Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/DqEEl4F7GjZpRI4V5EIA2hLI-JM.roa
File: DqEEl4F7GjZpRI4V5EIA2hLI-JM.roa (raw, json)
Hash identifier: tcBAO0XogomfbnUbyocNV0qPJ4VJp2rzgMeAnoadfCQ=
Subject key identifier: 0E:A1:04:97:81:7B:1A:36:69:44:8E:15:E4:42:00:DA:12:C8:F8:93
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018323307C9F7BB4B8DCED7F0130075B8D0B
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/DqEEl4F7GjZpRI4V5EIA2hLI-JM.roa
Signing time: Fri 09 Sep 2022 16:58:43 +0000
ROA not before: Fri 09 Sep 2022 16:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:30:7c:9f:7b:b4:b8:dc:ed:7f:01:30:07:5b:8d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 9 16:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ea10497817b1a3669448e15e44200da12c8f893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f5:41:4a:fd:c9:5e:08:c8:f2:10:3c:18:2e:
3b:7a:dd:01:25:54:80:4f:67:9d:9d:0d:a3:95:44:
9e:91:19:31:99:b8:11:c2:9b:4b:48:a2:d0:40:e5:
d2:58:21:d9:fa:03:a8:26:1b:a0:da:87:1e:6f:34:
0c:5a:82:16:11:fc:5e:8f:91:a0:cb:3a:aa:e3:05:
c3:d0:df:2d:ce:ee:b2:fa:bc:0e:7a:ad:76:03:25:
97:10:ab:d3:f1:96:1b:5d:a6:f8:cc:c8:39:48:fd:
ef:ab:7e:58:27:9f:c3:be:02:cb:10:79:3d:bb:d1:
71:a9:8a:4c:38:62:74:c3:ed:bc:b6:53:40:3f:44:
e1:48:db:f3:ad:0f:cd:a8:51:0e:a7:26:35:18:0b:
fa:0b:74:c6:a1:4b:38:23:25:25:c4:2a:a3:32:64:
64:50:4f:dd:94:0f:d9:08:85:eb:0b:72:02:ba:33:
68:4a:66:a5:94:0c:04:0a:43:a6:77:30:38:b8:aa:
dd:d8:a1:e8:ab:cb:79:d4:d7:d9:ad:a9:3c:07:d6:
fd:97:1b:9e:9f:fe:66:71:bd:ed:86:28:f8:18:38:
18:2e:55:76:b2:a9:81:89:e7:25:9a:3d:a6:e2:76:
49:58:fe:c6:05:78:ee:fe:01:d1:5f:7e:da:ca:4d:
82:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A1:04:97:81:7B:1A:36:69:44:8E:15:E4:42:00:DA:12:C8:F8:93
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/DqEEl4F7GjZpRI4V5EIA2hLI-JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.192.0-166.108.203.255
166.108.242.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
8e:72:93:df:e0:df:47:24:ff:09:f5:9f:cb:58:67:0b:0f:09:
65:53:e8:a4:c2:dc:08:a6:b0:54:73:63:33:ae:7b:bc:e1:1a:
9c:f5:71:6c:97:18:ce:49:b3:2e:f6:34:bf:49:c6:62:53:d1:
03:e8:60:63:e5:88:de:a7:2e:1d:8c:40:e7:9c:1f:25:8a:69:
53:cf:0e:cd:64:59:9c:9f:27:5f:29:9b:c8:f1:36:73:05:2b:
ab:e0:66:04:13:2b:64:ea:19:01:be:cf:61:99:51:cd:ca:55:
5f:3a:00:8f:26:c6:48:f2:bf:36:ae:0c:ea:d5:9e:97:d7:6a:
32:65:43:98:53:38:0f:50:b3:76:6c:fc:05:a7:d5:7f:64:18:
6a:39:d1:5c:e5:12:ce:6f:03:44:9a:4f:86:4b:a9:5a:fc:ed:
65:6f:84:54:27:af:7e:db:44:fd:a6:10:36:cc:21:18:b1:6f:
4f:4f:36:46:df:b3:72:fc:eb:ed:45:30:9a:b2:43:d3:55:35:
c0:bc:89:db:02:ba:6b:d8:cd:dd:b9:a5:ef:ed:5f:48:e7:fd:
59:e6:4b:f5:89:66:9a:27:51:e1:66:40:47:da:7e:6b:ef:dc:
84:27:68:6f:b7:be:d5:c7:9e:32:22:54:bb:e6:5e:0d:0d:0e:
73:12:44:3a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMjMHyfe7S43O1/ATAHW40LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTA5MTY1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWExMDQ5NzgxN2IxYTM2Njk0NDhlMTVlNDQyMDBkYTEyYzhmODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvVBSv3JXgjI8hA8GC47et0BJVSA
T2ednQ2jlUSekRkxmbgRwptLSKLQQOXSWCHZ+gOoJhug2ocebzQMWoIWEfxej5Gg
yzqq4wXD0N8tzu6y+rwOeq12AyWXEKvT8ZYbXab4zMg5SP3vq35YJ5/DvgLLEHk9
u9FxqYpMOGJ0w+28tlNAP0ThSNvzrQ/NqFEOpyY1GAv6C3TGoUs4IyUlxCqjMmRk
UE/dlA/ZCIXrC3ICujNoSmallAwECkOmdzA4uKrd2KHoq8t51NfZrak8B9b9lxue
n/5mcb3thij4GDgYLlV2sqmBieclmj2m4nZJWP7GBXju/gHRX37ayk2CMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA6hBJeBexo2aUSOFeRCANoSyPiTMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRHFFRWw0RjdHalpwUkk0VjVFSUEyaExJLUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAambMAD
BAKmbMgwDAMEAaZs8gMEA6Zs8DAMAwQApmz5AwQApmz+MA0GCSqGSIb3DQEBCwUA
A4IBAQCOcpPf4N9HJP8J9Z/LWGcLDwllU+ikwtwIprBUc2Mzrnu84Rqc9XFslxjO
SbMu9jS/ScZiU9ED6GBj5Yjepy4djEDnnB8limlTzw7NZFmcnydfKZvI8TZzBSur
4GYEEytk6hkBvs9hmVHNylVfOgCPJsZI8r82rgzq1Z6X12oyZUOYUzgPULN2bPwF
p9V/ZBhqOdFc5RLObwNEmk+GS6la/O1lb4RUJ69+20T9phA2zCEYsW9PTzZG37Ny
/OvtRTCaskPTVTXAvInbArpr2M3duaXv7V9I5/1Z5kv1iWaaJ1HhZkBH2n5r79yE
J2hvt77Vx54yIlS75l4NDQ5zEkQ6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org