Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/EEwy1N9VaCt_MFNCqiQJuicb2lo.roa
File: EEwy1N9VaCt_MFNCqiQJuicb2lo.roa (raw, json)
Hash identifier: KynswiuoMPhNLuSbVKLO0UaQWfWDPP2qJX17rzcRjJI=
Subject key identifier: 10:4C:32:D4:DF:55:68:2B:7F:30:53:42:AA:24:09:BA:27:1B:DA:5A
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018571957A6C732B88EE7FF23BCCF9646E4E
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/EEwy1N9VaCt_MFNCqiQJuicb2lo.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 166.108.216.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7a:6c:73:2b:88:ee:7f:f2:3b:cc:f9:64:6e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=104c32d4df55682b7f305342aa2409ba271bda5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:d8:af:e3:6a:0b:a5:e1:58:9a:b7:08:16:
0f:44:41:5a:65:f6:57:ef:b8:c9:33:3b:9a:00:2b:
48:9e:65:5e:2b:4f:d5:d5:cd:b1:5f:c6:7f:63:44:
75:19:4e:bf:93:49:4c:85:71:ab:79:13:70:c0:bb:
12:a7:0f:9b:3e:c3:32:37:a8:e7:70:a3:b3:a8:6e:
9e:fe:02:5a:40:ad:d4:4f:6a:17:38:fb:5f:c3:04:
61:95:2e:c6:60:c3:b6:96:ba:85:1d:69:88:8f:97:
3b:18:43:cc:1c:99:80:45:3a:a8:73:b7:1f:a3:de:
d8:00:79:96:16:44:5d:8d:9a:90:2e:56:a0:57:06:
d7:6f:1b:a8:2a:e7:ab:dd:ec:04:1a:0b:9d:d8:68:
10:9c:02:f4:df:25:52:7b:01:6e:ed:35:97:10:f8:
63:a3:1b:10:b1:2b:e6:09:fd:ce:9b:cd:05:70:b2:
b8:d1:e8:f4:dd:32:6c:32:cb:90:7c:b0:b7:0c:74:
1a:c7:f6:df:aa:a1:7c:38:b1:be:8b:07:e5:b4:ff:
57:43:d5:bc:df:28:65:aa:ee:94:7a:67:d1:2d:65:
77:a0:15:11:5e:72:c8:ed:23:b9:ac:21:eb:c8:b8:
93:a2:c9:9f:21:cb:71:03:8a:9a:e5:aa:37:9d:17:
a7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4C:32:D4:DF:55:68:2B:7F:30:53:42:AA:24:09:BA:27:1B:DA:5A
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/EEwy1N9VaCt_MFNCqiQJuicb2lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.216.0/23
Signature Algorithm: sha256WithRSAEncryption
25:92:ad:cf:aa:cd:d4:7b:d1:e5:eb:7d:16:6c:be:d6:50:c2:
34:bb:e7:e7:a0:f7:89:ce:90:e1:0c:1b:55:df:8f:f6:9d:94:
d7:e7:2c:35:55:f4:4a:a5:8c:49:65:28:1f:ca:e4:28:35:1d:
d4:1d:d3:b5:55:9a:03:4a:67:9d:02:87:d7:9a:58:c3:44:62:
b3:01:60:3c:f9:dd:a9:ec:bc:4c:ff:97:38:20:37:6e:fb:d8:
4e:97:4f:1f:8d:dc:81:72:b7:3a:30:52:77:b6:84:8d:e3:06:
6f:40:14:fb:39:5f:ae:7e:fa:98:0a:66:db:e5:45:16:8d:1d:
ad:e0:fc:f2:ee:77:2f:1a:2e:3a:9c:d1:09:01:bf:72:f6:02:
92:65:e7:92:8d:de:45:f3:21:55:08:7b:5f:bf:41:f4:18:43:
92:26:dc:ee:92:ac:9b:f6:2e:a4:92:8b:eb:ea:48:4b:b9:fa:
93:95:79:33:11:03:c5:fa:d1:1c:25:0a:00:4c:08:b6:a6:91:
e6:3d:08:cb:bf:45:f1:e4:f7:2a:8e:24:e4:b3:96:b8:4d:69:
17:19:33:dc:e8:12:2a:41:c3:dd:17:72:5d:ed:a5:d3:22:16:
6f:6b:bf:28:cc:54:1a:d3:d7:b4:75:c5:07:07:4a:1d:4b:31:
81:05:c6:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlXpscyuI7n/yO8z5ZG5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRjMzJkNGRmNTU2ODJiN2YzMDUzNDJhYTI0MDliYTI3MWJkYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhfYr+NqC6XhWJq3CBYPREFaZfZX
77jJMzuaACtInmVeK0/V1c2xX8Z/Y0R1GU6/k0lMhXGreRNwwLsSpw+bPsMyN6jn
cKOzqG6e/gJaQK3UT2oXOPtfwwRhlS7GYMO2lrqFHWmIj5c7GEPMHJmARTqoc7cf
o97YAHmWFkRdjZqQLlagVwbXbxuoKuer3ewEGgud2GgQnAL03yVSewFu7TWXEPhj
oxsQsSvmCf3Om80FcLK40ej03TJsMsuQfLC3DHQax/bfqqF8OLG+iwfltP9XQ9W8
3yhlqu6UemfRLWV3oBURXnLI7SO5rCHryLiTosmfIctxA4qa5ao3nRenuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBMMtTfVWgrfzBTQqokCbonG9paMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRUV3eTFOOVZhQ3RfTUZOQ3FpUUp1aWNiMmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBpmzYMA0G
CSqGSIb3DQEBCwUAA4IBAQAlkq3Pqs3Ue9Hl630WbL7WUMI0u+fnoPeJzpDhDBtV
34/2nZTX5yw1VfRKpYxJZSgfyuQoNR3UHdO1VZoDSmedAofXmljDRGKzAWA8+d2p
7LxM/5c4IDdu+9hOl08fjdyBcrc6MFJ3toSN4wZvQBT7OV+ufvqYCmbb5UUWjR2t
4Pzy7ncvGi46nNEJAb9y9gKSZeeSjd5F8yFVCHtfv0H0GEOSJtzukqyb9i6kkovr
6khLufqTlXkzEQPF+tEcJQoATAi2ppHmPQjLv0Xx5PcqjiTks5a4TWkXGTPc6BIq
QcPdF3Jd7aXTIhZva78ozFQa09e0dcUHB0odSzGBBcZv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:46 2024 by rpki-client on console-fra.rpki-client.org