Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/smhd_NZ-KoW3Y6uODIxzBKlBaQc.roa
File: smhd_NZ-KoW3Y6uODIxzBKlBaQc.roa (raw, json)
Hash identifier: yegU3PCy3EcmkTLCt3FcyMxMhswAs0Qg7os1NMEF20M=
Subject key identifier: B2:68:5D:FC:D6:7E:2A:85:B7:63:AB:8E:0C:8C:73:04:A9:41:69:07
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 02C8F567
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/smhd_NZ-KoW3Y6uODIxzBKlBaQc.roa
Signing time: Wed 19 Jan 2022 20:32:04 +0000
ROA not before: Wed 19 Jan 2022 20:32:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 89.42.215.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46724455 (0x2c8f567)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 19 20:32:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2685dfcd67e2a85b763ab8e0c8c7304a9416907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:2e:1b:83:ad:b3:6d:96:89:e3:b6:87:92:
15:04:b9:32:77:6a:d2:70:a2:fd:8b:07:ce:48:92:
d5:6e:39:ed:3f:de:3a:33:89:54:5f:8f:2b:32:7a:
c9:fe:1e:68:38:b7:c2:6b:4b:4f:aa:3a:17:09:90:
1f:87:21:e2:83:c1:36:90:a6:19:63:dd:71:07:5b:
85:35:c6:88:76:5e:a3:b9:c4:0e:ae:b9:10:4e:58:
51:9c:b2:f4:ee:35:f2:3e:b1:f1:83:17:7d:e1:31:
dc:bf:8e:85:81:41:09:f4:1d:f9:0e:eb:f1:84:cb:
26:47:59:83:24:bc:09:11:46:eb:ef:32:a3:fe:53:
28:ce:a4:30:f1:f1:a3:63:63:3d:07:f5:38:64:0d:
2d:6f:af:4b:59:67:1e:21:b6:34:cf:40:0f:f6:b3:
48:85:19:11:cf:37:27:be:6a:0b:31:7e:1b:32:d7:
50:70:41:b6:50:5c:68:e4:81:c0:7c:ed:88:33:96:
4b:f6:9d:40:74:dc:5d:d1:4c:62:2c:79:cd:65:c8:
46:4b:0d:f1:ac:cf:11:26:af:2f:cd:7a:8e:cb:bb:
0b:a6:b3:48:26:6a:3f:2b:26:b8:2c:9f:b2:46:fc:
ce:1a:d0:df:98:88:46:9a:77:28:b1:f4:23:63:83:
03:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:68:5D:FC:D6:7E:2A:85:B7:63:AB:8E:0C:8C:73:04:A9:41:69:07
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/smhd_NZ-KoW3Y6uODIxzBKlBaQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.43.0/24
89.42.215.0/24
93.114.69.0/24
176.223.181.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:80:79:13:7f:25:81:38:22:f5:98:a0:4f:c3:e8:b2:1d:9b:
46:55:79:09:31:ca:49:bc:26:a4:53:32:ac:83:44:aa:5c:b0:
4b:6d:00:08:d5:d5:17:d1:f0:74:9a:bb:81:4a:d1:69:51:37:
a8:9d:44:d0:13:54:5c:6a:60:f4:63:0d:5c:d5:d7:ca:b6:f0:
03:7b:b4:54:25:01:3c:c1:fd:8e:a0:f0:65:f7:55:1e:cd:9e:
ef:f5:52:6a:d6:c5:de:c8:1f:17:66:74:69:c6:38:75:77:be:
4e:3a:ec:b5:e2:72:4b:d8:f6:42:1d:2c:7f:bf:7f:f8:b6:7d:
82:13:ac:40:af:4f:7d:22:b0:00:8d:71:fa:9b:d6:e7:04:c5:
4d:ab:8d:4c:a5:65:f0:94:38:83:84:57:c6:99:8a:df:8c:8b:
64:b9:57:f6:73:54:56:31:0c:9d:e5:69:b1:22:08:c6:46:c6:
03:d3:0c:11:ac:82:0c:64:04:48:a3:fc:71:92:21:2c:30:79:
cb:3b:38:08:27:e8:6d:f2:46:21:c9:e8:71:74:cc:2f:ef:6b:
98:5b:19:f4:20:90:00:c4:3e:d2:ee:4a:cc:c6:d9:ec:61:4a:
81:ca:93:29:70:73:59:f3:4c:88:01:18:d1:1e:eb:fd:92:1a:
71:0f:02:04
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAsj1ZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDEx
OTIwMzIwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI2ODVkZmNkNjdl
MmE4NWI3NjNhYjhlMGM4YzczMDRhOTQxNjkwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqrLhuDrbNtlonjtoeSFQS5Mndq0nCi/YsHzkiS1W457T/e
OjOJVF+PKzJ6yf4eaDi3wmtLT6o6FwmQH4ch4oPBNpCmGWPdcQdbhTXGiHZeo7nE
Dq65EE5YUZyy9O418j6x8YMXfeEx3L+OhYFBCfQd+Q7r8YTLJkdZgyS8CRFG6+8y
o/5TKM6kMPHxo2NjPQf1OGQNLW+vS1lnHiG2NM9AD/azSIUZEc83J75qCzF+GzLX
UHBBtlBcaOSBwHztiDOWS/adQHTcXdFMYix5zWXIRksN8azPESavL816jsu7C6az
SCZqPysmuCyfskb8zhrQ35iIRpp3KLH0I2ODA/ECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSyaF381n4qhbdjq44MjHMEqUFpBzAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L3NtaGRfTlotS29XM1k2dU9ESXh6QktsQmFRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFkoKwMEAFkq1wMEAF1yRQMEALDf
tQMEALzT+TANBgkqhkiG9w0BAQsFAAOCAQEAH4B5E38lgTgi9ZigT8Posh2bRlV5
CTHKSbwmpFMyrINEqlywS20ACNXVF9HwdJq7gUrRaVE3qJ1E0BNUXGpg9GMNXNXX
yrbwA3u0VCUBPMH9jqDwZfdVHs2e7/VSatbF3sgfF2Z0acY4dXe+TjrsteJyS9j2
Qh0sf79/+LZ9ghOsQK9PfSKwAI1x+pvW5wTFTauNTKVl8JQ4g4RXxpmK34yLZLlX
9nNUVjEMneVpsSIIxkbGA9MMEayCDGQESKP8cZIhLDB5yzs4CCfobfJGIcnocXTM
L+9rmFsZ9CCQAMQ+0u5KzMbZ7GFKgcqTKXBzWfNMiAEY0R7r/ZIacQ8CBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:15 2024 by rpki-client on console-fra.rpki-client.org