Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/EqMQW66e8xUOxwoHt7JaQ62zXYg.roa
File: EqMQW66e8xUOxwoHt7JaQ62zXYg.roa (raw, json)
Hash identifier: nXptZu1M6M2IzxCsOEu9QpwFq7xubZg6qSlsEIlZMFA=
Subject key identifier: 12:A3:10:5B:AE:9E:F3:15:0E:C7:0A:07:B7:B2:5A:43:AD:B3:5D:88
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 018AFDC439BCEF3F7D7DE1CFD8A6FB47179C
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/EqMQW66e8xUOxwoHt7JaQ62zXYg.roa
Signing time: Thu 05 Oct 2023 02:56:50 +0000
ROA not before: Thu 05 Oct 2023 02:56:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20454
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fd:c4:39:bc:ef:3f:7d:7d:e1:cf:d8:a6:fb:47:17:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Oct 5 02:56:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12a3105bae9ef3150ec70a07b7b25a43adb35d88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:f7:21:3a:58:c4:49:62:50:fe:8b:60:ed:
c8:e9:0c:10:20:10:4a:da:3d:23:c0:67:7d:52:c6:
5f:08:fd:17:97:3d:2a:58:a5:1a:19:33:7c:45:d1:
58:7f:25:ca:cc:7d:8d:4f:43:73:ac:ae:a6:b4:dc:
f9:d9:8d:7d:8a:be:44:09:0c:9d:38:a6:50:5f:3a:
97:5e:75:10:1a:f0:03:7a:d4:61:cf:af:7c:15:39:
80:5f:6c:58:30:4b:53:0c:30:16:65:3f:3b:a2:0b:
8e:e5:13:f9:9a:5d:b5:e2:c6:61:0c:0c:72:d2:1a:
c7:1e:ea:5b:5c:04:b8:0a:3c:88:13:99:c0:aa:98:
e9:9c:86:b5:ac:05:2a:bb:27:de:89:2a:99:19:79:
a4:95:67:71:e1:ee:1d:27:0f:e3:84:0e:7e:fe:d7:
9d:d9:61:55:52:40:93:f3:96:ac:a4:65:1d:a3:c8:
21:8d:ca:2e:98:a6:17:45:77:c9:19:e5:7a:35:57:
fb:85:cf:2f:dc:18:51:3d:6a:3e:ca:59:ac:66:f0:
c1:57:88:e9:76:5c:0c:73:8e:ee:fe:83:f5:c9:e0:
ad:8d:fc:a8:12:f1:17:89:44:b9:8e:99:67:13:d6:
c3:e0:75:b1:ef:90:18:a9:0f:69:24:c1:6e:37:75:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A3:10:5B:AE:9E:F3:15:0E:C7:0A:07:B7:B2:5A:43:AD:B3:5D:88
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/EqMQW66e8xUOxwoHt7JaQ62zXYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
25:4b:84:a9:57:0e:b5:87:6f:bc:02:42:cb:0c:0c:cb:c0:d2:
d0:4f:dc:16:73:29:40:09:9b:c1:0e:24:d5:38:46:4c:36:90:
07:7b:35:4e:a7:94:09:73:a5:50:82:51:2b:b1:60:01:2f:10:
57:17:e6:dd:62:b4:89:19:10:00:87:95:5b:09:04:7e:6e:51:
20:44:de:a7:a5:4e:78:36:a4:55:4a:1b:d3:41:8a:dd:6d:4c:
3f:43:f3:ea:ad:23:c2:10:df:42:d1:69:18:67:e9:e2:b7:ef:
a5:8c:6b:56:51:d7:85:7d:f2:de:f5:04:67:54:f1:87:70:c8:
63:07:5b:a9:df:b7:7b:f8:83:f8:f2:7c:66:a7:22:cb:71:95:
13:8d:36:e1:39:be:d7:40:6a:40:67:f0:91:08:17:9c:d9:a6:
81:1f:91:8a:cb:66:a1:01:2c:57:28:c6:bc:76:fd:95:45:47:
d7:5a:3f:4c:cf:c2:f0:14:ed:f5:ab:e6:aa:71:8f:5b:30:ae:
65:40:08:06:69:57:38:2e:e9:56:3a:6e:67:1a:84:37:45:87:
78:5e:4a:04:6c:fe:81:58:22:fb:bd:b4:6c:d5:6d:6c:2c:54:
11:0e:08:a2:af:d6:b9:c8:e5:de:12:38:a6:5b:12:71:5b:17:
79:15:3f:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr9xDm87z99feHP2Kb7RxecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjMxMDA1MDI1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmEzMTA1YmFlOWVmMzE1MGVjNzBhMDdiN2IyNWE0M2FkYjM1ZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOT3ITpYxEliUP6LYO3I6QwQIBBK
2j0jwGd9UsZfCP0Xlz0qWKUaGTN8RdFYfyXKzH2NT0NzrK6mtNz52Y19ir5ECQyd
OKZQXzqXXnUQGvADetRhz698FTmAX2xYMEtTDDAWZT87oguO5RP5ml214sZhDAxy
0hrHHupbXAS4CjyIE5nAqpjpnIa1rAUquyfeiSqZGXmklWdx4e4dJw/jhA5+/ted
2WFVUkCT85aspGUdo8ghjcoumKYXRXfJGeV6NVf7hc8v3BhRPWo+ylmsZvDBV4jp
dlwMc47u/oP1yeCtjfyoEvEXiUS5jplnE9bD4HWx75AYqQ9pJMFuN3UHRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBKjEFuunvMVDscKB7eyWkOts12IMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvRXFNUVc2NmU4eFVPeHdvSHQ3SmFRNjJ6WFlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQAlS4SpVw61h2+8AkLLDAzLwNLQT9wWcylACZvBDiTV
OEZMNpAHezVOp5QJc6VQglErsWABLxBXF+bdYrSJGRAAh5VbCQR+blEgRN6npU54
NqRVShvTQYrdbUw/Q/PqrSPCEN9C0WkYZ+nit++ljGtWUdeFffLe9QRnVPGHcMhj
B1up37d7+IP48nxmpyLLcZUTjTbhOb7XQGpAZ/CRCBec2aaBH5GKy2ahASxXKMa8
dv2VRUfXWj9Mz8LwFO31q+aqcY9bMK5lQAgGaVc4LulWOm5nGoQ3RYd4XkoEbP6B
WCL7vbRs1W1sLFQRDgiir9a5yOXeEjimWxJxWxd5FT+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:29 2024 by rpki-client on console-fra.rpki-client.org