Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/9hAcUGt92yBf9GtxgWXa9JJXNZ0.roa
File: 9hAcUGt92yBf9GtxgWXa9JJXNZ0.roa (raw, json)
Hash identifier: M8zObXCnSUb3/KtDArtbhk6fm+605rZWzavcaQJ53pA=
Subject key identifier: F6:10:1C:50:6B:7D:DB:20:5F:F4:6B:71:81:65:DA:F4:92:57:35:9D
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018323333A5611858667D51B413E878C77CB
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/9hAcUGt92yBf9GtxgWXa9JJXNZ0.roa
Signing time: Fri 09 Sep 2022 17:01:43 +0000
ROA not before: Fri 09 Sep 2022 17:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 166.108.216.0/23 maxlen: 23
166.108.218.0/23 maxlen: 23
166.108.224.0/23 maxlen: 23
166.108.226.0/23 maxlen: 23
166.108.220.0/23 maxlen: 23
166.108.222.0/23 maxlen: 23
166.108.230.0/23 maxlen: 23
166.108.232.0/23 maxlen: 23
166.108.228.0/23 maxlen: 23
166.108.238.0/23 maxlen: 23
166.108.234.0/23 maxlen: 23
166.108.236.0/23 maxlen: 23
166.108.240.0/23 maxlen: 23
166.108.244.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 23
166.108.251.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.160.0/22 maxlen: 22
166.108.164.0/22 maxlen: 22
166.108.168.0/22 maxlen: 22
166.108.172.0/22 maxlen: 22
166.108.176.0/22 maxlen: 22
166.108.180.0/22 maxlen: 22
166.108.184.0/22 maxlen: 22
166.108.188.0/22 maxlen: 22
166.108.192.0/22 maxlen: 22
166.108.196.0/22 maxlen: 22
166.108.200.0/22 maxlen: 22
166.108.204.0/22 maxlen: 22
166.108.208.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:33:3a:56:11:85:86:67:d5:1b:41:3e:87:8c:77:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 9 17:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6101c506b7ddb205ff46b718165daf49257359d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:ab:9c:66:d8:da:fe:17:20:09:75:ad:33:
29:c4:dd:07:c6:25:52:28:b3:54:f1:c6:34:09:16:
f2:c0:a6:9a:fb:5f:27:5a:99:7e:e2:1a:58:29:27:
41:23:04:2c:e8:5d:40:49:3a:d9:d6:ea:b1:6d:3a:
ba:e9:fb:bd:b2:dd:d9:cc:68:67:85:91:4e:62:de:
7c:a5:5c:4c:e1:34:93:c0:8c:85:0d:6a:6f:cc:bb:
9c:36:6c:13:98:92:82:3d:0a:0c:5b:65:17:28:89:
f7:04:de:36:d2:d7:90:ba:55:90:16:a6:a2:f6:1c:
dd:c2:8e:75:93:1a:d9:a5:24:6a:6e:73:d8:2d:02:
36:8b:35:88:1e:2a:a3:bd:c7:bf:21:d1:c4:89:5b:
9f:f0:32:17:6c:71:79:e1:11:44:03:2b:ef:47:52:
b3:9f:62:75:33:f8:15:37:53:bd:ed:af:15:e5:c7:
0b:ae:2a:b7:ae:81:05:a9:6f:6a:e7:8a:78:84:7e:
6a:65:de:43:70:17:74:af:2a:46:69:9f:f4:02:83:
f5:25:17:d1:bb:54:0a:05:09:50:66:24:12:bf:77:
87:30:f2:a6:14:51:5f:55:95:b9:4e:93:c3:14:d4:
