Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/U4skPFkVAhTCmTRTNuD8k6IQkN8.roa
File: U4skPFkVAhTCmTRTNuD8k6IQkN8.roa (raw, json)
Hash identifier: WnRV320wSRy0S4XS9XR+QY9Iy/ln6cW4Ie2m7llQ0+U=
Subject key identifier: 53:8B:24:3C:59:15:02:14:C2:99:34:53:36:E0:FC:93:A2:10:90:DF
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06B5A2D6
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/U4skPFkVAhTCmTRTNuD8k6IQkN8.roa
Signing time: Mon 14 Mar 2022 15:49:36 +0000
ROA not before: Mon 14 Mar 2022 15:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 166.108.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112566998 (0x6b5a2d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 14 15:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=538b243c59150214c299345336e0fc93a21090df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7b:0a:15:fe:71:78:81:62:ea:cf:3f:54:e4:
42:02:9e:24:e1:97:bd:d7:b8:e1:2e:f1:61:9f:6a:
fd:20:b8:89:50:f8:48:8e:c5:6a:f3:94:32:bf:08:
c8:8c:96:4f:f4:c9:45:34:f9:1b:3b:fc:70:3d:bf:
b9:5e:9f:17:26:0d:82:fb:9d:1b:02:c5:36:50:b2:
d1:17:8f:34:53:7a:8b:d0:81:ea:03:86:ca:ac:74:
e6:cc:a6:03:74:4b:96:16:a1:48:7b:fc:a3:8f:21:
ab:6c:f4:ee:17:d8:fd:f0:25:4c:ab:31:55:2b:c1:
00:eb:5d:35:db:ed:dc:61:44:41:1c:57:7e:fd:ed:
37:c2:b8:11:66:85:6f:cc:b7:17:d7:55:f9:1a:0c:
ab:89:dd:aa:57:0e:8b:ca:c4:0f:22:16:53:22:ae:
71:2a:a2:7f:7b:1e:9b:c0:27:d9:b1:67:35:75:da:
f5:31:05:ca:0e:2a:59:27:c0:f2:c3:b6:82:10:b5:
2c:00:10:c8:50:35:05:92:ff:d1:f6:93:8e:e3:c5:
95:81:41:af:d9:f2:bd:82:b1:55:f2:29:20:b8:e3:
ef:f7:40:f5:c0:e9:75:43:c3:7d:b1:70:e0:f1:6d:
8f:83:e7:f3:c5:3a:e3:95:e7:cd:5a:a1:98:d1:ff:
45:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8B:24:3C:59:15:02:14:C2:99:34:53:36:E0:FC:93:A2:10:90:DF
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/U4skPFkVAhTCmTRTNuD8k6IQkN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:7e:eb:f6:79:8f:3d:81:47:8c:2e:52:49:4d:29:cd:43:ea:
41:98:8c:d6:07:e0:6f:71:26:46:29:9e:57:a7:c6:6c:84:9a:
ef:1d:95:59:b5:87:c9:31:81:b6:e3:39:b1:6a:57:89:b1:b7:
94:fa:9e:7d:e3:e5:76:1a:c5:d5:76:b5:91:7f:8b:ba:aa:1f:
84:e4:93:fd:f7:c7:77:5c:89:cb:05:fc:09:c6:38:d2:29:29:
c0:3e:3f:8f:76:5e:3f:95:ab:70:a9:ce:94:7b:ea:e7:2e:32:
71:3e:52:94:10:db:ad:09:0a:f5:cf:eb:5b:57:91:75:d5:16:
12:34:1b:76:3f:67:a4:74:85:0f:9c:0c:d4:06:4c:c0:7b:70:
82:3e:7e:35:c6:7e:29:c2:bc:2d:34:46:1a:46:52:2a:db:4b:
02:7e:23:94:d0:b4:e3:0b:ff:e1:cf:6f:37:ce:97:e8:99:32:
79:a2:38:5e:70:73:b5:df:92:96:c2:91:f9:a4:1f:6f:0f:61:
de:58:34:06:a1:9b:f6:46:07:ca:38:c1:9a:39:67:9f:ad:01:
4f:d6:0e:3d:ea:9d:32:6f:c1:87:ce:43:5a:3f:7d:1b:53:43:
dc:5f:8f:f2:46:0a:8b:18:6a:7f:65:39:fd:74:fa:ea:8a:7f:
76:ea:c4:2b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBrWi1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDMx
NDE1NDkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM4YjI0M2M1OTE1
MDIxNGMyOTkzNDUzMzZlMGZjOTNhMjEwOTBkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV7ChX+cXiBYurPP1TkQgKeJOGXvde44S7xYZ9q/SC4iVD4
SI7FavOUMr8IyIyWT/TJRTT5Gzv8cD2/uV6fFyYNgvudGwLFNlCy0RePNFN6i9CB
6gOGyqx05symA3RLlhahSHv8o48hq2z07hfY/fAlTKsxVSvBAOtdNdvt3GFEQRxX
fv3tN8K4EWaFb8y3F9dV+RoMq4ndqlcOi8rEDyIWUyKucSqif3sem8An2bFnNXXa
9TEFyg4qWSfA8sO2ghC1LAAQyFA1BZL/0faTjuPFlYFBr9nyvYKxVfIpILjj7/dA
9cDpdUPDfbFw4PFtj4Pn88U645XnzVqhmNH/RQECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTiyQ8WRUCFMKZNFM24PyTohCQ3zAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L1U0c2tQRmtWQWhUQ21UUlROdUQ4azZJUWtOOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKZs+DANBgkqhkiG9w0BAQsFAAOC
AQEApH7r9nmPPYFHjC5SSU0pzUPqQZiM1gfgb3EmRimeV6fGbISa7x2VWbWHyTGB
tuM5sWpXibG3lPqefePldhrF1Xa1kX+LuqofhOST/ffHd1yJywX8CcY40ikpwD4/
j3ZeP5WrcKnOlHvq5y4ycT5SlBDbrQkK9c/rW1eRddUWEjQbdj9npHSFD5wM1AZM
wHtwgj5+NcZ+KcK8LTRGGkZSKttLAn4jlNC04wv/4c9vN86X6JkyeaI4XnBztd+S
lsKR+aQfbw9h3lg0BqGb9kYHyjjBmjlnn60BT9YOPeqdMm/Bh85DWj99G1ND3F+P
8kYKixhqf2U5/XT66op/durEKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:46 2024 by rpki-client on console-fra.rpki-client.org