Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/E3fwrJreBV3rszIbfYSFOeZnuJo.roa
File: E3fwrJreBV3rszIbfYSFOeZnuJo.roa (raw, json)
Hash identifier: vTaYA0zMQMMM/3GiLebCN3mEk9ogKDMfljt8LFTnaaw=
Subject key identifier: 13:77:F0:AC:9A:DE:05:5D:EB:B3:32:1B:7D:84:85:39:E6:67:B8:9A
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01836525A2A47086AE450BD5B1AF434516C7
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/E3fwrJreBV3rszIbfYSFOeZnuJo.roa
Signing time: Thu 22 Sep 2022 12:21:48 +0000
ROA not before: Thu 22 Sep 2022 12:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:25:a2:a4:70:86:ae:45:0b:d5:b1:af:43:45:16:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 22 12:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1377f0ac9ade055debb3321b7d848539e667b89a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a9:b5:d2:3b:dc:b4:e5:19:03:1e:56:fe:d0:
b5:22:d3:a3:9c:a5:45:22:8c:85:24:90:a3:49:d8:
90:ea:ae:af:eb:52:9b:65:e7:d7:dc:d5:64:ce:66:
69:82:b9:96:17:14:f6:fe:ab:e4:0a:aa:96:0f:d1:
76:e8:17:65:be:35:02:32:30:dd:35:e3:3e:80:01:
8b:4c:21:87:72:af:e3:7b:b6:ec:2e:6b:16:31:ab:
88:0c:46:84:2c:69:c6:e3:cf:d0:b9:b8:c0:23:06:
7b:4e:d2:5b:78:94:33:72:ad:f9:9d:19:a0:b8:4c:
4e:3e:0a:33:ae:e2:a2:50:13:af:b9:22:85:f3:09:
87:ae:99:08:ab:76:27:64:53:6b:83:30:c2:3a:6e:
15:50:6e:c6:1a:25:2d:9f:14:54:b6:22:bc:42:5e:
3a:16:29:19:75:c6:46:88:69:92:f7:60:4e:08:d2:
23:e8:e6:ac:25:71:47:1b:58:11:15:54:f5:d3:5f:
6d:b0:d6:3b:8a:3f:86:c6:aa:33:a3:22:7b:d8:c3:
f0:e3:a0:f9:2e:34:4e:e0:59:75:19:05:24:c5:96:
d4:b4:18:6d:c7:1a:03:9b:1c:15:b6:ed:d0:d7:1f:
81:78:be:8b:43:3b:96:87:88:4c:eb:83:8d:26:a0:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:77:F0:AC:9A:DE:05:5D:EB:B3:32:1B:7D:84:85:39:E6:67:B8:9A
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/E3fwrJreBV3rszIbfYSFOeZnuJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.192.0/22
166.108.200.0/22
166.108.242.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
41:3f:d8:98:7b:eb:84:39:92:56:8c:f7:d6:9a:4c:15:3b:49:
51:e4:b4:1e:83:1b:01:da:1d:1c:e8:d8:80:c2:b5:d1:e1:b4:
67:32:8f:3b:d3:ff:c8:2e:5d:88:24:d7:39:85:d7:6c:91:cb:
f9:50:40:bc:0d:f3:71:1b:90:b4:90:a1:81:86:e4:3d:ae:ff:
d5:a9:8a:f8:06:3b:a8:b7:19:17:56:52:c9:a5:0e:b3:c9:85:
0c:02:f6:0a:02:e6:84:8d:00:57:d0:eb:8a:83:bc:09:38:7a:
35:6c:1a:6b:87:2e:e4:dc:05:c5:ba:26:d1:d4:25:a3:44:45:
05:90:f3:07:dc:66:dd:49:2b:65:4d:11:59:69:f2:e7:e5:c3:
54:5f:f2:b7:fa:43:46:09:f2:07:f3:24:ea:58:02:a9:d9:ca:
1e:eb:54:9c:97:d5:42:3a:16:7e:0a:30:25:29:5f:bf:b0:a1:
c5:06:c1:fc:1f:05:1f:4e:48:c4:4f:ae:cb:cb:02:b3:5b:df:
8a:cb:78:9d:a3:40:f8:1d:bd:95:78:e1:2a:22:37:0d:0c:c9:
f7:86:7d:e5:45:ce:cc:ab:d3:73:39:9c:d8:f6:9e:9c:9a:79:
44:79:53:5d:5c:4e:cb:d7:d1:17:50:8a:48:b6:a6:a5:c5:c6:
b1:77:f7:9d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYNlJaKkcIauRQvVsa9DRRbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTIyMTIyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc3ZjBhYzlhZGUwNTVkZWJiMzMyMWI3ZDg0ODUzOWU2NjdiODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6m10jvctOUZAx5W/tC1ItOjnKVF
IoyFJJCjSdiQ6q6v61KbZefX3NVkzmZpgrmWFxT2/qvkCqqWD9F26BdlvjUCMjDd
NeM+gAGLTCGHcq/je7bsLmsWMauIDEaELGnG48/QubjAIwZ7TtJbeJQzcq35nRmg
uExOPgozruKiUBOvuSKF8wmHrpkIq3YnZFNrgzDCOm4VUG7GGiUtnxRUtiK8Ql46
FikZdcZGiGmS92BOCNIj6OasJXFHG1gRFVT1019tsNY7ij+GxqozoyJ72MPw46D5
LjRO4Fl1GQUkxZbUtBhtxxoDmxwVtu3Q1x+BeL6LQzuWh4hM64ONJqDzGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBN38Kya3gVd67MyG32EhTnmZ7iaMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRTNmd3JKcmVCVjNyc3pJYmZZU0ZPZVpudUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCpmzAAwQC
pmzIMAwDBAGmbPIDBAOmbPAwDAMEAKZs+QMEAKZs/jANBgkqhkiG9w0BAQsFAAOC
AQEAQT/YmHvrhDmSVoz31ppMFTtJUeS0HoMbAdodHOjYgMK10eG0ZzKPO9P/yC5d
iCTXOYXXbJHL+VBAvA3zcRuQtJChgYbkPa7/1amK+AY7qLcZF1ZSyaUOs8mFDAL2
CgLmhI0AV9DrioO8CTh6NWwaa4cu5NwFxbom0dQlo0RFBZDzB9xm3UkrZU0RWWny
5+XDVF/yt/pDRgnyB/Mk6lgCqdnKHutUnJfVQjoWfgowJSlfv7ChxQbB/B8FH05I
xE+uy8sCs1vfist4naNA+B29lXjhKiI3DQzJ94Z95UXOzKvTczmc2PaenJp5RHlT
XVxOy9fRF1CKSLampcXGsXf3nQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org