Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ET0RKBBAXR_7NLS6IHxpviHbxYQ.roa
File: ET0RKBBAXR_7NLS6IHxpviHbxYQ.roa (raw, json)
Hash identifier: z8tcblzGs8XfIb5pDPCq5TmnY1kQRUQhFkEzhX3Hh38=
Subject key identifier: 11:3D:11:28:10:40:5D:1F:FB:34:B4:BA:20:7C:69:BE:21:DB:C5:84
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01832337CF1D855DFB8DE728A2D085F5BCA5
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ET0RKBBAXR_7NLS6IHxpviHbxYQ.roa
Signing time: Fri 09 Sep 2022 17:06:43 +0000
ROA not before: Fri 09 Sep 2022 17:06:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 166.108.196.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:37:cf:1d:85:5d:fb:8d:e7:28:a2:d0:85:f5:bc:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 9 17:06:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=113d112810405d1ffb34b4ba207c69be21dbc584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:00:55:21:86:70:f3:79:40:80:03:88:e4:cf:
66:9b:91:1c:ab:7b:74:e4:71:a0:b9:cd:5f:29:f1:
2d:42:c8:b1:7a:35:41:6c:22:04:08:05:da:f1:47:
3a:f1:98:25:c2:df:b7:b8:6a:f3:e8:f7:d9:9a:59:
16:21:77:b6:49:06:06:da:65:46:cd:d8:62:fa:b1:
36:96:eb:94:4e:c0:7f:a1:e2:d8:ed:f2:96:ef:4e:
66:4d:c0:25:ce:f7:3c:d5:55:62:be:d2:22:db:e1:
11:06:c5:a2:36:78:9a:31:b1:49:26:ca:f7:2f:91:
1b:bb:93:9f:da:cb:a5:16:23:e1:13:df:8d:c2:a6:
97:cb:df:21:43:97:ac:80:1d:6e:7b:e3:54:6e:83:
2c:77:cc:18:fa:43:c0:78:93:b4:8a:0a:78:f9:14:
95:cd:d2:f3:96:f9:be:84:f4:bb:f3:da:20:e5:45:
a2:81:8a:4a:38:d7:b3:ac:3c:b6:2b:9f:ee:ae:90:
6d:dc:83:ac:c2:f5:bf:cd:9a:17:cf:fc:02:7c:62:
14:ec:bf:b9:31:8c:aa:2d:f2:86:09:32:b2:fb:4e:
ce:b3:e6:a7:02:4a:51:26:de:27:31:29:0c:b3:d1:
b0:a5:2f:4b:bb:d4:c9:6b:ff:04:7a:82:8a:c4:45:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3D:11:28:10:40:5D:1F:FB:34:B4:BA:20:7C:69:BE:21:DB:C5:84
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ET0RKBBAXR_7NLS6IHxpviHbxYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.196.0/22
Signature Algorithm: sha256WithRSAEncryption
14:af:99:4d:1a:90:90:61:a1:0e:aa:96:5b:05:1f:af:51:a0:
f8:8a:66:c9:1d:cc:72:d5:7e:61:55:90:9d:11:bb:73:d2:4a:
71:2d:c9:b5:ab:60:09:fb:4d:50:63:62:91:58:9c:a3:13:41:
54:1a:43:20:38:36:a2:33:ce:f6:0c:9a:05:cf:d8:1d:10:fc:
87:4e:7e:91:26:5e:32:30:76:50:4f:e7:a8:86:66:90:4a:5c:
84:74:9c:35:ca:8a:08:96:0a:2a:0d:aa:14:f4:ff:de:cd:65:
be:44:ab:ba:e3:17:82:79:9b:e4:1a:f2:6c:7a:a6:d9:98:25:
5a:4f:54:61:91:01:c5:d5:f9:ff:05:59:bf:44:3b:95:1b:7a:
7e:c3:52:70:18:2e:c2:a5:54:7e:c5:39:33:69:ee:f3:95:ec:
ea:c2:68:3f:c6:74:1f:94:62:6f:9c:cb:b4:e7:a7:48:e2:33:
39:cf:dd:3d:8b:9d:3b:78:59:1d:e8:f1:cd:25:a0:8a:cb:f8:
ed:74:02:7d:92:8a:0f:cd:b3:d6:3a:8f:9c:20:71:8f:7e:5d:
30:8e:bc:71:27:ed:0b:4d:0c:58:b3:5c:2a:b2:23:75:a9:4c:
06:bb:0a:4a:53:92:af:ac:0a:fa:eb:97:b7:1c:1c:f4:81:25:
a7:b7:75:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMjN88dhV37jecootCF9bylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTA5MTcwNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNkMTEyODEwNDA1ZDFmZmIzNGI0YmEyMDdjNjliZTIxZGJjNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQBVIYZw83lAgAOI5M9mm5Ecq3t0
5HGguc1fKfEtQsixejVBbCIECAXa8Uc68Zglwt+3uGrz6PfZmlkWIXe2SQYG2mVG
zdhi+rE2luuUTsB/oeLY7fKW705mTcAlzvc81VVivtIi2+ERBsWiNniaMbFJJsr3
L5Ebu5Of2sulFiPhE9+NwqaXy98hQ5esgB1ue+NUboMsd8wY+kPAeJO0igp4+RSV
zdLzlvm+hPS789og5UWigYpKONezrDy2K5/urpBt3IOswvW/zZoXz/wCfGIU7L+5
MYyqLfKGCTKy+07Os+anAkpRJt4nMSkMs9GwpS9Lu9TJa/8EeoKKxEVaNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBE9ESgQQF0f+zS0uiB8ab4h28WEMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRVQwUktCQkFYUl83TkxTNklIeHB2aUhieFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpmzEMA0G
CSqGSIb3DQEBCwUAA4IBAQAUr5lNGpCQYaEOqpZbBR+vUaD4imbJHcxy1X5hVZCd
Ebtz0kpxLcm1q2AJ+01QY2KRWJyjE0FUGkMgODaiM872DJoFz9gdEPyHTn6RJl4y
MHZQT+eohmaQSlyEdJw1yooIlgoqDaoU9P/ezWW+RKu64xeCeZvkGvJseqbZmCVa
T1RhkQHF1fn/BVm/RDuVG3p+w1JwGC7CpVR+xTkzae7zlezqwmg/xnQflGJvnMu0
56dI4jM5z909i507eFkd6PHNJaCKy/jtdAJ9kooPzbPWOo+cIHGPfl0wjrxxJ+0L
TQxYs1wqsiN1qUwGuwpKU5KvrAr665e3HBz0gSWnt3Uv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:24 2025 by rpki-client