Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/T0qL6yOCjE7w1LXIWgpbcEJPZo4.roa
File: T0qL6yOCjE7w1LXIWgpbcEJPZo4.roa (raw, json)
Hash identifier: +R8s/QMuumQh50/OX3IE0go9E9EwhRzzONtILc2VWNs=
Subject key identifier: 4F:4A:8B:EB:23:82:8C:4E:F0:D4:B5:C8:5A:0A:5B:70:42:4F:66:8E
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 018460BCE86E78E4439F60E474213DC5D4D2
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/T0qL6yOCjE7w1LXIWgpbcEJPZo4.roa
Signing time: Thu 10 Nov 2022 08:51:43 +0000
ROA not before: Thu 10 Nov 2022 08:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 166.108.232.0/23 maxlen: 24
166.108.160.0/22 maxlen: 24
166.108.172.0/22 maxlen: 24
166.108.168.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:bc:e8:6e:78:e4:43:9f:60:e4:74:21:3d:c5:d4:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Nov 10 08:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f4a8beb23828c4ef0d4b5c85a0a5b70424f668e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:45:f4:fa:05:89:d0:28:92:54:a8:92:15:
92:07:07:d5:90:f8:11:d6:00:6e:2d:24:5b:d8:b6:
d0:ad:96:41:fa:aa:c1:5e:46:bb:a0:4c:de:37:d1:
e1:dd:5b:39:94:1e:ad:f2:76:ab:a5:69:cc:9f:f8:
a1:9e:82:77:c8:5d:6d:e8:5b:93:af:eb:86:32:f0:
9c:69:5c:d3:70:fe:7d:9c:e8:e5:ec:ba:7e:90:1a:
c2:89:af:4c:1a:7e:55:dd:ad:f0:b1:d7:b3:48:91:
10:51:60:01:d0:7d:31:90:d4:34:e8:c8:0d:f5:2b:
7d:a5:a7:9c:6e:10:00:65:7a:54:05:1d:6c:38:8c:
55:af:2e:f2:c9:9d:95:7d:8e:2f:63:fe:e8:51:6a:
3e:bc:2b:cb:c1:95:a3:00:77:29:16:20:20:18:d3:
b3:c4:54:d6:87:57:8c:15:05:d1:68:f6:87:da:5d:
d0:fd:2a:63:b0:14:44:57:d7:7d:c5:41:03:24:3b:
69:6a:61:dc:e6:5e:42:ce:b5:9a:7f:4f:6e:8c:26:
35:a5:26:ef:1c:83:08:0a:24:95:d5:7a:4f:4e:9f:
89:e6:40:68:e1:3d:ce:bb:1e:80:ab:fc:89:c0:90:
2c:61:7c:ef:fa:9c:92:c0:6a:c5:03:ea:22:a8:09:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:4A:8B:EB:23:82:8C:4E:F0:D4:B5:C8:5A:0A:5B:70:42:4F:66:8E
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/T0qL6yOCjE7w1LXIWgpbcEJPZo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0/22
166.108.168.0/21
166.108.196.0/22
166.108.232.0/23
Signature Algorithm: sha256WithRSAEncryption
13:20:49:42:9c:76:2d:d6:4b:fa:a6:ef:73:e5:8c:81:27:44:
ea:56:14:c1:21:bd:73:35:46:04:91:8b:2d:84:9e:d2:02:c6:
1f:d9:f6:a7:0b:af:c1:38:20:1b:7a:92:65:53:5f:89:b4:bf:
1f:4f:11:73:25:91:c0:58:30:37:d7:b0:37:ae:c2:ec:11:1f:
e1:ab:a6:a6:28:93:d8:db:78:9c:2e:a6:61:01:c3:24:d1:34:
12:74:fe:8c:ba:fe:fd:1d:42:79:ff:91:b0:3c:42:bf:d2:31:
b9:ef:5c:2c:82:b8:d5:0c:e8:30:3b:38:6d:a2:9b:3e:0a:65:
1f:b6:38:f1:9d:ad:35:31:a2:1d:03:36:d0:a0:ea:68:77:b3:
4b:7f:65:a6:72:a7:85:5f:57:42:19:db:14:0d:ba:89:f1:8a:
86:44:2c:d7:b5:05:68:a9:c6:d7:24:af:9f:e0:df:b5:91:fd:
58:60:e8:b6:7a:e9:b1:b4:c2:47:31:bf:62:0e:a7:a0:25:15:
01:38:c5:e9:bf:06:eb:2c:8b:6f:4d:e9:f0:67:94:92:2c:35:
ac:5c:21:12:93:01:a5:2b:e4:65:83:43:e4:7b:a7:5d:97:45:
fd:dc:ae:46:9b:3c:b4:c9:47:c2:7a:c0:c3:d0:3b:0d:1c:6e:
07:ed:2c:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRgvOhueORDn2DkdCE9xdTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIxMTEwMDg1MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjRhOGJlYjIzODI4YzRlZjBkNGI1Yzg1YTBhNWI3MDQyNGY2NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/5F9PoFidAoklSokhWSBwfVkPgR
1gBuLSRb2LbQrZZB+qrBXka7oEzeN9Hh3Vs5lB6t8narpWnMn/ihnoJ3yF1t6FuT
r+uGMvCcaVzTcP59nOjl7Lp+kBrCia9MGn5V3a3wsdezSJEQUWAB0H0xkNQ06MgN
9St9paecbhAAZXpUBR1sOIxVry7yyZ2VfY4vY/7oUWo+vCvLwZWjAHcpFiAgGNOz
xFTWh1eMFQXRaPaH2l3Q/SpjsBREV9d9xUEDJDtpamHc5l5CzrWaf09ujCY1pSbv
HIMICiSV1XpPTp+J5kBo4T3Oux6Aq/yJwJAsYXzv+pySwGrFA+oiqAm2+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE9Ki+sjgoxO8NS1yFoKW3BCT2aOMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvVDBxTDZ5T0NqRTd3MUxYSVdncGJjRUpQWm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCpmygAwQD
pmyoAwQCpmzEAwQBpmzoMA0GCSqGSIb3DQEBCwUAA4IBAQATIElCnHYt1kv6pu9z
5YyBJ0TqVhTBIb1zNUYEkYsthJ7SAsYf2fanC6/BOCAbepJlU1+JtL8fTxFzJZHA
WDA317A3rsLsER/hq6amKJPY23icLqZhAcMk0TQSdP6Muv79HUJ5/5GwPEK/0jG5
71wsgrjVDOgwOzhtops+CmUftjjxna01MaIdAzbQoOpod7NLf2WmcqeFX1dCGdsU
DbqJ8YqGRCzXtQVoqcbXJK+f4N+1kf1YYOi2eumxtMJHMb9iDqegJRUBOMXpvwbr
LItvTenwZ5SSLDWsXCESkwGlK+Rlg0Pke6ddl0X93K5Gmzy0yUfCesDD0DsNHG4H
7Szx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:57 2025 by rpki-client