Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SM7EIdTO_O8o1DH-JKMvN6j1RO4.roa
File: SM7EIdTO_O8o1DH-JKMvN6j1RO4.roa (raw, json)
Hash identifier: /AME/Y4Wp4IfA1Cb0LDbqvBhJuJM2FnFJ09bX8beoPg=
Subject key identifier: 48:CE:C4:21:D4:CE:FC:EF:28:D4:31:FE:24:A3:2F:37:A8:F5:44:EE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018EA4698F75FCE65BFA37CCC42497AB6FC7
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SM7EIdTO_O8o1DH-JKMvN6j1RO4.roa
Signing time: Wed 03 Apr 2024 14:42:45 +0000
ROA not before: Wed 03 Apr 2024 14:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
178.210.224.0/24 maxlen: 24
178.210.225.0/24 maxlen: 24
178.210.226.0/23 maxlen: 23
178.210.228.0/22 maxlen: 24
178.210.232.0/22 maxlen: 22
178.210.236.0/24 maxlen: 24
178.210.238.0/23 maxlen: 23
178.210.240.0/22 maxlen: 22
178.210.244.0/22 maxlen: 22
178.210.248.0/24 maxlen: 24
178.210.249.0/24 maxlen: 24
178.210.250.0/24 maxlen: 24
178.210.251.0/24 maxlen: 24
178.210.252.0/22 maxlen: 22
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:69:8f:75:fc:e6:5b:fa:37:cc:c4:24:97:ab:6f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 3 14:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48cec421d4cefcef28d431fe24a32f37a8f544ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b3:71:35:ad:a5:0d:7a:7e:d9:58:87:d0:28:
6c:1c:46:96:0e:4a:d1:a8:c7:72:19:b3:6e:2c:a1:
68:62:ed:ec:e8:94:da:d4:c1:b8:14:67:0c:75:82:
2c:ea:15:c6:a9:85:ab:ea:0d:46:6e:e6:b5:2e:50:
03:2a:15:77:41:90:41:85:3a:dc:47:a1:f7:8e:a5:
47:ff:b2:d2:0d:ea:5b:4a:2f:01:aa:9d:e6:da:de:
cc:5f:f8:6e:e7:fd:ec:03:ba:68:ab:d0:a3:a2:0c:
e6:0c:f7:8b:ad:db:d8:db:38:37:ff:8b:3f:f4:35:
cc:1b:7f:2f:3c:5c:c0:79:c6:43:30:d0:1a:a3:a0:
91:76:c4:a7:cf:5f:9b:3c:e8:66:c9:35:ec:da:23:
70:4d:7b:f8:bd:5c:f2:ac:f3:01:ee:9b:53:0c:aa:
3a:32:8b:14:23:af:f1:ab:c7:ef:4e:3f:16:4b:dc:
5e:72:f5:60:ab:85:71:42:9a:ac:13:cf:9e:3d:18:
9c:14:20:58:c2:53:16:36:a8:99:e4:23:63:12:f8:
cc:a0:13:93:7d:cd:97:b8:7c:e2:df:f6:dd:4a:21:
c2:70:3a:16:1c:21:2f:99:17:b4:b5:c4:6c:8b:21:
a1:24:68:02:f9:6d:69:f2:00:57:43:36:d6:1c:d4:
b1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CE:C4:21:D4:CE:FC:EF:28:D4:31:FE:24:A3:2F:37:A8:F5:44:EE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SM7EIdTO_O8o1DH-JKMvN6j1RO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0-178.210.236.255
178.210.238.0-178.210.255.255
