Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2dffd828-1b92-3c65-95b6-fbdfd07f3c3c.roa
File: 2dffd828-1b92-3c65-95b6-fbdfd07f3c3c.roa (raw, json)
Hash identifier: B01kssu+G2ZlNejulZv5d5sLPevHYXbtahFyoMnXaUc=
Subject key identifier: 23:12:DE:90:21:2D:3C:5D:3E:1A:C9:B0:73:47:BE:65:0B:3F:8D:09
Certificate issuer: /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial: 010D0C9F4328583F64FC64F25B43A818F62E2CD0
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2dffd828-1b92-3c65-95b6-fbdfd07f3c3c.roa
Signing time: Wed 26 Aug 2020 17:55:28 +0000
ROA not before: Wed 26 Aug 2020 17:55:28 +0000
ROA not after: Tue 31 Dec 2024 05:00:00 +0000
asID: 212238
IP address blocks: 166.88.91.0/24 maxlen: 24
166.88.65.0/24 maxlen: 24
166.88.37.0/24 maxlen: 24
166.88.84.0/24 maxlen: 24
166.88.89.0/24 maxlen: 24
166.88.93.0/24 maxlen: 24
166.88.123.0/24 maxlen: 24
166.88.135.0/24 maxlen: 24
166.88.140.0/24 maxlen: 24
172.120.0.0/24 maxlen: 24
172.120.1.0/24 maxlen: 24
172.120.7.0/24 maxlen: 24
172.120.10.0/24 maxlen: 24
172.120.18.0/24 maxlen: 24
172.121.2.0/24 maxlen: 24
172.121.8.0/24 maxlen: 24
172.121.14.0/24 maxlen: 24
172.121.15.0/24 maxlen: 24
172.121.22.0/24 maxlen: 24
172.121.26.0/24 maxlen: 24
172.121.29.0/24 maxlen: 24
172.121.31.0/24 maxlen: 24
172.121.96.0/24 maxlen: 24
172.121.128.0/24 maxlen: 24
172.121.132.0/24 maxlen: 24
172.121.145.0/24 maxlen: 24
172.121.151.0/24 maxlen: 24
172.121.157.0/24 maxlen: 24
172.121.242.0/24 maxlen: 24
172.121.250.0/24 maxlen: 24
172.252.5.0/24 maxlen: 24
166.88.82.0/24 maxlen: 24
166.88.79.0/24 maxlen: 24
166.88.80.0/24 maxlen: 24
166.88.69.0/24 maxlen: 24
166.88.74.0/24 maxlen: 24
166.88.59.0/24 maxlen: 24
166.88.16.0/24 maxlen: 24
166.88.23.0/24 maxlen: 24
166.88.30.0/24 maxlen: 24
166.88.38.0/24 maxlen: 24
166.88.39.0/24 maxlen: 24
166.88.56.0/24 maxlen: 24
166.88.60.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:3f:64:fc:64:f2:5b:43:a8:18:f6:2e:2c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
Validity
Not Before: Aug 26 17:55:28 2020 GMT
Not After : Dec 31 05:00:00 2024 GMT
Subject: CN=e105b50e-d7f2-4b1b-96c6-b37bc90747bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:e4:45:e1:ec:68:13:7b:75:b5:a8:d2:e2:
4b:6f:eb:19:75:76:56:6f:74:99:7e:b9:8c:fb:ca:
0f:6d:ca:a1:96:86:cb:81:0f:54:ad:84:32:c6:6e:
90:fc:1a:19:9d:95:6d:cb:e7:c8:08:6b:5a:9f:59:
c2:5c:81:f5:60:2b:78:48:65:05:0f:3c:7a:84:db:
48:83:3c:81:a6:60:f4:3d:07:d8:60:16:0d:87:e5:
b8:c1:92:00:5c:81:35:a7:c3:8b:bf:29:7f:3d:6d:
2d:13:d4:ab:38:40:ef:6c:8d:f5:a8:8c:c7:a3:67:
8d:c1:bc:65:15:73:a9:e5:09:38:ef:97:4a:7c:18:
e1:0e:ae:6a:0a:bb:8b:6a:26:30:0a:5d:4f:41:87:
90:0e:de:c6:db:8f:45:b9:8e:b3:d8:c8:f3:6b:cd:
38:85:bd:00:98:3d:00:9e:91:07:e2:7b:8b:ff:32:
4c:df:98:e0:2e:e1:9e:5b:60:0e:a0:ad:94:a9:d5:
dd:18:06:17:5a:ab:96:6a:b9:d2:0b:b3:5b:9f:7d:
de:48:b8:0c:5b:a3:7e:ab:a3:54:bc:f2:ac:51:44:
b7:ea:80:01:c0:1d:df:e8:ae:32:71:ca:a4:21:e1:
60:2c:7e:3b:7c:fa:73:b7:f5:f0:57:f6:68:a2:04:
19:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:12:DE:90:21:2D:3C:5D:3E:1A:C9:B0:73:47:BE:65:0B:3F:8D:09
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2dffd828-1b92-3c65-95b6-fbdfd07f3c3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl
X509v3 Authority Key Identifier:
keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
