Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SmaUXJL_SiIbBxoWNj20mMB4BVA.roa
File: SmaUXJL_SiIbBxoWNj20mMB4BVA.roa (raw, json)
Hash identifier: PA3PARAsWnAVKjqo15giONrDy/MaHCjSZsm5CelMqF8=
Subject key identifier: 4A:66:94:5C:92:FF:4A:22:1B:07:1A:16:36:3D:B4:98:C0:78:05:50
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0181DD14E715EFA818B53F908E182C433454
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SmaUXJL_SiIbBxoWNj20mMB4BVA.roa
Signing time: Fri 08 Jul 2022 09:12:23 +0000
ROA not before: Fri 08 Jul 2022 09:12:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 185.199.149.0/24 maxlen: 24
185.108.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dd:14:e7:15:ef:a8:18:b5:3f:90:8e:18:2c:43:34:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 8 09:12:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a66945c92ff4a221b071a16363db498c0780550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d8:d8:0a:bb:47:ed:ed:aa:4c:ce:c9:71:8f:
10:23:40:f0:9d:3e:b1:96:20:cf:8a:1e:7a:4e:27:
5e:6f:21:5d:05:e3:d5:fa:0a:f4:71:12:38:a1:7c:
01:fa:45:f0:7a:99:ce:d3:51:4d:04:d7:9c:0f:33:
7c:4f:21:f3:79:b7:62:80:47:da:16:42:bf:6d:48:
53:a4:6e:24:9f:44:18:3c:39:ca:5f:f0:1c:d6:fc:
8d:3c:78:85:82:fa:a1:93:0d:16:3e:ae:61:24:b7:
0c:f6:8b:6b:0d:fa:78:4b:e5:53:3c:6e:b7:de:8b:
a8:8d:74:b1:e9:32:07:7f:03:62:cc:0c:08:c7:60:
69:cf:29:c1:1a:b8:70:a6:86:98:d6:84:ab:cc:99:
83:0b:c1:dd:50:f1:dd:23:2c:e3:6a:65:bc:6b:61:
65:b2:06:a4:ac:27:c1:02:bc:e9:09:3f:6c:51:de:
90:59:8d:bf:3c:63:c1:c4:81:05:61:85:20:97:6d:
2a:68:66:f3:30:59:04:f2:5b:cf:4d:6d:aa:23:fb:
40:d6:17:d1:ab:9a:e3:d5:d8:56:94:cb:f1:9f:00:
31:24:fc:b0:e3:8c:05:ca:95:c4:69:a9:1c:7e:48:
93:6b:4c:d9:0e:5d:e9:71:69:fa:f1:89:33:8f:87:
d6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:66:94:5C:92:FF:4A:22:1B:07:1A:16:36:3D:B4:98:C0:78:05:50
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/SmaUXJL_SiIbBxoWNj20mMB4BVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.207.0/24
185.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
49:63:08:7e:46:7a:1a:af:3b:69:b7:51:39:6b:98:13:d2:d5:
66:fd:fd:a3:c3:e2:34:19:15:f1:12:40:53:2e:e1:8b:cb:ed:
8b:16:e0:a9:6b:1f:1e:64:5c:fa:90:95:04:82:d4:a7:0d:f8:
31:0e:e3:11:83:b2:2d:e6:8e:c0:11:8a:b4:24:f1:ca:96:3c:
e8:78:52:6b:4c:fc:2a:2b:2e:2c:46:9a:75:2d:f8:46:b1:3f:
a1:60:a0:72:6e:d2:30:38:07:f5:ab:31:30:14:3e:76:ce:90:
e9:84:14:4e:6f:54:c6:de:80:a6:5b:72:2c:4c:44:0d:47:2c:
bc:6f:28:d5:b9:cd:81:fc:59:0f:e4:87:8b:7c:3e:75:cc:a7:
27:be:e5:42:1c:07:c9:d8:4d:ae:72:60:1c:8d:5a:98:1d:67:
2f:fc:ea:b0:e2:9c:31:6d:e6:57:e2:27:67:a6:de:6e:7a:60:
fc:cc:70:27:e1:8e:25:da:bb:88:71:c9:0e:b0:b5:3b:e6:6a:
a7:61:ee:39:0e:ee:98:9b:3b:26:2c:ab:84:9c:1c:4f:19:d1:
18:7b:2a:4c:85:bb:74:a0:40:63:06:ca:a4:c6:31:a7:23:6f:
d7:e1:a9:23:ac:db:6b:e2:3e:3b:22:cc:91:ca:3c:46:cd:6c:
e9:1b:ef:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHdFOcV76gYtT+QjhgsQzRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIwNzA4MDkxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTY2OTQ1YzkyZmY0YTIyMWIwNzFhMTYzNjNkYjQ5OGMwNzgwNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNjYCrtH7e2qTM7JcY8QI0DwnT6x
liDPih56TidebyFdBePV+gr0cRI4oXwB+kXwepnO01FNBNecDzN8TyHzebdigEfa
FkK/bUhTpG4kn0QYPDnKX/Ac1vyNPHiFgvqhkw0WPq5hJLcM9otrDfp4S+VTPG63
3ouojXSx6TIHfwNizAwIx2BpzynBGrhwpoaY1oSrzJmDC8HdUPHdIyzjamW8a2Fl
sgakrCfBArzpCT9sUd6QWY2/PGPBxIEFYYUgl20qaGbzMFkE8lvPTW2qI/tA1hfR
q5rj1dhWlMvxnwAxJPyw44wFypXEaakcfkiTa0zZDl3pcWn68Ykzj4fWiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEpmlFyS/0oiGwcaFjY9tJjAeAVQMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvU21hVVhKTF9TaUliQnhvV05qMjBtTUI0QlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWzPAwQA
uceVMA0GCSqGSIb3DQEBCwUAA4IBAQBJYwh+Rnoarztpt1E5a5gT0tVm/f2jw+I0
GRXxEkBTLuGLy+2LFuCpax8eZFz6kJUEgtSnDfgxDuMRg7It5o7AEYq0JPHKljzo
eFJrTPwqKy4sRpp1LfhGsT+hYKBybtIwOAf1qzEwFD52zpDphBROb1TG3oCmW3Is
TEQNRyy8byjVuc2B/FkP5IeLfD51zKcnvuVCHAfJ2E2ucmAcjVqYHWcv/Oqw4pwx
beZX4idnpt5uemD8zHAn4Y4l2ruIcckOsLU75mqnYe45Du6YmzsmLKuEnBxPGdEY
eypMhbt0oEBjBsqkxjGnI2/X4akjrNtr4j47IsyRyjxGzWzpG++w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:13 2024 by rpki-client on console-fra.rpki-client.org