Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7l5Q7OY0vObV7NfvOfKSa0-6gtE.roa
File: 7l5Q7OY0vObV7NfvOfKSa0-6gtE.roa (raw, json)
Hash identifier: EkxVnf+tbpRj3HLnIDJSNvrkBtGVVpV3uHyc5IbynSo=
Subject key identifier: EE:5E:50:EC:E6:34:BC:E6:D5:EC:D7:EF:39:F2:92:6B:4F:BA:82:D1
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01831679C925C04F5FFB3F859D50CCED422A
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7l5Q7OY0vObV7NfvOfKSa0-6gtE.roa
Signing time: Wed 07 Sep 2022 05:43:43 +0000
ROA not before: Wed 07 Sep 2022 05:43:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60117
IP address blocks: 166.108.212.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:16:79:c9:25:c0:4f:5f:fb:3f:85:9d:50:cc:ed:42:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 7 05:43:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee5e50ece634bce6d5ecd7ef39f2926b4fba82d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ae:31:2e:a3:85:c9:e3:88:c5:fc:79:6c:03:
75:3d:8a:3d:59:3c:c3:5f:8a:55:c1:fb:7a:fa:ec:
66:f2:81:27:2e:15:93:02:f1:6d:ce:73:b3:86:3d:
c9:3e:a9:a2:d9:1d:49:be:6f:0f:7d:08:4e:01:92:
32:eb:b1:1b:d1:11:c9:8b:2d:55:b0:e1:ca:eb:19:
27:86:dc:05:47:8b:e9:3a:cd:32:04:21:7c:b5:19:
9d:09:3e:2f:61:85:c7:72:a9:86:8d:44:9c:13:3c:
65:75:ed:b4:25:63:6d:8d:e7:2e:a2:57:3a:98:32:
a1:f6:13:52:ff:c6:5c:ac:ba:93:a4:bb:84:7e:28:
4a:0a:57:f8:cd:31:44:e3:9c:ff:f1:1d:91:85:64:
cf:1b:7a:f1:df:5f:59:2e:75:f2:82:6b:ca:19:a7:
38:a1:6e:7a:f4:25:24:e8:42:05:59:ed:84:3a:63:
4b:db:e1:63:d6:53:bd:02:af:39:23:41:f1:a5:b4:
ad:66:1a:7a:1e:18:84:43:35:36:d3:7d:93:0c:f4:
ca:4b:e3:63:9d:4a:cf:51:a5:ee:65:42:3b:14:4a:
89:5b:74:1a:af:37:66:c1:b5:06:6a:23:03:c8:ab:
3e:44:33:26:d0:18:e5:9f:81:bc:6d:bb:9c:a2:2a:
75:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5E:50:EC:E6:34:BC:E6:D5:EC:D7:EF:39:F2:92:6B:4F:BA:82:D1
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/7l5Q7OY0vObV7NfvOfKSa0-6gtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:7a:f8:81:a6:cc:7c:bd:78:d3:38:73:ec:a8:ec:6e:c6:1f:
b8:8a:22:0c:5d:3f:07:9c:9e:ba:ed:c9:3f:6b:51:99:c6:ab:
4b:fb:dc:3f:ba:32:dd:54:8f:f4:cc:3e:db:13:65:bb:6e:67:
c9:c8:58:72:b7:55:aa:a4:68:c8:49:37:8b:21:90:e0:f8:e6:
45:c8:02:46:08:16:ed:77:6e:4b:b3:e8:d8:b7:5c:6b:ce:3c:
30:6a:13:e0:11:08:3e:d0:d0:1a:9b:aa:0c:67:f4:53:a3:e1:
b8:f0:94:d4:db:7b:af:60:11:09:89:f4:b2:cc:ca:df:6e:9c:
17:ff:40:75:ae:eb:31:42:89:4e:ef:34:ed:14:da:3a:5c:82:
ae:20:6d:59:74:93:40:30:06:03:c8:96:d8:dd:2b:1c:31:2f:
65:15:fa:f6:b4:1a:12:13:7e:07:83:ab:49:c9:35:fb:4a:66:
5f:f2:d3:ef:1c:32:aa:a3:9b:fb:eb:00:3c:52:16:58:ee:9b:
48:61:79:7c:09:64:c9:f2:51:52:f4:34:df:9d:14:10:8f:a9:
65:7c:f8:f7:ff:82:ab:1a:60:f8:1b:1f:8b:da:a8:15:46:17:
d5:3c:95:69:68:51:ae:4f:41:49:14:f4:92:c6:69:e2:5f:a0:
2e:0a:6f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMWecklwE9f+z+FnVDM7UIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTA3MDU0MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVlNTBlY2U2MzRiY2U2ZDVlY2Q3ZWYzOWYyOTI2YjRmYmE4MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua4xLqOFyeOIxfx5bAN1PYo9WTzD
X4pVwft6+uxm8oEnLhWTAvFtznOzhj3JPqmi2R1Jvm8PfQhOAZIy67Eb0RHJiy1V
sOHK6xknhtwFR4vpOs0yBCF8tRmdCT4vYYXHcqmGjUScEzxlde20JWNtjecuolc6
mDKh9hNS/8ZcrLqTpLuEfihKClf4zTFE45z/8R2RhWTPG3rx319ZLnXygmvKGac4
oW569CUk6EIFWe2EOmNL2+Fj1lO9Aq85I0HxpbStZhp6HhiEQzU2032TDPTKS+Nj
nUrPUaXuZUI7FEqJW3QarzdmwbUGaiMDyKs+RDMm0Bjln4G8bbucoip1kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO5eUOzmNLzm1ezX7znykmtPuoLRMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvN2w1UTdPWTB2T2JWN05mdk9mS1NhMC02Z3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpmzUMA0G
CSqGSIb3DQEBCwUAA4IBAQCxeviBpsx8vXjTOHPsqOxuxh+4iiIMXT8HnJ667ck/
a1GZxqtL+9w/ujLdVI/0zD7bE2W7bmfJyFhyt1WqpGjISTeLIZDg+OZFyAJGCBbt
d25Ls+jYt1xrzjwwahPgEQg+0NAam6oMZ/RTo+G48JTU23uvYBEJifSyzMrfbpwX
/0B1rusxQolO7zTtFNo6XIKuIG1ZdJNAMAYDyJbY3SscMS9lFfr2tBoSE34Hg6tJ
yTX7SmZf8tPvHDKqo5v76wA8UhZY7ptIYXl8CWTJ8lFS9DTfnRQQj6llfPj3/4Kr
GmD4Gx+L2qgVRhfVPJVpaFGuT0FJFPSSxmniX6AuCm+T
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:53 2025 by rpki-client