Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/7kuqsZ_50UmPAFMYQFyxpeF45VE.roa
File: 7kuqsZ_50UmPAFMYQFyxpeF45VE.roa (raw, json)
Hash identifier: FwP7sqAKkxJ5KhfJJD8stRaVHuiKy6/qNcMH9LucZ2U=
Subject key identifier: EE:4B:AA:B1:9F:F9:D1:49:8F:00:53:18:40:5C:B1:A5:E1:78:E5:51
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 01881C9A897F0A1A0E245A990E19CFF494F5
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/7kuqsZ_50UmPAFMYQFyxpeF45VE.roa
Signing time: Sun 14 May 2023 23:31:09 +0000
ROA not before: Sun 14 May 2023 23:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1c:9a:89:7f:0a:1a:0e:24:5a:99:0e:19:cf:f4:94:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: May 14 23:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee4baab19ff9d1498f005318405cb1a5e178e551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dc:28:ed:aa:59:a8:d0:51:9e:c1:1f:91:57:
dd:cd:38:af:71:5c:c6:81:5b:19:5a:eb:3a:50:06:
62:ec:16:ed:b4:12:3c:c0:13:ba:c8:f7:3b:23:a0:
0c:c3:5c:b6:0a:79:cb:92:c2:ae:bf:69:52:f3:f6:
25:eb:20:bd:f9:44:d1:41:01:4f:12:fd:42:f1:7d:
8d:b1:dc:ec:a5:4f:c9:67:4c:de:d3:81:0e:75:28:
a3:9a:c2:83:4f:4c:37:2d:66:69:79:44:fd:5a:08:
b6:ad:bf:cd:f3:81:b6:31:94:75:8a:db:53:9f:87:
d9:1d:b7:22:2a:9f:7a:c6:2f:7a:fd:1a:a1:7e:e5:
41:95:ab:b0:68:0f:96:50:c4:da:59:bd:16:a9:bc:
7f:5c:4d:f0:b7:57:d8:8b:70:f3:de:93:04:bb:64:
85:ff:43:a1:58:e4:94:a3:ca:8c:54:74:63:fb:44:
ef:05:be:fa:12:d1:c3:69:b1:08:f6:a3:7a:ac:13:
e1:0f:60:dd:f0:ef:41:61:b8:62:29:50:cd:71:19:
18:5e:a4:ed:8d:7b:f6:75:bf:e6:a0:94:70:3a:d2:
ad:0d:e5:88:27:92:5d:70:17:96:62:57:d0:1b:73:
66:27:a2:75:36:0f:5e:bd:5d:05:17:6d:07:55:1b:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4B:AA:B1:9F:F9:D1:49:8F:00:53:18:40:5C:B1:A5:E1:78:E5:51
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/7kuqsZ_50UmPAFMYQFyxpeF45VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
92:4c:57:29:62:c5:c0:be:e6:58:f0:7f:8b:a2:7a:87:61:f6:
fe:76:e0:dc:64:5b:69:6b:b0:73:8a:fb:5e:56:c6:64:e3:cf:
2f:0b:33:57:88:e0:bb:63:d8:7d:6c:59:4d:5f:18:ce:54:6e:
a0:48:04:bd:43:97:a4:78:2d:e5:95:d6:79:2c:0f:94:6b:e4:
84:6b:28:fc:8e:04:25:24:ae:d2:5c:2d:2b:b6:a6:f9:59:98:
c1:24:43:3f:e2:6f:90:32:67:7e:d4:92:ee:71:27:92:ff:6f:
d0:8f:ba:e4:f8:35:cf:62:17:7b:f7:3a:01:ad:60:cf:89:8d:
b5:4d:72:1e:66:5f:38:7b:f0:2f:96:82:c0:69:5a:a2:21:a5:
5c:4c:3c:11:fa:5b:bb:9b:11:8e:0a:e6:62:40:6a:7c:74:30:
7d:95:57:2e:85:f1:9a:f6:93:fc:e9:c0:d0:8d:0f:d0:ba:32:
18:4c:1d:00:ff:60:99:11:fc:01:0b:f8:62:11:6b:96:59:85:
ca:fa:b0:40:d7:48:fd:60:c2:6c:c4:53:8e:bf:d4:25:87:b8:
f1:9e:b2:20:df:d6:c7:7e:bc:9e:f8:38:65:1f:e2:ac:63:49:
e4:10:37:f7:fa:4a:45:44:23:46:66:6b:5d:79:27:c8:ff:43:
66:ed:7e:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgcmol/ChoOJFqZDhnP9JT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjMwNTE0MjMzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTRiYWFiMTlmZjlkMTQ5OGYwMDUzMTg0MDVjYjFhNWUxNzhlNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39wo7apZqNBRnsEfkVfdzTivcVzG
gVsZWus6UAZi7BbttBI8wBO6yPc7I6AMw1y2CnnLksKuv2lS8/Yl6yC9+UTRQQFP
Ev1C8X2NsdzspU/JZ0ze04EOdSijmsKDT0w3LWZpeUT9Wgi2rb/N84G2MZR1ittT
n4fZHbciKp96xi96/RqhfuVBlauwaA+WUMTaWb0Wqbx/XE3wt1fYi3Dz3pMEu2SF
/0OhWOSUo8qMVHRj+0TvBb76EtHDabEI9qN6rBPhD2Dd8O9BYbhiKVDNcRkYXqTt
jXv2db/moJRwOtKtDeWIJ5JdcBeWYlfQG3NmJ6J1Ng9evV0FF20HVRsbfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5LqrGf+dFJjwBTGEBcsaXheOVRMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvN2t1cXNaXzUwVW1QQUZNWVFGeXhwZUY0NVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQCSTFcpYsXAvuZY8H+LonqHYfb+duDcZFtpa7Bzivte
VsZk488vCzNXiOC7Y9h9bFlNXxjOVG6gSAS9Q5ekeC3lldZ5LA+Ua+SEayj8jgQl
JK7SXC0rtqb5WZjBJEM/4m+QMmd+1JLucSeS/2/Qj7rk+DXPYhd79zoBrWDPiY21
TXIeZl84e/AvloLAaVqiIaVcTDwR+lu7mxGOCuZiQGp8dDB9lVcuhfGa9pP86cDQ
jQ/QujIYTB0A/2CZEfwBC/hiEWuWWYXK+rBA10j9YMJsxFOOv9Qlh7jxnrIg39bH
frye+DhlH+KsY0nkEDf3+kpFRCNGZmtdeSfI/0Nm7X4d
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:58:00 2025 by rpki-client