Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/OaH03epw_PHd9m2R4AaE8ydzBmo.roa
File: OaH03epw_PHd9m2R4AaE8ydzBmo.roa (raw, json)
Hash identifier: pZ1ALytNoxH6xPjvR+n4Ebao8pFxQ/VQKT6/oJeeoGs=
Subject key identifier: 39:A1:F4:DD:EA:70:FC:F1:DD:F6:6D:91:E0:06:84:F3:27:73:06:6A
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 07A33CF8
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/OaH03epw_PHd9m2R4AaE8ydzBmo.roa
Signing time: Fri 24 Jun 2022 13:06:31 +0000
ROA not before: Fri 24 Jun 2022 13:06:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 166.108.240.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128138488 (0x7a33cf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jun 24 13:06:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39a1f4ddea70fcf1ddf66d91e00684f32773066a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8a:34:2f:8c:4f:28:b5:1a:87:90:dc:e2:07:
19:c2:64:07:ea:d0:2d:38:88:c1:3c:08:a5:c5:9f:
5b:02:40:c3:a3:39:14:05:46:14:a0:86:fc:09:42:
6c:44:50:9e:59:63:c1:7f:ee:0c:5c:3a:dc:fa:dc:
35:37:bb:74:26:8c:05:27:af:4c:43:d0:70:95:99:
9f:99:95:e0:0c:ff:0d:5b:51:7d:ef:81:3f:70:5d:
57:04:f5:05:ea:aa:c4:1c:05:62:a8:0e:da:fc:b6:
05:1e:0b:cd:98:20:b3:f9:02:08:ef:bc:8f:e5:1a:
e4:7b:c0:f7:88:b0:ab:2d:e7:dc:ef:c9:be:1b:9b:
39:9b:47:44:f1:be:94:27:6f:29:61:0b:1c:70:f6:
62:7e:1e:c2:8f:17:be:b2:3d:5b:39:86:b3:c5:e5:
73:d3:de:d3:20:f0:b7:d8:d9:6d:01:88:a4:1e:96:
27:8d:29:92:8d:9c:85:64:c3:7d:8c:ec:a7:20:e4:
11:10:00:a2:a5:66:96:25:e6:77:bf:4a:f2:63:dc:
f6:d2:8b:11:b2:02:6c:8e:e9:99:00:d4:79:70:55:
3e:9c:7a:61:e0:56:fb:86:2f:7a:f0:ec:07:74:e9:
03:de:0e:1d:08:80:9e:88:3a:db:91:cc:09:96:5b:
1c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A1:F4:DD:EA:70:FC:F1:DD:F6:6D:91:E0:06:84:F3:27:73:06:6A
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/OaH03epw_PHd9m2R4AaE8ydzBmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.240.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:71:69:95:05:a2:01:46:43:73:9e:e8:33:ba:72:5f:6a:6d:
cf:bc:cc:3a:14:a2:0c:f5:36:e0:5f:81:6b:46:83:6e:45:ad:
7d:84:c7:c8:d9:62:07:b6:db:2f:d4:ac:8a:ab:06:f4:db:41:
ca:a1:eb:a3:1c:97:e9:a6:fe:e8:8a:85:40:81:2e:b8:59:a5:
5f:76:77:4c:a9:99:a2:cb:34:c3:f4:13:5d:63:aa:2a:94:c7:
11:7f:2d:f5:17:a3:8a:fa:5d:72:ca:e0:43:55:b6:f2:4e:bd:
25:00:ee:1c:85:4c:b6:a0:c5:0d:2d:a5:0b:36:9b:41:a6:1c:
73:96:6e:fd:9f:f6:95:ce:53:c1:83:f1:c0:6e:8b:e1:50:b9:
1b:e1:59:b0:bb:e6:a7:a4:1b:42:0a:ad:ed:d8:53:b3:e7:c5:
e8:3c:79:22:01:5e:90:d0:19:ba:55:66:df:34:a5:c7:65:a8:
37:75:f0:68:56:9f:06:da:50:1f:e8:65:81:f1:ba:ad:af:51:
c5:a8:14:fa:0c:a4:f1:d7:5c:40:c5:e0:c4:7a:9e:0c:3b:62:
d4:12:2b:46:a4:1c:85:87:8b:39:c2:83:05:9d:3a:20:67:b6:
d0:70:b3:1c:f4:c0:dd:d2:f7:4b:3e:a1:25:75:32:06:c9:eb:
aa:72:5b:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB6M8+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDYy
NDEzMDYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlhMWY0ZGRlYTcw
ZmNmMWRkZjY2ZDkxZTAwNjg0ZjMyNzczMDY2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOKNC+MTyi1GoeQ3OIHGcJkB+rQLTiIwTwIpcWfWwJAw6M5
FAVGFKCG/AlCbERQnlljwX/uDFw63PrcNTe7dCaMBSevTEPQcJWZn5mV4Az/DVtR
fe+BP3BdVwT1BeqqxBwFYqgO2vy2BR4LzZggs/kCCO+8j+Ua5HvA94iwqy3n3O/J
vhubOZtHRPG+lCdvKWELHHD2Yn4ewo8XvrI9WzmGs8Xlc9Pe0yDwt9jZbQGIpB6W
J40pko2chWTDfYzspyDkERAAoqVmliXmd79K8mPc9tKLEbICbI7pmQDUeXBVPpx6
YeBW+4YvevDsB3TpA94OHQiAnog625HMCZZbHKECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5ofTd6nD88d32bZHgBoTzJ3MGajAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L09hSDAzZXB3X1BIZDltMlI0QWFFOHlkekJtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaZs8DANBgkqhkiG9w0BAQsFAAOC
AQEACnFplQWiAUZDc57oM7pyX2ptz7zMOhSiDPU24F+Ba0aDbkWtfYTHyNliB7bb
L9SsiqsG9NtByqHroxyX6ab+6IqFQIEuuFmlX3Z3TKmZoss0w/QTXWOqKpTHEX8t
9RejivpdcsrgQ1W28k69JQDuHIVMtqDFDS2lCzabQaYcc5Zu/Z/2lc5TwYPxwG6L
4VC5G+FZsLvmp6QbQgqt7dhTs+fF6Dx5IgFekNAZulVm3zSlx2WoN3XwaFafBtpQ
H+hlgfG6ra9RxagU+gyk8ddcQMXgxHqeDDti1BIrRqQchYeLOcKDBZ06IGe20HCz
HPTA3dL3Sz6hJXUyBsnrqnJbaQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org