Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/2VhMuu2kri-Ep80y0w_nMQmAgbg.roa
File: 2VhMuu2kri-Ep80y0w_nMQmAgbg.roa (raw, json)
Hash identifier: iw9liGVKLmb1vlMhSTF6bkjYZKliZ0lNwF2A7U51q/0=
Subject key identifier: D9:58:4C:BA:ED:A4:AE:2F:84:A7:CD:32:D3:0F:E7:31:09:80:81:B8
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06691224
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/2VhMuu2kri-Ep80y0w_nMQmAgbg.roa
Signing time: Fri 11 Feb 2022 07:39:20 +0000
ROA not before: Fri 11 Feb 2022 07:39:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 166.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107549220 (0x6691224)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 11 07:39:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9584cbaeda4ae2f84a7cd32d30fe731098081b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:57:7d:36:ca:22:f5:d2:08:38:3c:17:8b:e8:
5b:cf:e6:81:4b:f7:3e:6c:a9:3d:6a:0c:7c:21:85:
b5:72:85:81:48:15:4b:5a:1b:b1:2e:b8:c4:e8:c6:
14:44:9f:4b:a4:fd:df:22:d7:d9:d8:d9:48:80:e7:
5e:07:ee:d9:d1:d8:9e:63:25:c7:a3:7b:18:2e:19:
c6:76:55:dd:49:c1:fa:c8:ca:a1:0d:35:d5:31:ee:
52:71:4e:fd:cc:2e:c9:d3:35:02:87:92:34:6f:7f:
5c:89:be:63:dd:2c:40:19:01:ae:d7:0f:74:12:2a:
25:3f:79:e2:a4:6d:af:7a:4f:fc:40:1d:f8:98:f0:
5b:7b:3e:5a:6a:50:43:95:ed:6b:5d:bf:15:c7:93:
25:17:d6:f6:ed:e7:12:d5:1b:c2:a7:13:a1:55:36:
20:c7:1c:3a:36:2a:dd:91:a1:30:cd:ea:2f:e4:6c:
49:b8:38:f8:53:eb:e0:55:c2:c6:c0:c2:65:e2:86:
27:8c:51:f2:71:b9:fd:dc:14:2f:40:dd:b4:4f:85:
c4:b9:99:00:96:4e:4f:6c:0d:23:8b:f5:5c:db:3d:
e0:7e:57:ae:5d:86:9f:72:16:a6:75:9f:c3:f3:19:
b0:9c:ce:49:d2:58:f3:15:dc:7b:64:cc:33:7d:47:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:58:4C:BA:ED:A4:AE:2F:84:A7:CD:32:D3:0F:E7:31:09:80:81:B8
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/2VhMuu2kri-Ep80y0w_nMQmAgbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.204.0/22
Signature Algorithm: sha256WithRSAEncryption
60:08:fe:77:6d:ad:82:ab:ea:b0:3f:34:ec:c5:cb:1c:c6:6c:
45:3a:34:bb:1e:09:01:65:62:ad:55:85:98:53:a2:2a:a1:b8:
3f:21:62:35:28:72:8b:8c:4c:5d:46:31:39:d5:2c:3f:13:64:
a4:37:d2:6b:7b:54:90:7c:e0:2d:f9:ec:33:a3:d5:5c:d3:3f:
7e:56:63:17:c5:ef:16:6d:ad:d1:20:7d:13:26:67:4d:d6:d2:
c2:2e:95:58:c1:31:37:dd:3f:6c:54:c5:61:9a:1b:67:e6:22:
e2:ca:04:80:64:62:e2:98:04:fb:47:2c:72:77:b1:0e:fe:bb:
ae:09:f9:bf:fc:99:4f:b4:ca:83:57:0d:be:98:16:4e:90:f9:
d9:58:a5:72:c2:fe:22:d8:32:99:f8:30:43:71:da:e6:f7:15:
cc:89:6d:2c:ed:d7:fa:ed:c7:2f:ac:dd:df:52:ec:22:37:61:
8a:25:9d:98:3f:5c:c5:8c:0f:5a:9f:2a:4f:03:18:88:42:f0:
7a:d8:94:da:1e:df:8e:37:f5:d8:7a:4c:84:81:9e:7b:35:17:
d2:ae:e9:53:40:6d:1d:71:eb:77:05:0d:be:a5:01:0c:e8:b7:
1c:1a:d1:fb:48:ac:32:2d:f8:dc:2e:6d:43:d3:67:35:b2:11:
10:c2:a2:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmkSJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDIx
MTA3MzkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk1ODRjYmFlZGE0
YWUyZjg0YTdjZDMyZDMwZmU3MzEwOTgwODFiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtXfTbKIvXSCDg8F4voW8/mgUv3PmypPWoMfCGFtXKFgUgV
S1obsS64xOjGFESfS6T93yLX2djZSIDnXgfu2dHYnmMlx6N7GC4ZxnZV3UnB+sjK
oQ011THuUnFO/cwuydM1AoeSNG9/XIm+Y90sQBkBrtcPdBIqJT954qRtr3pP/EAd
+JjwW3s+WmpQQ5Xta12/FceTJRfW9u3nEtUbwqcToVU2IMccOjYq3ZGhMM3qL+Rs
Sbg4+FPr4FXCxsDCZeKGJ4xR8nG5/dwUL0DdtE+FxLmZAJZOT2wNI4v1XNs94H5X
rl2Gn3IWpnWfw/MZsJzOSdJY8xXce2TMM31Hm0ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZWEy67aSuL4SnzTLTD+cxCYCBuDAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
LzJWaE11dTJrcmktRXA4MHkwd19uTVFtQWdiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqZszDANBgkqhkiG9w0BAQsFAAOC
AQEAYAj+d22tgqvqsD807MXLHMZsRTo0ux4JAWVirVWFmFOiKqG4PyFiNShyi4xM
XUYxOdUsPxNkpDfSa3tUkHzgLfnsM6PVXNM/flZjF8XvFm2t0SB9EyZnTdbSwi6V
WMExN90/bFTFYZobZ+Yi4soEgGRi4pgE+0cscnexDv67rgn5v/yZT7TKg1cNvpgW
TpD52VilcsL+ItgymfgwQ3Ha5vcVzIltLO3X+u3HL6zd31LsIjdhiiWdmD9cxYwP
Wp8qTwMYiELwetiU2h7fjjf12HpMhIGeezUX0q7pU0BtHXHrdwUNvqUBDOi3HBrR
+0isMi343C5tQ9NnNbIREMKi7g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:48 2025 by rpki-client