Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/3xmOr6sRkW2VqxGS-ZIw4X0VVwg.roa
File: 3xmOr6sRkW2VqxGS-ZIw4X0VVwg.roa (raw, json)
Hash identifier: GtubX85FGK7pwMFUX3gYvMOvJe06nvnwEh9OpOTTmS0=
Subject key identifier: DF:19:8E:AF:AB:11:91:6D:95:AB:11:92:F9:92:30:E1:7D:15:57:08
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0181DCD1276F8164838A1FF5E6F09AB9C911
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/3xmOr6sRkW2VqxGS-ZIw4X0VVwg.roa
Signing time: Fri 08 Jul 2022 07:58:23 +0000
ROA not before: Fri 08 Jul 2022 07:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59432
IP address blocks: 166.108.216.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dc:d1:27:6f:81:64:83:8a:1f:f5:e6:f0:9a:b9:c9:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jul 8 07:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df198eafab11916d95ab1192f99230e17d155708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5b:a9:09:d5:08:c5:5b:a8:96:25:8b:e8:c7:
ef:12:c3:d6:49:46:0f:46:57:da:06:30:1c:da:80:
5b:03:50:55:f2:da:3f:9d:34:d7:fc:7f:08:f5:a4:
67:79:70:d9:bf:82:6c:3e:f8:6d:c8:aa:e2:b8:24:
61:79:0e:ac:5f:45:17:fe:99:c7:50:ac:40:f3:3e:
7f:a8:18:53:8b:0f:5f:2f:87:e6:0d:5e:6a:2c:02:
bc:8a:9a:d7:8a:4d:49:75:eb:5c:00:83:5b:cb:58:
aa:d9:04:fd:f2:ba:ac:6b:44:9f:9f:54:d9:38:43:
62:da:46:09:60:c0:62:f0:10:2a:4d:02:d5:51:07:
30:b9:54:33:38:d7:c7:c6:e5:18:e0:64:cb:7c:33:
70:1a:8d:c4:aa:9a:d7:6a:ee:a7:a6:29:f8:7c:29:
59:19:30:10:6f:46:75:92:23:05:08:85:71:95:46:
74:21:7f:e2:46:2a:07:9d:37:a0:5c:27:71:c2:2e:
b9:b1:8e:9d:e8:26:5d:91:9e:d8:10:37:b8:d1:20:
ec:2c:85:81:a3:37:50:28:3c:46:98:e2:32:4a:4b:
56:4c:a5:06:a7:26:2c:1e:54:6a:1e:c5:ca:fa:5e:
79:47:4b:02:b5:9d:8f:a3:a3:da:18:b1:9b:24:16:
09:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:19:8E:AF:AB:11:91:6D:95:AB:11:92:F9:92:30:E1:7D:15:57:08
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/3xmOr6sRkW2VqxGS-ZIw4X0VVwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.216.0/23
Signature Algorithm: sha256WithRSAEncryption
30:73:6c:1a:e6:85:17:40:01:11:a4:58:e4:da:0d:2a:0c:2e:
5e:99:e4:42:95:3b:d0:18:45:26:3b:75:ec:26:29:06:a1:ec:
18:fb:31:8a:7f:53:35:19:7a:14:6b:ec:6b:28:be:1a:33:14:
49:68:b9:d6:67:e4:6e:48:fe:0d:06:44:93:86:c0:fd:a1:c0:
aa:f7:e0:37:6b:12:7d:ea:46:8e:62:c6:39:7c:ec:75:e4:47:
95:b1:27:b0:81:76:50:b3:76:1f:9c:0f:d2:05:37:18:00:ef:
33:5a:9b:04:65:fe:42:e7:17:8f:17:5f:7a:5c:a6:cc:b6:08:
f0:52:4b:72:05:37:34:85:a6:6e:c5:33:f5:c0:f6:ab:58:32:
58:be:45:40:49:dd:23:00:05:c3:0e:28:23:ba:dd:f8:1c:fd:
99:10:86:31:93:e2:ef:95:95:40:51:0e:61:21:d9:32:e9:11:
3b:26:52:4d:56:97:95:97:43:bb:21:f3:92:4c:8a:e3:f3:5e:
3e:68:fb:22:bb:5d:bf:7a:86:cd:7e:c7:22:17:91:a1:4a:dc:
a5:df:b1:59:4e:87:ca:fd:d3:29:be:66:79:58:ec:dd:4e:37:
ea:d2:c9:96:3c:c3:8c:55:79:32:d3:e4:34:00:f7:88:07:17:
9b:84:c4:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHc0SdvgWSDih/15vCauckRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwNzA4MDc1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE5OGVhZmFiMTE5MTZkOTVhYjExOTJmOTkyMzBlMTdkMTU1NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFupCdUIxVuoliWL6MfvEsPWSUYP
RlfaBjAc2oBbA1BV8to/nTTX/H8I9aRneXDZv4JsPvhtyKriuCRheQ6sX0UX/pnH
UKxA8z5/qBhTiw9fL4fmDV5qLAK8iprXik1JdetcAINby1iq2QT98rqsa0Sfn1TZ
OENi2kYJYMBi8BAqTQLVUQcwuVQzONfHxuUY4GTLfDNwGo3EqprXau6npin4fClZ
GTAQb0Z1kiMFCIVxlUZ0IX/iRioHnTegXCdxwi65sY6d6CZdkZ7YEDe40SDsLIWB
ozdQKDxGmOIySktWTKUGpyYsHlRqHsXK+l55R0sCtZ2Po6PaGLGbJBYJfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8Zjq+rEZFtlasRkvmSMOF9FVcIMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvM3htT3I2c1JrVzJWcXhHUy1aSXc0WDBWVndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBpmzYMA0G
CSqGSIb3DQEBCwUAA4IBAQAwc2wa5oUXQAERpFjk2g0qDC5emeRClTvQGEUmO3Xs
JikGoewY+zGKf1M1GXoUa+xrKL4aMxRJaLnWZ+RuSP4NBkSThsD9ocCq9+A3axJ9
6kaOYsY5fOx15EeVsSewgXZQs3YfnA/SBTcYAO8zWpsEZf5C5xePF196XKbMtgjw
UktyBTc0haZuxTP1wParWDJYvkVASd0jAAXDDigjut34HP2ZEIYxk+LvlZVAUQ5h
Idky6RE7JlJNVpeVl0O7IfOSTIrj814+aPsiu12/eobNfsciF5GhStyl37FZTofK
/dMpvmZ5WOzdTjfq0smWPMOMVXky0+Q0APeIBxebhMTA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org