sbgp-ipAddrBlock: critical
IPv4:
166.88.16.0/24
166.88.23.0/24
166.88.30.0/24
166.88.37.0-166.88.39.255
166.88.56.0/24
166.88.59.0-166.88.60.255
166.88.65.0/24
166.88.69.0/24
166.88.74.0/24
166.88.79.0-166.88.80.255
166.88.82.0/24
166.88.84.0/24
166.88.89.0/24
166.88.91.0/24
166.88.93.0/24
166.88.123.0/24
166.88.135.0/24
166.88.140.0/24
172.120.0.0/23
172.120.7.0/24
172.120.10.0/24
172.120.18.0/24
172.121.2.0/24
172.121.8.0/24
172.121.14.0/23
172.121.22.0/24
172.121.26.0/24
172.121.29.0/24
172.121.31.0/24
172.121.96.0/24
172.121.128.0/24
172.121.132.0/24
172.121.145.0/24
172.121.151.0/24
172.121.157.0/24
172.121.242.0/24
172.121.250.0/24
172.252.5.0/24
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
89:bd:d2:63:cd:95:a7:5a:4f:96:15:a8:ef:94:68:73:61:96:
7e:f7:e7:80:22:3e:f8:0f:00:64:19:a6:fa:fa:ff:76:5c:66:
5d:fc:78:6a:32:73:c1:75:d0:d9:05:b4:d5:51:f0:11:59:74:
0b:59:08:e2:98:ec:2c:a5:87:88:88:3e:15:e1:55:9c:9f:ae:
d7:2f:8c:98:a5:fc:97:1a:be:24:01:7f:e5:70:79:04:e9:65:
92:59:b8:f6:9f:65:37:9f:24:e4:af:02:f3:9d:d6:1a:32:5d:
2a:77:c0:56:0b:1b:71:2f:f6:e6:60:b2:05:e6:a9:08:fd:4d:
b6:84:c0:62:c2:1c:a4:c7:ad:bf:a1:6e:ed:39:ab:13:cc:70:
48:dc:a1:3d:34:f7:8a:62:65:c6:0f:e5:fe:f3:9c:2d:88:b3:
e2:64:2b:2e:5d:f0:05:c1:e8:9f:92:3a:7b:dd:eb:a1:15:4f:
3b:9f:f7:22:7f:3f:d2:51:6c:cc:b4:a8:88:76:51:97:33:3e:
52:6e:b8:52:18:6d:8a:d0:a1:87:7b:c7:fb:6d:af:38:d3:f1:
1b:18:ae:d8:50:a1:80:ea:5c:33:4a:cf:28:fd:4f:77:a7:9c:
db:3c:31:59:7f:80:7d:59:21:62:db:67:14:0b:5d:ea:c7:f6:
b4:f0:d6:01
-----BEGIN CERTIFICATE-----
MIIHQjCCBiqgAwIBAgIUAQ0Mn0MoWD9k/GTyW0OoGPYuLNAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMDgyNjE3NTUyOFoXDTI0MTIzMTA1MDAwMFowLzEtMCsGA1UEAxMk
ZTEwNWI1MGUtZDdmMi00YjFiLTk2YzYtYjM3YmM5MDc0N2JkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKnkReHsaBN7dbWo0uJLb+sZdXZWb3SZfrmM
+8oPbcqhlobLgQ9UrYQyxm6Q/BoZnZVty+fICGtan1nCXIH1YCt4SGUFDzx6hNtI
gzyBpmD0PQfYYBYNh+W4wZIAXIE1p8OLvyl/PW0tE9SrOEDvbI31qIzHo2eNwbxl
FXOp5Qk475dKfBjhDq5qCruLaiYwCl1PQYeQDt7G249FuY6z2Mjza804hb0AmD0A
npEH4nuL/zJM35jgLuGeW2AOoK2UqdXdGAYXWquWarnSC7Nbn33eSLgMW6N+q6NU
vPKsUUS36oABwB3f6K4yccqkIeFgLH47fPpzt/XwV/ZoogQZ2QIDAQABo4IEVDCC
BFAwHQYDVR0OBBYEFCMS3pAhLTxdPhrJsHNHvmULP40JMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMmRmZmQ4MjgtMWI5Mi0z
YzY1LTk1YjYtZmJkZmQwN2YzYzNjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCCAQMEAgABMIH8
AwQAplgQAwQAplgXAwQAplgeMAwDBACmWCUDBAOmWCADBACmWDgwDAMEAKZYOwME
AKZYPAMEAKZYQQMEAKZYRQMEAKZYSjAMAwQAplhPAwQAplhQAwQAplhSAwQAplhU
AwQAplhZAwQAplhbAwQAplhdAwQAplh7AwQApliHAwQApliMAwQBrHgAAwQArHgH
AwQArHgKAwQArHgSAwQArHkCAwQArHkIAwQBrHkOAwQArHkWAwQArHkaAwQArHkd
AwQArHkfAwQArHlgAwQArHmAAwQArHmEAwQArHmRAwQArHmXAwQArHmdAwQArHny
AwQArHn6AwQArPwFMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEF
BQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0
bWwwDQYJKoZIhvcNAQELBQADggEBAIm90mPNladaT5YVqO+UaHNhln7354AiPvgP
AGQZpvr6/3ZcZl38eGoyc8F10NkFtNVR8BFZdAtZCOKY7Cylh4iIPhXhVZyfrtcv
jJil/JcaviQBf+VweQTpZZJZuPafZTefJOSvAvOd1hoyXSp3wFYLG3Ev9uZgsgXm
qQj9TbaEwGLCHKTHrb+hbu05qxPMcEjcoT0094piZcYP5f7znC2Is+JkKy5d8AXB
6J+SOnvd66EVTzuf9yJ/P9JRbMy0qIh2UZczPlJuuFIYbYrQoYd7x/ttrzjT8RsY
rthQoYDqXDNKzyj9T3ennNs8MVl/gH1ZIWLbZxQLXerH9rTw1gE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:05 2024 by rpki-client on console-ams.rpki-client.org