Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/F51Fg1UWaa1-_diFGNSqiomj-Nk.roa
File: F51Fg1UWaa1-_diFGNSqiomj-Nk.roa (raw, json)
Hash identifier: Y0r/qFPKfn0A0wswOxWUaEQpFZMOcXILQMFgi03klMU=
Subject key identifier: 17:9D:45:83:55:16:69:AD:7E:FD:D8:85:18:D4:AA:8A:89:A3:F8:D9
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0185E3AA75E78795EC8273F85D1FB54793C0
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/F51Fg1UWaa1-_diFGNSqiomj-Nk.roa
Signing time: Tue 24 Jan 2023 12:04:37 +0000
ROA not before: Tue 24 Jan 2023 12:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210439
IP address blocks: 166.108.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:aa:75:e7:87:95:ec:82:73:f8:5d:1f:b5:47:93:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 24 12:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=179d4583551669ad7efdd88518d4aa8a89a3f8d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d1:8d:60:e6:b2:d3:31:d1:34:36:74:aa:eb:
83:05:75:2d:2f:bd:93:78:cd:a5:e3:b6:79:48:de:
7a:a9:ff:57:89:2f:f9:35:7a:92:53:a7:c7:1c:c7:
d7:5f:c5:ec:66:bf:51:10:0f:15:d5:be:e5:b9:e8:
0a:28:fd:9c:70:b7:a9:37:a2:7e:35:a9:ec:95:8b:
3f:40:4d:9a:6e:57:a4:50:38:3f:75:df:79:ad:1b:
d9:b4:d0:b3:1a:8b:7b:a8:c4:e9:ed:1e:83:2b:3c:
7f:05:8d:25:6e:54:51:e6:44:8c:e9:f9:a7:c0:cf:
c1:6f:89:8f:e0:ee:6b:cd:d5:1d:89:a3:11:97:da:
17:0a:ba:68:51:4b:71:36:8b:81:16:8a:19:53:e9:
66:32:d1:e5:3b:5b:b8:8c:61:a9:ff:04:04:69:f4:
74:81:9b:66:22:e1:a4:94:07:a7:55:1d:37:60:5a:
30:bb:5f:55:fb:3f:43:e6:48:e1:65:5e:31:e0:6c:
5e:4a:7f:63:62:4c:78:de:5d:7c:cd:4c:89:00:43:
6e:d7:81:2a:f7:d4:4a:98:9f:de:f2:28:d6:26:ae:
46:d1:43:9e:5e:26:a0:ae:00:78:48:81:d8:96:7c:
4d:11:30:64:36:07:57:70:bf:cb:6c:01:de:8f:fa:
d5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9D:45:83:55:16:69:AD:7E:FD:D8:85:18:D4:AA:8A:89:A3:F8:D9
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/F51Fg1UWaa1-_diFGNSqiomj-Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
20:62:5d:c9:eb:14:69:30:6a:51:ad:ce:47:0a:e8:9c:b3:25:
6b:8c:0b:8c:4f:e0:66:b9:18:45:4a:61:77:80:8a:a9:c2:1f:
14:55:de:64:3d:44:b4:7b:da:6c:d1:7b:85:40:1b:91:8d:08:
97:e6:8d:9d:91:5b:6e:d5:5e:32:2f:25:97:50:09:46:3b:7e:
b9:73:09:5a:14:7c:5e:71:ab:79:80:8e:a4:b8:11:18:d5:53:
79:7e:9d:46:b1:01:b8:b2:b0:f9:fe:88:37:f4:b5:d6:48:16:
e0:40:72:e8:6c:d5:a8:d3:43:d8:61:f0:d6:eb:0e:e3:c7:26:
91:4f:54:21:9a:a2:68:c1:de:5b:23:d0:e5:c9:12:2b:50:d5:
90:57:00:8b:07:63:53:57:67:f5:64:e8:9e:83:99:e7:54:90:
d0:8a:7a:cc:10:37:74:b8:df:b8:aa:15:ce:05:6d:11:63:8f:
70:28:16:dc:4b:b2:d9:10:4b:75:7d:83:4b:38:9a:11:ea:1a:
c4:3d:de:52:3f:22:50:d5:ea:e4:64:37:a6:af:3a:36:f2:42:
bc:41:71:f3:e2:6f:2d:c5:1f:17:64:de:1b:77:31:75:a4:81:
d5:65:89:d0:d6:29:34:37:35:d8:8d:a6:c5:4a:f0:43:76:fc:
ee:56:00:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXjqnXnh5XsgnP4XR+1R5PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMTI0MTIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzlkNDU4MzU1MTY2OWFkN2VmZGQ4ODUxOGQ0YWE4YTg5YTNmOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dGNYOay0zHRNDZ0quuDBXUtL72T
eM2l47Z5SN56qf9XiS/5NXqSU6fHHMfXX8XsZr9REA8V1b7luegKKP2ccLepN6J+
NanslYs/QE2ablekUDg/dd95rRvZtNCzGot7qMTp7R6DKzx/BY0lblRR5kSM6fmn
wM/Bb4mP4O5rzdUdiaMRl9oXCrpoUUtxNouBFooZU+lmMtHlO1u4jGGp/wQEafR0
gZtmIuGklAenVR03YFowu19V+z9D5kjhZV4x4GxeSn9jYkx43l18zUyJAENu14Eq
99RKmJ/e8ijWJq5G0UOeXiagrgB4SIHYlnxNETBkNgdXcL/LbAHej/rVcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBedRYNVFmmtfv3YhRjUqoqJo/jZMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvRjUxRmcxVVdhYTEtX2RpRkdOU3Fpb21qLU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApmz/MA0G
CSqGSIb3DQEBCwUAA4IBAQAgYl3J6xRpMGpRrc5HCuicsyVrjAuMT+BmuRhFSmF3
gIqpwh8UVd5kPUS0e9ps0XuFQBuRjQiX5o2dkVtu1V4yLyWXUAlGO365cwlaFHxe
cat5gI6kuBEY1VN5fp1GsQG4srD5/og39LXWSBbgQHLobNWo00PYYfDW6w7jxyaR
T1QhmqJowd5bI9DlyRIrUNWQVwCLB2NTV2f1ZOieg5nnVJDQinrMEDd0uN+4qhXO
BW0RY49wKBbcS7LZEEt1fYNLOJoR6hrEPd5SPyJQ1erkZDemrzo28kK8QXHz4m8t
xR8XZN4bdzF1pIHVZYnQ1ik0NzXYjabFSvBDdvzuVgCr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org