Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/SMaQhPswx09JUXnCJZU63zdndOQ.roa
File: SMaQhPswx09JUXnCJZU63zdndOQ.roa (raw, json)
Hash identifier: FXvneyEFXHVJFzvayHn8tHkdP93DtxXDOb2vmb//goc=
Subject key identifier: 48:C6:90:84:FB:30:C7:4F:49:51:79:C2:25:95:3A:DF:37:67:74:E4
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 0188D7F8C26366C849B4E492DCC30B5EE5E4
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/SMaQhPswx09JUXnCJZU63zdndOQ.roa
Signing time: Tue 20 Jun 2023 08:43:04 +0000
ROA not before: Tue 20 Jun 2023 08:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:f8:c2:63:66:c8:49:b4:e4:92:dc:c3:0b:5e:e5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Jun 20 08:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48c69084fb30c74f495179c225953adf376774e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:22:3f:44:89:e1:1d:eb:fc:2d:28:e2:06:25:
8c:a5:a4:b9:90:51:3a:0c:08:04:20:5b:2e:1e:2d:
bb:93:27:32:a1:51:af:0c:9d:80:31:26:62:9a:5f:
a9:cf:5f:03:11:1b:cf:a0:59:61:de:46:84:70:12:
7e:1b:7c:1d:5f:a0:53:01:8d:c9:38:b5:8e:38:31:
cb:ec:55:44:81:6f:0e:46:76:7e:a4:48:92:47:6b:
65:74:59:14:db:7d:a8:bf:e6:32:ba:97:ad:5d:9c:
78:83:b1:05:52:49:4c:a8:7b:27:0c:72:29:0b:26:
e4:f1:1a:70:00:2a:b2:bb:79:e1:30:5d:98:12:e0:
7f:14:6c:1b:0d:87:50:09:5a:93:76:c6:c2:ce:e5:
95:14:5e:34:91:ef:be:23:b7:b4:74:00:98:9b:1f:
b6:de:a4:f5:a2:6f:bb:f1:7d:01:18:16:b0:9b:9a:
86:f8:a8:0c:68:e3:87:bd:e6:b6:4a:53:1c:28:fb:
f3:fc:95:22:94:04:c2:83:e9:0b:8d:73:13:78:c3:
20:42:40:67:26:c1:6b:55:ad:28:fd:ff:f6:b6:e5:
dd:65:a1:26:ea:35:f1:3c:ae:b8:c9:67:47:3a:4f:
c0:ea:b9:eb:ed:9a:9c:40:d3:ef:ad:71:e2:3f:ef:
0a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C6:90:84:FB:30:C7:4F:49:51:79:C2:25:95:3A:DF:37:67:74:E4
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/SMaQhPswx09JUXnCJZU63zdndOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f9:ca:09:76:d9:fe:c7:0b:50:a2:c0:22:8e:e5:51:4e:8b:
6c:9e:f5:19:9e:76:cc:b3:76:c5:f2:2b:4e:de:9e:2d:a1:97:
3b:4a:a9:9f:02:e7:6f:d4:7a:42:52:a3:11:63:c2:15:28:7d:
47:b8:3c:dd:f3:5e:6b:50:7e:13:e5:ec:e0:05:16:57:8d:e8:
d4:e1:e8:f7:11:c9:98:18:81:49:30:9a:c9:6a:50:5f:72:50:
4e:ae:a0:eb:fa:ac:52:ca:8a:42:d3:59:72:d0:78:90:f9:d5:
e3:8a:12:1f:9e:54:ab:dc:62:bf:89:ca:bf:1d:30:59:a8:ed:
f3:3a:40:f7:62:72:ec:4f:be:9f:09:15:66:6b:59:f5:bc:ed:
7f:e9:82:c1:ec:af:0c:34:fd:65:e3:a5:18:19:78:9e:67:dd:
a8:e8:a2:fe:87:25:c5:27:e4:9a:fc:86:5e:f4:44:05:db:79:
23:91:18:66:c8:b3:55:83:61:79:05:72:6d:9b:7e:a1:06:1b:
80:5c:68:b7:b2:00:36:ef:02:4c:bb:ce:2d:84:d9:c0:5d:c6:
ff:c3:3c:a2:5b:60:36:14:c8:63:37:9b:69:e2:2e:ad:4d:7a:
bc:d7:b0:00:05:4a:db:db:4c:da:1d:6c:b9:05:d5:02:b8:7e:
bc:4f:92:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjX+MJjZshJtOSS3MMLXuXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjMwNjIwMDg0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM2OTA4NGZiMzBjNzRmNDk1MTc5YzIyNTk1M2FkZjM3Njc3NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCI/RInhHev8LSjiBiWMpaS5kFE6
DAgEIFsuHi27kycyoVGvDJ2AMSZiml+pz18DERvPoFlh3kaEcBJ+G3wdX6BTAY3J
OLWOODHL7FVEgW8ORnZ+pEiSR2tldFkU232ov+YyupetXZx4g7EFUklMqHsnDHIp
Cybk8RpwACqyu3nhMF2YEuB/FGwbDYdQCVqTdsbCzuWVFF40ke++I7e0dACYmx+2
3qT1om+78X0BGBawm5qG+KgMaOOHvea2SlMcKPvz/JUilATCg+kLjXMTeMMgQkBn
JsFrVa0o/f/2tuXdZaEm6jXxPK64yWdHOk/A6rnr7ZqcQNPvrXHiP+8K4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEjGkIT7MMdPSVF5wiWVOt83Z3TkMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvU01hUWhQc3d4MDlKVVhuQ0paVTYzemRuZE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQAH+coJdtn+xwtQosAijuVRTotsnvUZnnbMs3bF8itO
3p4toZc7SqmfAudv1HpCUqMRY8IVKH1HuDzd815rUH4T5ezgBRZXjejU4ej3EcmY
GIFJMJrJalBfclBOrqDr+qxSyopC01ly0HiQ+dXjihIfnlSr3GK/icq/HTBZqO3z
OkD3YnLsT76fCRVma1n1vO1/6YLB7K8MNP1l46UYGXieZ92o6KL+hyXFJ+Sa/IZe
9EQF23kjkRhmyLNVg2F5BXJtm36hBhuAXGi3sgA27wJMu84thNnAXcb/wzyiW2A2
FMhjN5tp4i6tTXq817AABUrb20zaHWy5BdUCuH68T5Ks
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:59 2024 by rpki-client on console-ams.rpki-client.org