Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Hu0U8fQUHLTMrEjLH0Cj_pWSWSI.roa
File: Hu0U8fQUHLTMrEjLH0Cj_pWSWSI.roa (raw, json)
Hash identifier: nk0O2dZepNlteIJT6TfcQB9V1UYc7GPviR4hWUhlJWU=
Subject key identifier: 1E:ED:14:F1:F4:14:1C:B4:CC:AC:48:CB:1F:40:A3:FE:95:92:59:22
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06B439A8
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Hu0U8fQUHLTMrEjLH0Cj_pWSWSI.roa
Signing time: Mon 14 Mar 2022 15:49:36 +0000
ROA not before: Mon 14 Mar 2022 15:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.218.0/23 maxlen: 24
166.108.216.0/23 maxlen: 24
166.108.226.0/23 maxlen: 24
166.108.220.0/23 maxlen: 24
166.108.222.0/23 maxlen: 24
166.108.224.0/23 maxlen: 24
166.108.228.0/23 maxlen: 24
166.108.230.0/23 maxlen: 24
166.108.232.0/23 maxlen: 24
166.108.234.0/23 maxlen: 24
166.108.236.0/23 maxlen: 24
166.108.238.0/23 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.255.0/24 maxlen: 24
166.108.164.0/22 maxlen: 24
166.108.160.0/22 maxlen: 24
166.108.172.0/22 maxlen: 24
166.108.168.0/22 maxlen: 24
166.108.176.0/22 maxlen: 24
166.108.184.0/22 maxlen: 24
166.108.180.0/22 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.188.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
166.108.212.0/22 maxlen: 24
166.108.208.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112474536 (0x6b439a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 14 15:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eed14f1f4141cb4ccac48cb1f40a3fe95925922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6d:86:0e:88:b0:92:5a:3d:60:91:9f:0e:ed:
ac:20:6a:1e:b7:c8:9e:ab:9e:6b:fa:b9:33:af:69:
1b:29:e9:fa:00:4b:10:ed:0f:91:22:56:66:97:e2:
62:53:d3:c4:fa:e9:f3:56:6d:18:ab:ed:26:1a:70:
89:0d:15:f4:b6:a2:66:96:c7:c3:88:76:6e:98:ed:
d1:eb:58:92:6c:61:55:05:77:c1:77:f4:bc:a3:c1:
04:b8:cb:34:51:38:5d:94:c0:6e:ba:95:2c:c2:fc:
37:fb:3c:01:b7:70:c0:7d:f3:27:40:95:c1:a4:6e:
b1:9e:d1:ef:d3:35:69:08:a2:77:6c:d6:68:c7:ea:
d8:6c:bc:ba:2e:66:3b:d9:99:e7:83:d0:4f:26:26:
2c:65:7a:7b:9b:6c:be:77:81:4f:ad:ef:f8:fc:89:
4b:f8:db:43:09:2d:86:a4:65:ea:0d:66:ac:f5:f8:
0f:bc:fa:54:a6:a9:d9:0c:b8:3b:fb:fa:c0:45:ad:
30:f5:5a:1e:e8:68:6f:b3:94:03:d7:af:ae:a5:d5:
13:c1:7b:50:e7:1e:f4:b3:c3:91:8f:8b:12:4a:85:
08:c9:7a:df:fb:94:47:a1:28:35:3e:78:c7:73:47:
90:02:62:2d:1d:b1:c6:b3:80:b9:f3:52:87:af:3e:
91:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:ED:14:F1:F4:14:1C:B4:CC:AC:48:CB:1F:40:A3:FE:95:92:59:22
