Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7OU2JtbhOis7QGn0w43XpDYcNdw.roa
File: 7OU2JtbhOis7QGn0w43XpDYcNdw.roa (raw, json)
Hash identifier: +lQxajp0vRc8L1MpfehqGfjNi+Otdy+IGdpV22n588s=
Subject key identifier: EC:E5:36:26:D6:E1:3A:2B:3B:40:69:F4:C3:8D:D7:A4:36:1C:35:DC
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01862AF5143B2325AB3CDF566AC9312EAE6F
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7OU2JtbhOis7QGn0w43XpDYcNdw.roa
Signing time: Tue 07 Feb 2023 08:19:09 +0000
ROA not before: Tue 07 Feb 2023 08:19:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:f5:14:3b:23:25:ab:3c:df:56:6a:c9:31:2e:ae:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 7 08:19:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece53626d6e13a2b3b4069f4c38dd7a4361c35dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ea:7d:29:aa:c6:7f:0c:98:a6:ba:e1:87:20:
85:5f:34:ad:df:ed:cb:57:c8:e5:49:e4:8b:94:a4:
2b:bd:72:57:c0:64:e9:6b:db:58:fc:76:4b:f7:07:
72:b2:d0:69:e6:3f:b0:12:08:9c:87:11:18:bd:db:
6f:7d:ca:02:c5:5a:a1:b0:d0:dd:d1:9a:12:6a:39:
82:cd:2b:1a:bb:d3:e5:e9:97:54:87:ad:b3:06:29:
18:85:d8:c3:bd:62:60:f6:53:03:42:d3:06:d3:51:
8b:ec:0b:62:89:ef:f6:16:27:68:57:1c:35:ce:78:
bd:f0:92:8f:47:ee:ed:39:e1:47:28:c5:1d:72:b7:
90:ac:a4:5f:94:42:8c:a1:c3:4e:22:9a:2f:6f:78:
70:e5:51:d5:67:1b:41:ce:87:1c:82:77:0f:9c:fd:
f3:06:f9:15:5e:f4:05:b3:78:19:0f:45:7d:b3:c4:
5e:bd:a5:9a:59:6e:af:15:97:16:75:d1:f9:a9:36:
0c:83:ce:cf:d1:91:51:47:6b:e0:16:41:2c:90:a8:
18:67:32:2f:d3:5d:82:cd:4a:f6:d1:98:12:d6:f7:
dd:04:dd:99:26:aa:cd:7f:da:aa:d1:0b:ef:dd:f5:
bb:c9:18:e7:eb:81:55:09:58:8a:89:dc:c5:93:9d:
d9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E5:36:26:D6:E1:3A:2B:3B:40:69:F4:C3:8D:D7:A4:36:1C:35:DC
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7OU2JtbhOis7QGn0w43XpDYcNdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.254.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:b0:27:55:0b:dc:00:94:8d:17:c4:b5:28:79:2d:f5:00:72:
4a:b3:55:9b:9e:80:1a:90:93:1e:2a:45:3a:c0:a8:a7:45:84:
d6:14:f0:9b:99:57:9b:d4:90:bc:09:c7:90:2f:00:ac:fd:5c:
ed:96:5a:7c:9f:81:1a:d8:35:c8:be:03:4e:c5:92:0c:7f:df:
fa:fe:af:8d:ee:4c:af:96:24:41:9f:46:9d:59:17:7a:34:af:
f5:b0:aa:ea:c6:8f:fc:02:71:4a:d1:e3:46:ed:90:03:8e:2f:
72:a9:3b:11:77:55:eb:72:45:68:49:45:f9:b3:4e:bd:f3:e1:
d0:b4:da:9f:0e:f8:1b:75:37:e2:7f:9c:45:21:04:29:e4:2c:
87:58:2b:df:cc:cc:a9:a3:69:66:9c:62:23:8a:a5:16:c2:f1:
6d:ca:97:4f:f0:a3:92:0c:99:14:d0:e7:0b:f5:e0:ed:de:6d:
85:3f:32:d7:d2:db:34:0c:01:c7:1e:d5:45:76:3e:b0:04:07:
62:a1:67:a9:50:84:1b:86:2f:a7:f9:1f:1c:71:ee:c6:93:06:
85:47:63:d2:8e:db:d5:47:73:ef:ba:c8:07:34:54:fe:45:bb:
c3:a5:26:19:83:9e:a6:41:47:a2:80:0c:59:4e:81:d8:4f:13:
7c:9e:bd:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYq9RQ7IyWrPN9WaskxLq5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMjA3MDgxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2U1MzYyNmQ2ZTEzYTJiM2I0MDY5ZjRjMzhkZDdhNDM2MWMzNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtup9KarGfwyYprrhhyCFXzSt3+3L
V8jlSeSLlKQrvXJXwGTpa9tY/HZL9wdystBp5j+wEgichxEYvdtvfcoCxVqhsNDd
0ZoSajmCzSsau9Pl6ZdUh62zBikYhdjDvWJg9lMDQtMG01GL7Atiie/2FidoVxw1
zni98JKPR+7tOeFHKMUdcreQrKRflEKMocNOIpovb3hw5VHVZxtBzoccgncPnP3z
BvkVXvQFs3gZD0V9s8RevaWaWW6vFZcWddH5qTYMg87P0ZFRR2vgFkEskKgYZzIv
012CzUr20ZgS1vfdBN2ZJqrNf9qq0Qvv3fW7yRjn64FVCViKidzFk53ZHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzlNibW4TorO0Bp9MON16Q2HDXcMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvN09VMkp0YmhPaXM3UUduMHc0M1hwRFljTmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApmz+MA0G
CSqGSIb3DQEBCwUAA4IBAQC2sCdVC9wAlI0XxLUoeS31AHJKs1WbnoAakJMeKkU6
wKinRYTWFPCbmVeb1JC8CceQLwCs/Vztllp8n4Ea2DXIvgNOxZIMf9/6/q+N7kyv
liRBn0adWRd6NK/1sKrqxo/8AnFK0eNG7ZADji9yqTsRd1XrckVoSUX5s0698+HQ
tNqfDvgbdTfif5xFIQQp5CyHWCvfzMypo2lmnGIjiqUWwvFtypdP8KOSDJkU0OcL
9eDt3m2FPzLX0ts0DAHHHtVFdj6wBAdioWepUIQbhi+n+R8cce7GkwaFR2PSjtvV
R3PvusgHNFT+RbvDpSYZg56mQUeigAxZToHYTxN8nr0D
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org