a7:58:49:b3:a4:cf:ed:c2:f0:6f:da:16:5b:c3:53:
80:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:10:1C:50:6B:7D:DB:20:5F:F4:6B:71:81:65:DA:F4:92:57:35:9D
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/9hAcUGt92yBf9GtxgWXa9JJXNZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0-166.108.211.255
166.108.216.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
0e:b6:70:4e:be:37:72:c4:59:96:1f:82:2e:1d:ce:16:84:34:
ce:13:cf:f3:5a:de:75:23:68:7f:75:7c:d3:2b:fa:3a:ba:df:
20:f5:13:35:1b:d9:a9:9a:11:45:20:d6:bf:fd:b1:f2:58:a3:
87:d2:6b:fe:a2:6c:a1:e0:84:c8:00:ec:2b:62:d8:d8:e0:4b:
60:5f:5b:ae:27:4c:ed:24:d6:75:e4:ae:86:8b:cf:c6:dd:a0:
81:c5:ec:c1:57:21:cb:ba:f2:44:be:cf:3d:0f:a1:d1:10:98:
a7:f6:6e:f0:25:e8:ed:14:5a:4b:ca:10:75:c5:f9:94:8a:52:
f9:c8:9a:89:ce:bc:5f:ee:16:b2:66:84:ba:2e:32:23:5c:61:
82:49:14:3b:47:4e:22:12:01:f8:05:9a:bd:8d:a1:ea:3d:13:
b2:52:b6:ca:9f:3f:13:ce:df:46:0e:4a:63:04:22:be:0b:34:
b2:e9:33:a6:2c:dd:64:1a:88:b5:63:b5:06:0b:30:25:41:9f:
28:f5:71:2b:b9:1d:16:17:4b:10:50:91:a5:21:da:59:01:30:
22:ca:0a:57:43:ea:de:cd:fe:d4:d1:79:02:24:12:26:c3:09:
29:61:ef:cc:dc:0d:09:36:43:e9:9f:90:f3:11:91:24:1f:08:
8c:97:31:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMjMzpWEYWGZ9UbQT6HjHfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTA5MTcwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjEwMWM1MDZiN2RkYjIwNWZmNDZiNzE4MTY1ZGFmNDkyNTczNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg32rnGbY2v4XIAl1rTMpxN0HxiVS
KLNU8cY0CRbywKaa+18nWpl+4hpYKSdBIwQs6F1ASTrZ1uqxbTq66fu9st3ZzGhn
hZFOYt58pVxM4TSTwIyFDWpvzLucNmwTmJKCPQoMW2UXKIn3BN420teQulWQFqai
9hzdwo51kxrZpSRqbnPYLQI2izWIHiqjvce/IdHEiVuf8DIXbHF54RFEAyvvR1Kz
n2J1M/gVN1O97a8V5ccLriq3roEFqW9q54p4hH5qZd5DcBd0rypGaZ/0AoP1JRfR
u1QKBQlQZiQSv3eHMPKmFFFfVZW5TpPDFNSnWEmzpM/twvBv2hZbw1OA3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPYQHFBrfdsgX/RrcYFl2vSSVzWdMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvOWhBY1VHdDkyeUJmOUd0eGdXWGE5SkpYTlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAWmbKAD
BAKmbNAwDAMEA6Zs2AMEA6Zs8DAMAwQApmz5AwQApmz+MA0GCSqGSIb3DQEBCwUA
A4IBAQAOtnBOvjdyxFmWH4IuHc4WhDTOE8/zWt51I2h/dXzTK/o6ut8g9RM1G9mp
mhFFINa//bHyWKOH0mv+omyh4ITIAOwrYtjY4EtgX1uuJ0ztJNZ15K6Gi8/G3aCB
xezBVyHLuvJEvs89D6HREJin9m7wJejtFFpLyhB1xfmUilL5yJqJzrxf7hayZoS6
LjIjXGGCSRQ7R04iEgH4BZq9jaHqPROyUrbKnz8Tzt9GDkpjBCK+CzSy6TOmLN1k
Goi1Y7UGCzAlQZ8o9XEruR0WF0sQUJGlIdpZATAiygpXQ+rezf7U0XkCJBImwwkp
Ye/M3A0JNkPpn5DzEZEkHwiMlzHB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org