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
ba:1d:63:fe:e3:b9:cc:df:05:55:0f:3d:35:5e:6d:da:ee:91:
2c:b5:62:83:65:09:44:ed:f5:12:c8:5f:b4:4b:62:36:f7:4f:
54:71:46:47:a1:0c:69:95:0b:47:18:af:96:f5:5f:9a:9e:08:
92:4a:45:f5:17:0b:e2:19:70:b9:3e:d9:9c:5c:23:82:ec:d1:
ed:0c:13:5e:a2:a3:13:a3:b2:0d:bd:93:32:c4:6e:b1:d2:42:
31:39:b4:9c:8f:4c:bc:75:a8:03:36:69:51:2c:ae:62:ca:ca:
50:43:3c:59:9d:3e:f6:1e:59:ea:b0:50:e9:01:9a:5f:46:1a:
5a:ff:a7:6b:3b:a7:61:90:03:db:b3:d6:3f:65:46:1c:83:a8:
fd:72:e8:e5:43:39:28:1b:3c:ef:04:2f:b9:34:44:6b:55:37:
76:ad:0a:fb:68:f5:9d:75:37:ae:a7:7f:f4:64:5e:fe:65:ab:
b9:97:df:b4:5e:48:38:d2:15:4f:d4:35:49:0c:a6:f4:08:7f:
52:52:93:b9:d9:13:ff:3a:5a:77:51:9c:b0:2b:d5:51:61:ce:
e1:c7:82:44:08:0a:67:8f:b5:33:97:8d:ff:0a:ed:d7:0f:fc:
36:05:71:87:5c:9c:a9:44:8f:35:79:78:0c:c0:c7:dc:e4:d5:
84:9c:c3:d7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAY6kaY91/OZb+jfMxCSXq2/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNDAzMTQ0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGNlYzQyMWQ0Y2VmY2VmMjhkNDMxZmUyNGEzMmYzN2E4ZjU0NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrNxNa2lDXp+2ViH0ChsHEaWDkrR
qMdyGbNuLKFoYu3s6JTa1MG4FGcMdYIs6hXGqYWr6g1Gbua1LlADKhV3QZBBhTrc
R6H3jqVH/7LSDepbSi8Bqp3m2t7MX/hu5/3sA7poq9CjogzmDPeLrdvY2zg3/4s/
9DXMG38vPFzAecZDMNAao6CRdsSnz1+bPOhmyTXs2iNwTXv4vVzyrPMB7ptTDKo6
MosUI6/xq8fvTj8WS9xecvVgq4VxQpqsE8+ePRicFCBYwlMWNqiZ5CNjEvjMoBOT
fc2XuHzi3/bdSiHCcDoWHCEvmRe0tcRsiyGhJGgC+W1p8gBXQzbWHNSxvQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFEjOxCHUzvzvKNQx/iSjLzeo9UTuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvU003RUlkVE9fTzhvMURILUpLTXZONmoxUk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzCBhQQCAAEwfzAMAwQA
LQmpAwQCLQmoAwQBLQ4KAwQALVhdMAwDBARN8pADBABN8pQDBABN8pcDBABY0cED
BABY0cQDBABY0dADBABY0dIDBAJY0dQDBANcNNADBABcNNswDAMEBbLS4AMEALLS
7DALAwQBstLuAwMAstIDBAOy+MgDBADBin0wDQQCAAIwBwMFAyoAH0AwDQYJKoZI
hvcNAQELBQADggEBALodY/7juczfBVUPPTVebdrukSy1YoNlCUTt9RLIX7RLYjb3
T1RxRkehDGmVC0cYr5b1X5qeCJJKRfUXC+IZcLk+2ZxcI4Ls0e0ME16ioxOjsg29
kzLEbrHSQjE5tJyPTLx1qAM2aVEsrmLKylBDPFmdPvYeWeqwUOkBml9GGlr/p2s7
p2GQA9uz1j9lRhyDqP1y6OVDOSgbPO8EL7k0RGtVN3atCvto9Z11N66nf/RkXv5l
q7mX37ReSDjSFU/UNUkMpvQIf1JSk7nZE/86WndRnLAr1VFhzuHHgkQICmePtTOX
jf8K7dcP/DYFcYdcnKlEjzV5eAzAx9zk1YScw9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org