Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/LmWYmD42pJG-aAxViIuH5Xi_34I.roa
File: LmWYmD42pJG-aAxViIuH5Xi_34I.roa (raw, json)
Hash identifier: GgFtkaDNjoAjwrRvaxpQS8cmsDmmD8ppGVkKweFaQ5w=
Subject key identifier: 2E:65:98:98:3E:36:A4:91:BE:68:0C:55:88:8B:87:E5:78:BF:DF:82
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 018CC5DC2E6C2FF2504A2E41785D7C20646B
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/LmWYmD42pJG-aAxViIuH5Xi_34I.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20454
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2e:6c:2f:f2:50:4a:2e:41:78:5d:7c:20:64:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e6598983e36a491be680c55888b87e578bfdf82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:a2:8f:25:1e:0c:dc:18:4e:bf:ee:b5:59:
ef:c0:19:73:b6:36:8f:33:8e:2d:ed:56:50:65:c0:
62:6c:5a:90:6d:c8:cc:91:3e:20:7b:74:23:86:7b:
4d:31:13:3c:64:ef:61:45:ad:e8:44:4e:0e:85:86:
78:52:53:62:22:e3:ad:71:e2:e1:61:96:ff:91:82:
a0:a4:b6:7a:b8:77:09:bb:12:07:cf:16:25:14:f9:
0a:43:a7:c4:8e:0d:47:14:a7:ed:87:24:0b:49:c8:
2b:16:19:d8:84:fe:23:bb:8e:fb:7d:3b:ca:61:fa:
e1:cb:13:db:93:0b:a0:f2:2c:d0:91:5e:93:62:f8:
01:da:9c:49:8b:d7:15:a2:5f:0d:0c:87:de:8c:93:
3b:ce:c6:03:67:14:47:10:09:86:91:7f:15:c1:87:
eb:16:87:97:57:a7:be:5b:dc:53:da:6e:be:23:c4:
73:5c:12:73:99:1a:7f:ae:6e:1a:d2:7d:25:47:b6:
c1:05:89:6f:ce:6c:35:8f:ad:f6:23:ea:35:d6:1a:
51:67:39:e5:48:1f:07:c6:f2:d2:e8:63:49:7a:c4:
ce:90:5e:5f:55:ff:da:76:1c:f7:ed:d5:f6:79:e8:
24:5b:94:a9:24:3c:c4:bd:c4:d7:ca:91:44:2c:a0:
61:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:65:98:98:3E:36:A4:91:BE:68:0C:55:88:8B:87:E5:78:BF:DF:82
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/LmWYmD42pJG-aAxViIuH5Xi_34I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:a7:4b:24:4b:19:38:0c:28:7c:80:97:b8:e7:a7:1e:78:91:
39:17:a9:cc:76:b0:87:60:6b:d9:09:c8:7e:e8:c9:7b:46:de:
f7:68:a9:c0:58:ab:92:5d:27:18:f0:0b:29:47:50:f0:61:87:
db:9d:bf:c7:9d:82:c8:8b:92:48:69:bc:92:2b:37:6b:4e:70:
30:21:6b:f3:37:aa:03:a7:b3:9f:51:64:0d:9c:04:05:b8:00:
bf:ee:2b:83:12:17:59:7b:86:09:1c:4b:06:93:9e:59:aa:af:
76:5e:b9:97:ba:19:df:34:ea:35:cb:00:a1:51:e4:9f:45:5e:
dd:32:24:11:b8:46:2e:ac:34:b7:1f:11:55:34:a7:1d:8a:f9:
78:d7:25:04:96:0b:1d:2b:43:47:56:53:7f:6e:9b:82:eb:49:
1e:d5:6e:b8:d6:ce:a6:90:08:69:a4:92:d0:6e:9e:01:8a:1f:
f2:13:b0:92:b9:13:a3:55:37:00:b0:07:e0:17:d4:03:b4:4d:
02:ad:22:f2:c6:58:09:a4:28:3a:e5:26:b1:a3:1a:e3:c8:2e:
eb:6d:33:28:d1:f0:e1:48:da:03:a9:7c:b1:00:ea:1d:fb:f4:
0d:9a:a1:f1:30:6b:ad:77:24:17:3a:36:64:22:8c:ad:36:00:
0c:4c:86:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3C5sL/JQSi5BeF18IGRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY1OTg5ODNlMzZhNDkxYmU2ODBjNTU4ODhiODdlNTc4YmZkZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTOijyUeDNwYTr/utVnvwBlztjaP
M44t7VZQZcBibFqQbcjMkT4ge3QjhntNMRM8ZO9hRa3oRE4OhYZ4UlNiIuOtceLh
YZb/kYKgpLZ6uHcJuxIHzxYlFPkKQ6fEjg1HFKfthyQLScgrFhnYhP4ju477fTvK
YfrhyxPbkwug8izQkV6TYvgB2pxJi9cVol8NDIfejJM7zsYDZxRHEAmGkX8VwYfr
FoeXV6e+W9xT2m6+I8RzXBJzmRp/rm4a0n0lR7bBBYlvzmw1j632I+o11hpRZznl
SB8HxvLS6GNJesTOkF5fVf/adhz37dX2eegkW5SpJDzEvcTXypFELKBhmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5lmJg+NqSRvmgMVYiLh+V4v9+CMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvTG1XWW1ENDJwSkctYUF4VmlJdUg1WGlfMzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQCzp0skSxk4DCh8gJe456ceeJE5F6nMdrCHYGvZCch+
6Ml7Rt73aKnAWKuSXScY8AspR1DwYYfbnb/HnYLIi5JIabySKzdrTnAwIWvzN6oD
p7OfUWQNnAQFuAC/7iuDEhdZe4YJHEsGk55Zqq92XrmXuhnfNOo1ywChUeSfRV7d
MiQRuEYurDS3HxFVNKcdivl41yUElgsdK0NHVlN/bpuC60ke1W641s6mkAhppJLQ
bp4Bih/yE7CSuROjVTcAsAfgF9QDtE0CrSLyxlgJpCg65SaxoxrjyC7rbTMo0fDh
SNoDqXyxAOod+/QNmqHxMGutdyQXOjZkIoytNgAMTIYE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:59 2024 by rpki-client on console-ams.rpki-client.org