Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/1-AuIMlbbtOtb6mg9Rgh5Vgczz34.roa
File: 1-AuIMlbbtOtb6mg9Rgh5Vgczz34.roa (raw, json)
Hash identifier: yhZB9vba3a1OmHDRGt57HpHz8/gbridYBl/kC7D/krk=
Subject key identifier: F8:0B:88:32:56:DB:B4:EB:5B:EA:68:3D:46:08:79:56:07:33:CF:7E
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01828BFA2278CD19392DC1CCF640F754CD5B
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/1-AuIMlbbtOtb6mg9Rgh5Vgczz34.roa
Signing time: Thu 11 Aug 2022 08:16:42 +0000
ROA not before: Thu 11 Aug 2022 08:16:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.248.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:fa:22:78:cd:19:39:2d:c1:cc:f6:40:f7:54:cd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Aug 11 08:16:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f80b883256dbb4eb5bea683d460879560733cf7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5b:b7:de:e8:a3:8a:bc:62:9a:f2:00:8c:65:
95:a5:25:2f:2d:11:0a:b2:cb:37:ca:fb:51:82:e5:
cf:42:cd:72:59:d8:0f:62:e6:5f:7f:ff:9f:27:08:
79:dd:15:84:60:d3:d0:2f:ac:eb:b3:be:74:63:46:
3a:e3:40:c9:fe:24:ec:aa:b5:47:fe:d1:05:df:de:
94:5c:97:b0:ac:70:a3:53:7b:b5:e4:2f:9d:d5:96:
ca:ac:45:46:65:96:59:e3:95:74:ed:b7:b9:f3:30:
aa:66:ca:8c:29:31:38:1a:b0:6c:d0:95:08:65:26:
e4:25:b7:81:5a:3e:c9:b3:a8:c1:73:9f:c0:0e:10:
0b:6b:27:76:09:02:80:6b:21:8c:f4:e2:03:73:e0:
46:87:64:9c:af:bc:69:5b:d4:c1:f7:86:0c:2a:41:
ba:df:40:5f:e7:4c:20:dd:78:1f:f1:5d:69:30:7e:
46:25:23:37:88:82:2e:7d:2a:ad:a3:5e:b9:b4:c7:
a1:5d:5e:9e:e5:94:f2:3b:e3:00:58:1e:0f:50:60:
84:b7:b9:80:d1:5f:04:bb:ce:33:2c:44:25:3c:7c:
b5:9b:c5:89:0d:3b:25:c2:33:6d:12:5a:ae:1f:67:
41:f9:b4:7f:ea:38:4c:f8:d5:9b:c0:8f:94:8c:0b:
81:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0B:88:32:56:DB:B4:EB:5B:EA:68:3D:46:08:79:56:07:33:CF:7E
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/1-AuIMlbbtOtb6mg9Rgh5Vgczz34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.192.0-166.108.203.255
166.108.242.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
92:f6:f4:f6:41:02:7e:af:8b:34:81:c0:6f:ad:2b:75:b4:f2:
9c:2c:01:aa:30:ca:35:5c:25:43:f6:eb:55:1f:53:6c:e1:6c:
c7:6e:e8:6c:64:54:56:28:ff:f4:38:bb:78:35:b9:f9:c2:12:
1e:9b:4f:ca:fa:ae:b3:e3:d6:b9:9a:ac:db:db:5f:84:b4:65:
ec:5f:d5:fa:c4:89:e7:e4:4c:67:29:66:96:44:eb:d5:0e:90:
69:ae:d7:6d:38:0b:a9:5f:f6:76:fd:c0:a2:4c:11:0e:bc:3f:
dc:7a:70:07:97:b1:53:3c:6a:06:59:55:e9:42:32:d2:d8:b1:
35:5c:98:8e:98:38:e6:f1:c8:35:3b:e4:f8:d0:5c:97:4d:c2:
9b:55:61:85:1c:5a:20:68:dd:76:5d:46:b3:f0:70:e9:a1:8d:
ad:90:3c:03:52:97:6a:fd:60:58:4f:90:94:87:98:38:45:ba:
0a:7d:6e:f2:72:a8:fc:ca:52:b0:b4:d5:d4:8f:b8:8f:37:99:
6d:88:aa:8c:a4:39:c9:69:1b:18:c4:92:4b:fc:98:ca:5e:9c:
99:ff:35:e1:46:0c:0b:96:f7:85:99:02:01:8c:08:96:66:41:
9c:f5:21:76:0c:bb:a9:e8:70:99:b8:e5:22:2c:2b:a8:38:3e:
69:4b:56:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYKL+iJ4zRk5LcHM9kD3VM1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwODExMDgxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBiODgzMjU2ZGJiNGViNWJlYTY4M2Q0NjA4Nzk1NjA3MzNjZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1u33uijirximvIAjGWVpSUvLREK
sss3yvtRguXPQs1yWdgPYuZff/+fJwh53RWEYNPQL6zrs750Y0Y640DJ/iTsqrVH
/tEF396UXJewrHCjU3u15C+d1ZbKrEVGZZZZ45V07be58zCqZsqMKTE4GrBs0JUI
ZSbkJbeBWj7Js6jBc5/ADhALayd2CQKAayGM9OIDc+BGh2Scr7xpW9TB94YMKkG6
30Bf50wg3Xgf8V1pMH5GJSM3iIIufSqto165tMehXV6e5ZTyO+MAWB4PUGCEt7mA
0V8Eu84zLEQlPHy1m8WJDTslwjNtElquH2dB+bR/6jhM+NWbwI+UjAuBfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPgLiDJW27TrW+poPUYIeVYHM89+MB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvMS1BdUlNbGJidE90YjZtZzlSZ2g1VmdjenozNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1
MS8xL21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQGpmzA
AwQCpmzIMAwDBAGmbPIDBACmbP4wDQYJKoZIhvcNAQELBQADggEBAJL29PZBAn6v
izSBwG+tK3W08pwsAaowyjVcJUP261UfU2zhbMdu6GxkVFYo//Q4u3g1ufnCEh6b
T8r6rrPj1rmarNvbX4S0Zexf1frEiefkTGcpZpZE69UOkGmu1204C6lf9nb9wKJM
EQ68P9x6cAeXsVM8agZZVelCMtLYsTVcmI6YOObxyDU75PjQXJdNwptVYYUcWiBo
3XZdRrPwcOmhja2QPANSl2r9YFhPkJSHmDhFugp9bvJyqPzKUrC01dSPuI83mW2I
qoykOclpGxjEkkv8mMpenJn/NeFGDAuW94WZAgGMCJZmQZz1IXYMu6nocJm45SIs
K6g4PmlLVq0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org