Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/QSriuekXMsjUfBPaui-dYrAQHSI.roa
File: QSriuekXMsjUfBPaui-dYrAQHSI.roa (raw, json)
Hash identifier: 58yiZD9fR+/iUlPnaFN+F5XPBxoi7VixN3f2lugGDug=
Subject key identifier: 41:2A:E2:B9:E9:17:32:C8:D4:7C:13:DA:BA:2F:9D:62:B0:10:1D:22
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018323333B6A83B0C1333FD336FEBB4963CE
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/QSriuekXMsjUfBPaui-dYrAQHSI.roa
Signing time: Fri 09 Sep 2022 17:01:43 +0000
ROA not before: Fri 09 Sep 2022 17:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 166.108.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:33:3b:6a:83:b0:c1:33:3f:d3:36:fe:bb:49:63:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 9 17:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=412ae2b9e91732c8d47c13daba2f9d62b0101d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:37:d5:f3:a9:7c:b0:1d:12:e5:7a:88:12:
a4:5a:d6:f1:11:f6:f2:63:36:f3:68:65:8c:8f:b6:
d1:67:65:d0:30:80:66:8d:b9:af:ef:57:3e:40:66:
bc:63:84:85:b5:03:a4:79:d6:8e:e0:41:1e:31:db:
83:16:ad:ad:12:5a:fa:08:79:d2:e0:ba:df:bf:25:
b5:13:63:31:6d:7c:a2:d6:fe:10:3a:e2:93:98:6f:
8d:63:92:ff:9b:67:d7:0f:71:e3:31:8b:a8:6b:f9:
04:77:f2:79:83:bc:2f:74:35:71:64:c3:84:28:18:
64:30:23:7b:46:f6:d3:15:64:85:37:7c:8b:1d:3e:
5e:5e:b9:d5:c2:39:9a:a4:44:12:a3:f5:ae:a4:9f:
38:59:2a:22:51:49:35:20:98:cd:55:2f:84:c1:ad:
e6:e6:89:b0:6f:c8:38:85:a4:84:4f:d5:9a:e6:c1:
96:c8:32:8c:c7:3f:9f:e8:81:45:81:fa:61:f7:bc:
56:32:30:b2:13:d9:1b:9f:0c:f3:ee:c4:f3:6a:55:
cc:02:5f:21:11:e9:11:6c:8d:01:bb:e4:98:86:e3:
bd:c6:d8:81:9d:72:cc:73:63:27:14:39:70:f5:62:
cb:84:07:e0:b9:de:13:a9:91:16:bb:ba:13:5d:92:
be:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2A:E2:B9:E9:17:32:C8:D4:7C:13:DA:BA:2F:9D:62:B0:10:1D:22
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/QSriuekXMsjUfBPaui-dYrAQHSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
04:3a:b3:f8:02:21:16:61:4f:45:2e:92:98:3a:e6:a9:0c:7c:
4f:46:ef:c5:2d:83:7a:19:8d:2a:c7:5b:66:be:e5:6c:68:5e:
7b:4a:bd:e2:7b:4d:43:29:14:75:65:40:6e:b5:7b:2e:08:58:
22:68:16:71:90:a8:64:0f:20:e0:a1:00:af:a8:14:56:ae:8a:
81:fd:ab:06:97:66:7e:7e:5a:89:89:e6:7d:c5:20:9f:09:75:
1d:53:fb:9f:23:d9:69:3c:8b:5c:07:c3:d2:bf:87:3e:22:c6:
3b:03:31:f8:51:9b:a0:eb:7a:b9:4b:a5:53:f0:95:47:4d:a0:
d3:f5:28:aa:1a:e7:e4:28:a6:b9:a3:8a:62:51:3c:ad:c2:8f:
9d:5e:6f:33:cc:7a:13:58:b6:4c:6c:09:73:75:39:f9:d6:ce:
32:9e:97:f9:b4:24:54:84:3e:0d:2f:3b:5f:84:84:e8:a7:f9:
69:51:80:dc:26:6f:5c:0b:c4:13:f5:27:33:bb:f0:ae:1a:94:
48:da:e4:da:05:86:78:7e:1e:68:8c:74:33:89:b6:cf:4f:80:
cc:fe:55:bb:72:ab:6a:11:57:9b:f2:bc:ec:bb:e4:5c:3e:c1:
11:4e:c2:a6:e6:18:99:39:de:1c:f1:bb:e8:3a:84:7d:fc:a8:
72:16:06:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMjMztqg7DBMz/TNv67SWPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTA5MTcwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJhZTJiOWU5MTczMmM4ZDQ3YzEzZGFiYTJmOWQ2MmIwMTAxZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhc31fOpfLAdEuV6iBKkWtbxEfby
YzbzaGWMj7bRZ2XQMIBmjbmv71c+QGa8Y4SFtQOkedaO4EEeMduDFq2tElr6CHnS
4LrfvyW1E2MxbXyi1v4QOuKTmG+NY5L/m2fXD3HjMYuoa/kEd/J5g7wvdDVxZMOE
KBhkMCN7RvbTFWSFN3yLHT5eXrnVwjmapEQSo/WupJ84WSoiUUk1IJjNVS+Ewa3m
5omwb8g4haSET9Wa5sGWyDKMxz+f6IFFgfph97xWMjCyE9kbnwzz7sTzalXMAl8h
EekRbI0Bu+SYhuO9xtiBnXLMc2MnFDlw9WLLhAfgud4TqZEWu7oTXZK+IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEq4rnpFzLI1HwT2rovnWKwEB0iMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvUVNyaXVla1hNc2pVZkJQYXVpLWRZckFRSFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApmz/MA0G
CSqGSIb3DQEBCwUAA4IBAQAEOrP4AiEWYU9FLpKYOuapDHxPRu/FLYN6GY0qx1tm
vuVsaF57Sr3ie01DKRR1ZUButXsuCFgiaBZxkKhkDyDgoQCvqBRWroqB/asGl2Z+
flqJieZ9xSCfCXUdU/ufI9lpPItcB8PSv4c+IsY7AzH4UZug63q5S6VT8JVHTaDT
9SiqGufkKKa5o4piUTytwo+dXm8zzHoTWLZMbAlzdTn51s4ynpf5tCRUhD4NLztf
hITop/lpUYDcJm9cC8QT9Sczu/CuGpRI2uTaBYZ4fh5ojHQzibbPT4DM/lW7cqtq
EVeb8rzsu+RcPsERTsKm5hiZOd4c8bvoOoR9/KhyFgZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:32 2024 by rpki-client on console-ams.rpki-client.org