Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Oxh6wM9NkdQ-TPmTcct0h7wSf6s.roa
File: Oxh6wM9NkdQ-TPmTcct0h7wSf6s.roa (raw, json)
Hash identifier: 6A19X1M4K3/7WEaEk5KQGWEFjgubGz8gwM7qnp2AC6U=
Subject key identifier: 3B:18:7A:C0:CF:4D:91:D4:3E:4C:F9:93:71:CB:74:87:BC:12:7F:AB
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 079897CE
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Oxh6wM9NkdQ-TPmTcct0h7wSf6s.roa
Signing time: Mon 20 Jun 2022 11:17:52 +0000
ROA not before: Mon 20 Jun 2022 11:17:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.248.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.255.0/24 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127440846 (0x79897ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jun 20 11:17:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b187ac0cf4d91d43e4cf99371cb7487bc127fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4e:79:1f:20:c4:33:73:93:63:0c:7a:ef:25:
68:64:cf:81:a2:34:92:8a:2f:71:c2:26:de:2f:c9:
af:f1:5e:06:0f:9b:21:0e:e8:cf:5e:55:17:9b:3b:
c6:01:7c:7a:67:99:3c:80:28:84:c9:78:4a:b6:57:
c6:fe:fb:de:c6:e2:7b:43:cb:ea:29:ce:86:1f:6d:
88:25:41:04:18:25:70:92:2d:8f:35:e0:28:3c:88:
ea:7a:a0:04:84:a8:e9:fe:7d:56:72:c2:a2:a0:f6:
50:48:d4:50:0f:56:44:23:68:af:dc:cd:77:9d:fb:
2f:00:1e:5f:e7:d9:6e:06:e4:36:07:f6:e8:88:04:
db:f1:ec:2f:fe:1d:00:2d:92:fa:93:0f:1f:d5:70:
ca:0e:51:37:04:97:5b:50:6d:6f:38:ec:50:1f:93:
1c:3a:e6:8d:05:72:9d:fa:45:af:27:d3:c3:68:38:
0d:91:d8:b4:8c:06:5b:3c:fb:02:f4:6a:8d:b6:2d:
46:fb:f9:87:ed:91:2d:4e:89:c4:31:b2:5c:65:bb:
ea:f5:e5:9e:75:3f:30:ad:69:78:89:6b:b6:3f:f4:
52:b6:e1:0e:49:08:e9:e5:b7:f0:a9:99:88:96:6f:
a2:ec:b2:ff:ec:b5:4f:4f:60:4e:76:94:7b:21:1c:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:18:7A:C0:CF:4D:91:D4:3E:4C:F9:93:71:CB:74:87:BC:12:7F:AB
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/Oxh6wM9NkdQ-TPmTcct0h7wSf6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.192.0-166.108.203.255
166.108.242.0-166.108.255.255
Signature Algorithm: sha256WithRSAEncryption
4c:fa:23:3e:ab:1b:91:51:b4:b6:a4:29:f8:c5:42:31:93:9b:
e8:6f:1c:a9:66:63:1c:64:3f:e6:de:17:50:de:7d:fc:7b:c9:
ba:83:95:d2:19:c9:7c:b8:26:1e:a9:f0:e2:a1:ee:54:be:8a:
26:ff:02:4f:b7:d2:62:8f:f2:ed:9e:ef:73:d0:5d:e3:19:86:
42:a4:18:b5:7a:70:68:ce:48:1a:96:1a:c5:2e:18:c9:03:d8:
4d:01:4f:dd:a1:0b:4e:bd:3b:24:2a:fd:da:ba:a2:4c:c7:96:
16:81:00:d4:9e:b2:66:37:af:9b:f6:c3:dc:c1:43:0c:bb:df:
3d:61:0d:81:7a:12:86:6a:d6:f1:48:0d:7e:84:0e:93:83:f8:
0a:06:06:ef:f3:ee:43:28:d9:34:e6:96:6f:38:c3:c0:e6:07:
83:58:35:82:5e:2a:39:fc:e3:36:b6:1c:25:c2:78:de:36:ea:
c8:3b:c9:7e:25:b7:44:4d:1a:21:a4:3a:dc:9f:f8:85:3b:fe:
1e:08:d5:c6:12:c3:d9:54:19:7b:2d:c1:2e:fd:8c:d0:66:9c:
75:c9:d8:c7:64:bc:76:53:3c:2c:0e:fe:e2:3f:8c:52:83:66:
16:2d:e0:85:e9:ed:84:31:35:e0:e2:c3:16:d0:79:be:77:c1:
c9:f4:99:a5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB5iXzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDYy
MDExMTc1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IxODdhYzBjZjRk
OTFkNDNlNGNmOTkzNzFjYjc0ODdiYzEyN2ZhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxOeR8gxDNzk2MMeu8laGTPgaI0koovccIm3i/Jr/FeBg+b
IQ7oz15VF5s7xgF8emeZPIAohMl4SrZXxv773sbie0PL6inOhh9tiCVBBBglcJIt
jzXgKDyI6nqgBISo6f59VnLCoqD2UEjUUA9WRCNor9zNd537LwAeX+fZbgbkNgf2
6IgE2/HsL/4dAC2S+pMPH9Vwyg5RNwSXW1BtbzjsUB+THDrmjQVynfpFryfTw2g4
DZHYtIwGWzz7AvRqjbYtRvv5h+2RLU6JxDGyXGW76vXlnnU/MK1peIlrtj/0Urbh
DkkI6eW38KmZiJZvouyy/+y1T09gTnaUeyEcXAsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ7GHrAz02R1D5M+ZNxy3SHvBJ/qzAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L094aDZ3TTlOa2RRLVRQbVRjY3QwaDd3U2Y2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwIQQCAAEwGzAMAwQGpmzAAwQCpmzIMAsDBAGmbPID
AwCmbDANBgkqhkiG9w0BAQsFAAOCAQEATPojPqsbkVG0tqQp+MVCMZOb6G8cqWZj
HGQ/5t4XUN59/HvJuoOV0hnJfLgmHqnw4qHuVL6KJv8CT7fSYo/y7Z7vc9Bd4xmG
QqQYtXpwaM5IGpYaxS4YyQPYTQFP3aELTr07JCr92rqiTMeWFoEA1J6yZjevm/bD
3MFDDLvfPWENgXoShmrW8UgNfoQOk4P4CgYG7/PuQyjZNOaWbzjDwOYHg1g1gl4q
OfzjNrYcJcJ43jbqyDvJfiW3RE0aIaQ63J/4hTv+HgjVxhLD2VQZey3BLv2M0Gac
dcnYx2S8dlM8LA7+4j+MUoNmFi3ghenthDE14OLDFtB5vnfByfSZpQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org