Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/GGN-3Jo5DFGN20NZKsw269YldEE.roa
File: GGN-3Jo5DFGN20NZKsw269YldEE.roa (raw, json)
Hash identifier: NcSoSNbDjOaa9FmG7Ev+/MXT9IFxaA9G6/1xklRf/4Y=
Subject key identifier: 18:63:7E:DC:9A:39:0C:51:8D:DB:43:59:2A:CC:36:EB:D6:25:74:41
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0183D136D992061BDA3A8F768AA0C6ADBD1A
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/GGN-3Jo5DFGN20NZKsw269YldEE.roa
Signing time: Thu 13 Oct 2022 11:59:36 +0000
ROA not before: Thu 13 Oct 2022 11:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d1:36:d9:92:06:1b:da:3a:8f:76:8a:a0:c6:ad:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Oct 13 11:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=18637edc9a390c518ddb43592acc36ebd6257441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:6f:a9:cb:51:79:a4:9a:b5:ca:45:2e:35:
b1:0e:0d:03:d7:50:c4:17:b6:fd:fe:eb:de:aa:d6:
a5:94:3b:3e:07:9c:bd:24:47:07:81:21:4a:65:16:
b4:88:67:b4:e6:99:8b:1c:bd:ab:fb:83:85:8e:37:
76:11:5f:79:4e:66:81:3d:c6:93:57:04:b4:56:5f:
ab:27:f9:ba:f6:8d:71:ca:e3:03:09:05:db:db:2c:
81:16:55:71:87:a8:e7:4f:df:4b:b6:f8:cf:e0:60:
8a:3d:31:ef:66:50:55:d3:91:43:2a:43:4b:4a:01:
b4:e7:2b:8a:f9:1f:0f:14:bc:f6:96:5e:04:d3:d4:
cd:c7:ac:9d:f3:7a:64:2e:2a:56:e0:95:10:44:2c:
01:be:26:07:b8:c8:83:a3:08:24:f6:66:c4:fe:6a:
69:77:ce:bd:ae:c2:8e:58:34:e4:34:28:7c:2d:e5:
92:51:43:76:6d:6d:2c:ed:02:06:a7:57:20:81:e5:
ce:33:cb:28:14:c2:ad:14:4a:dd:c9:85:a9:08:3e:
46:68:bf:6b:4d:d9:53:86:2f:bd:3d:9a:30:47:07:
7b:a3:50:21:b0:b3:dd:55:f7:ce:33:49:76:69:e4:
8e:c4:66:e2:c2:64:66:fd:de:92:64:99:db:3a:88:
4d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:63:7E:DC:9A:39:0C:51:8D:DB:43:59:2A:CC:36:EB:D6:25:74:41
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/GGN-3Jo5DFGN20NZKsw269YldEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.242.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
02:a9:35:17:42:a7:5f:c3:6f:68:da:0b:47:15:9a:21:53:b5:
11:b3:43:a2:ad:43:f9:ed:22:89:a2:9e:d3:d2:ef:c8:7d:7b:
13:30:77:0f:94:3d:fd:53:7a:72:45:c4:5b:ec:44:dd:c7:9e:
65:75:33:64:78:b7:c4:0a:33:6a:ed:c4:32:11:37:d6:c4:58:
f2:8d:d4:45:6d:64:21:6e:75:2b:63:81:ec:fe:72:63:d1:f9:
f0:ce:aa:75:23:5a:29:69:1c:cb:65:7c:2e:97:8d:43:25:9e:
09:6e:38:e8:aa:66:ac:07:8d:43:b5:b3:31:13:58:18:fb:a5:
28:c5:a1:2d:80:76:ea:46:98:f5:50:cc:3f:5c:02:89:f3:3d:
ba:40:d5:c9:68:d6:fb:cd:59:d4:0d:15:e9:3f:c1:57:7f:55:
e3:3e:d4:b4:94:e9:bd:66:6b:3d:b4:fb:d0:69:3c:3f:53:f7:
24:14:55:81:5b:dd:da:59:98:42:66:1f:1d:a4:95:c5:25:5d:
54:cf:46:db:5d:15:fb:9b:b4:4d:e4:8f:9d:a6:dc:f1:16:70:
29:3a:f9:2a:24:95:07:7a:63:45:b3:02:9c:58:d3:e5:e1:c9:
20:78:64:e2:9e:96:0e:72:59:53:13:8e:af:8f:2c:e5:79:84:
34:1d:52:cd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYPRNtmSBhvaOo92iqDGrb0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIxMDEzMTE1OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODYzN2VkYzlhMzkwYzUxOGRkYjQzNTkyYWNjMzZlYmQ2MjU3NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQlvqctReaSatcpFLjWxDg0D11DE
F7b9/uveqtallDs+B5y9JEcHgSFKZRa0iGe05pmLHL2r+4OFjjd2EV95TmaBPcaT
VwS0Vl+rJ/m69o1xyuMDCQXb2yyBFlVxh6jnT99LtvjP4GCKPTHvZlBV05FDKkNL
SgG05yuK+R8PFLz2ll4E09TNx6yd83pkLipW4JUQRCwBviYHuMiDowgk9mbE/mpp
d869rsKOWDTkNCh8LeWSUUN2bW0s7QIGp1cggeXOM8soFMKtFErdyYWpCD5GaL9r
TdlThi+9PZowRwd7o1AhsLPdVffOM0l2aeSOxGbiwmRm/d6SZJnbOohNDQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBhjftyaOQxRjdtDWSrMNuvWJXRBMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvR0dOLTNKbzVERkdOMjBOWktzdzI2OVlsZEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAGmbPID
BAOmbPAwDAMEAKZs+QMEAKZs/jANBgkqhkiG9w0BAQsFAAOCAQEAAqk1F0KnX8Nv
aNoLRxWaIVO1EbNDoq1D+e0iiaKe09LvyH17EzB3D5Q9/VN6ckXEW+xE3ceeZXUz
ZHi3xAozau3EMhE31sRY8o3URW1kIW51K2OB7P5yY9H58M6qdSNaKWkcy2V8LpeN
QyWeCW446KpmrAeNQ7WzMRNYGPulKMWhLYB26kaY9VDMP1wCifM9ukDVyWjW+81Z
1A0V6T/BV39V4z7UtJTpvWZrPbT70Gk8P1P3JBRVgVvd2lmYQmYfHaSVxSVdVM9G
210V+5u0TeSPnabc8RZwKTr5KiSVB3pjRbMCnFjT5eHJIHhk4p6WDnJZUxOOr48s
5XmENB1SzQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org