7BrivNuDJbiwLwfRMpmQ/a
TZDzQ3R7zsrjajRPFIPjzOD/vwBd0SIEgT1Kw6yBcwa2x2GpLSrpcXlTYLi10318
FwxlySz5wMr2sI7ns2KLQNiRK2HmB+56xrpZ8+D9a2cseOzDLvmgE7/Q954AABnB
GS5bAXnz+IZ8ymP6RMICEX1Gf56hE6P5ybJriO/gTwbW1ihzpz2MK9JrIpjHlEXh
vrvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org