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Hu0U8fQUHLTMrEjLH0Cj_pWSWSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0-166.108.203.255
166.108.208.0-166.108.239.255
166.108.244.0/22
166.108.249.0-166.108.255.255
Signature Algorithm: sha256WithRSAEncryption
14:ba:46:97:68:1f:db:b1:4e:43:e7:dc:2d:03:7e:44:66:4a:
2d:0f:92:42:f2:92:f1:74:a8:1f:8a:2d:44:f3:c1:1a:89:46:
de:1a:27:23:7c:db:74:5f:5b:73:2d:c2:e7:76:3a:7f:bf:d2:
f6:3d:88:54:ab:99:7f:a7:ce:05:e8:d6:94:07:9b:d2:88:8a:
34:6d:c5:51:43:5b:6d:94:c5:f2:82:a2:8c:31:16:3a:b3:d4:
a4:68:38:7f:63:d0:68:58:cd:81:d8:47:08:2e:5f:bc:3c:b4:
a1:29:ec:5f:88:fc:ed:94:a2:84:af:6f:16:ab:dc:78:e5:38:
12:f2:de:e4:0c:11:57:22:b2:86:89:a3:05:fb:29:88:1a:ad:
c0:82:bf:81:0e:63:0f:15:f0:39:c7:82:8c:0d:40:74:bc:ea:
47:8f:9c:d1:b0:c8:a0:15:f5:dd:1b:0e:ab:d0:cf:fe:34:e2:
94:d4:d0:01:b1:d5:de:b2:4e:56:75:14:22:3a:5f:c4:dc:85:
9c:37:5c:45:56:31:a7:1d:97:a2:8a:51:a3:29:cd:7e:8f:99:
39:7d:f6:88:06:a0:1e:9f:98:ab:45:81:88:12:83:9e:c4:dc:
13:1f:76:94:21:5f:88:10:7f:a4:07:31:fc:c2:0c:c1:ab:46:
ba:a4:68:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEBrQ5qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDMx
NDE1NDkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVlZDE0ZjFmNDE0
MWNiNGNjYWM0OGNiMWY0MGEzZmU5NTkyNTkyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtthg6IsJJaPWCRnw7trCBqHrfInquea/q5M69pGynp+gBL
EO0PkSJWZpfiYlPTxPrp81ZtGKvtJhpwiQ0V9LaiZpbHw4h2bpjt0etYkmxhVQV3
wXf0vKPBBLjLNFE4XZTAbrqVLML8N/s8AbdwwH3zJ0CVwaRusZ7R79M1aQiid2zW
aMfq2Gy8ui5mO9mZ54PQTyYmLGV6e5tsvneBT63v+PyJS/jbQwkthqRl6g1mrPX4
D7z6VKap2Qy4O/v6wEWtMPVaHuhob7OUA9evrqXVE8F7UOce9LPDkY+LEkqFCMl6
3/uUR6EoNT54x3NHkAJiLR2xxrOAufNSh68+kRECAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQe7RTx9BQctMysSMsfQKP+lZJZIjAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L0h1MFU4ZlFVSExUTXJFakxIMENqX3BXU1dTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwNQQCAAEwLzAMAwQFpmygAwQCpmzIMAwDBASmbNAD
BASmbOADBAKmbPQwCwMEAKZs+QMDAKZsMA0GCSqGSIb3DQEBCwUAA4IBAQAUukaX
aB/bsU5D59wtA35EZkotD5JC8pLxdKgfii1E88EaiUbeGicjfNt0X1tzLcLndjp/
v9L2PYhUq5l/p84F6NaUB5vSiIo0bcVRQ1ttlMXygqKMMRY6s9SkaDh/Y9BoWM2B
2EcILl+8PLShKexfiPztlKKEr28Wq9x45TgS8t7kDBFXIrKGiaMF+ymIGq3Agr+B
DmMPFfA5x4KMDUB0vOpHj5zRsMigFfXdGw6r0M/+NOKU1NABsdXesk5WdRQiOl/E
3IWcN1xFVjGnHZeiilGjKc1+j5k5ffaIBqAen5irRYGIEoOexNwTH3aUIV+IEH+k
BzH8wgzBq0a6pGjd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:40 2025 by rpki-client