Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/U7KovhvxCZsG_WAVxnyazM4KbTI.roa
File: U7KovhvxCZsG_WAVxnyazM4KbTI.roa (raw, json)
Hash identifier: O3x46b26GCBQVUcmoCo9ZrymC/QWomfs2sWTv/cfYDw=
Subject key identifier: 53:B2:A8:BE:1B:F1:09:9B:06:FD:60:15:C6:7C:9A:CC:CE:0A:6D:32
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 065DAA72
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/U7KovhvxCZsG_WAVxnyazM4KbTI.roa
Signing time: Thu 02 Jun 2022 19:10:20 +0000
ROA not before: Thu 02 Jun 2022 19:10:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201307
IP address blocks: 155.133.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106801778 (0x65daa72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jun 2 19:10:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53b2a8be1bf1099b06fd6015c67c9accce0a6d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9b:b8:d7:5f:57:3b:dc:6f:cc:7b:3c:26:3e:
f0:1b:00:b1:c7:b2:00:37:06:e7:6e:8d:8c:dd:9a:
23:64:98:1b:88:71:0c:0e:66:61:66:a2:f9:93:3b:
8a:9d:af:36:75:16:0c:d4:12:57:d1:b4:44:7e:7d:
98:aa:93:46:1c:c2:98:31:23:23:19:d1:01:f0:8d:
46:74:1f:bd:83:65:31:62:8b:27:8d:c8:97:62:2d:
32:3f:7e:b1:84:70:77:1d:40:80:60:ea:3d:b3:f8:
c7:83:aa:d6:af:26:fd:04:ef:50:0f:06:91:1b:20:
4e:58:bc:a9:9e:17:4c:1f:b1:72:7d:18:88:16:30:
31:a7:a4:8e:4a:cd:32:c0:a7:01:7f:a1:fe:ab:c8:
63:b7:d5:c2:cd:e6:e7:03:50:4a:3a:06:d8:f5:e5:
c4:48:97:16:24:09:b5:cd:5b:78:21:bc:ef:d3:4b:
24:ee:78:b5:72:7b:b4:78:88:08:20:2b:d8:ba:ab:
cf:79:b2:e0:8e:80:81:31:f6:fd:0d:f1:56:e0:97:
2f:09:b8:09:09:fe:79:16:de:50:f6:bd:22:5d:f2:
9a:f3:6a:06:45:ea:f9:40:a1:42:3e:70:78:8f:18:
4b:1f:75:f6:4c:7c:e3:f7:fa:2e:38:83:89:d7:26:
9d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B2:A8:BE:1B:F1:09:9B:06:FD:60:15:C6:7C:9A:CC:CE:0A:6D:32
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/U7KovhvxCZsG_WAVxnyazM4KbTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.120.0/24
Signature Algorithm: sha256WithRSAEncryption
67:9d:37:3c:2b:fd:7e:2c:a4:c2:58:8e:00:4a:42:6e:1f:89:
08:57:b6:a9:b0:37:50:a4:9f:ce:e4:8c:49:20:5c:8e:54:62:
3f:5e:e9:cc:40:48:59:4b:7e:71:5c:e7:09:a4:e6:8c:72:ae:
1a:54:1c:8f:71:c9:44:5a:23:c9:b2:e4:ae:18:93:83:ed:61:
e2:55:17:2f:7d:7e:b2:2a:ee:d9:d5:8e:7c:f4:f1:d6:04:85:
10:d9:e8:fa:df:23:d7:ac:ed:79:ee:01:03:50:e8:67:61:2f:
9c:92:67:09:29:e2:3a:6f:26:74:dd:87:3b:51:3c:78:96:b1:
26:39:9d:d1:61:20:27:d5:33:57:6f:7d:91:02:85:f3:bf:5f:
cf:cd:e0:f0:31:88:99:99:05:a8:a2:72:61:3c:c1:3e:71:3b:
66:37:43:5c:76:c0:b5:9e:a8:21:b3:6a:03:6f:d3:0e:69:e6:
43:70:0d:a3:7d:41:9c:9d:4e:0a:39:f0:0b:55:9b:51:8d:f8:
95:6a:f9:ae:d7:69:a5:ec:a4:31:54:44:79:dd:19:23:61:bd:
29:9f:4a:c2:6d:fe:ef:bb:90:aa:b2:ca:14:ab:87:a1:e0:39:
5d:c0:5e:cb:7d:d1:7b:b6:3f:88:54:53:f5:fa:19:a2:9e:60:
d9:85:de:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBl2qcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTFkNjgxNDM3NTI3MWQxYTNjYmQxMjE1NWRiMTFkMmJkNDFhOGQzMB4XDTIyMDYw
MjE5MTAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNiMmE4YmUxYmYx
MDk5YjA2ZmQ2MDE1YzY3YzlhY2NjZTBhNmQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCbuNdfVzvcb8x7PCY+8BsAsceyADcG526NjN2aI2SYG4hx
DA5mYWai+ZM7ip2vNnUWDNQSV9G0RH59mKqTRhzCmDEjIxnRAfCNRnQfvYNlMWKL
J43Il2ItMj9+sYRwdx1AgGDqPbP4x4Oq1q8m/QTvUA8GkRsgTli8qZ4XTB+xcn0Y
iBYwMaekjkrNMsCnAX+h/qvIY7fVws3m5wNQSjoG2PXlxEiXFiQJtc1beCG879NL
JO54tXJ7tHiICCAr2Lqrz3my4I6AgTH2/Q3xVuCXLwm4CQn+eRbeUPa9Il3ymvNq
BkXq+UChQj5weI8YSx919kx84/f6LjiDidcmnQMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTsqi+G/EJmwb9YBXGfJrMzgptMjAfBgNVHSMEGDAWgBQRHWgUN1Jx0aPL
0SFV2xHSvUGo0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VSMW9GRGRTY2RHank5RWhWZHNSMHIxQnFOTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8x
L1U3S292aHZ4Q1pzR19XQVZ4bnlhek00S2JUSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8xL0VSMW9GRGRTY2RH
ank5RWhWZHNSMHIxQnFOTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJuFeDANBgkqhkiG9w0BAQsFAAOC
AQEAZ503PCv9fiykwliOAEpCbh+JCFe2qbA3UKSfzuSMSSBcjlRiP17pzEBIWUt+
cVznCaTmjHKuGlQcj3HJRFojybLkrhiTg+1h4lUXL31+siru2dWOfPTx1gSFENno
+t8j16ztee4BA1DoZ2EvnJJnCSniOm8mdN2HO1E8eJaxJjmd0WEgJ9UzV299kQKF
879fz83g8DGImZkFqKJyYTzBPnE7ZjdDXHbAtZ6oIbNqA2/TDmnmQ3ANo31BnJ1O
CjnwC1WbUY34lWr5rtdppeykMVREed0ZI2G9KZ9Kwm3+77uQqrLKFKuHoeA5XcBe
y33Re7Y/iFRT9foZop5g2YXeEw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:28 2025 by rpki-client