Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/UGA3hhipjyoGFlERJlFicKhF-7w.roa
File: UGA3hhipjyoGFlERJlFicKhF-7w.roa (raw, json)
Hash identifier: L+NaKnxhxN8uYB6WDXHI4in9/xG9YynrMebGKRH3Sqw=
Subject key identifier: 50:60:37:86:18:A9:8F:2A:06:16:51:11:26:51:62:70:A8:45:FB:BC
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06A539D8
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/UGA3hhipjyoGFlERJlFicKhF-7w.roa
Signing time: Mon 07 Mar 2022 15:43:37 +0000
ROA not before: Mon 07 Mar 2022 15:43:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 166.108.248.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111491544 (0x6a539d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 7 15:43:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5060378618a98f2a0616511126516270a845fbbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:56:da:fd:af:98:25:8e:3b:ce:be:dc:fa:
39:54:0e:a1:73:94:05:5b:4c:63:da:13:5c:86:70:
d4:c1:15:f4:64:1c:17:9e:a5:4e:82:ef:04:20:20:
c3:38:b5:06:d7:ed:39:72:60:08:35:8c:51:14:b8:
1c:67:a4:21:04:3d:d6:82:53:3e:92:3a:eb:f0:30:
3e:21:f0:26:e8:00:e3:06:40:57:50:14:ed:2c:ce:
39:8f:41:28:dc:78:c6:b7:46:57:a8:7e:57:f5:e1:
4c:44:e3:f4:b6:47:7f:01:db:b7:22:e5:8c:06:b6:
e9:a3:f1:69:a7:a8:b0:30:8f:bf:0d:34:f6:7b:19:
1c:c6:e0:87:16:ca:77:9b:23:eb:86:a8:7f:76:55:
fc:76:b7:31:d6:34:1d:a7:00:af:01:e4:4d:9f:04:
fc:a8:e1:14:d3:2e:bc:d5:0c:68:c9:3e:7c:98:4a:
90:00:04:9b:45:f2:57:94:8c:03:c0:55:28:17:1a:
84:c9:83:6b:40:10:25:f4:ca:88:63:c1:67:10:bd:
14:c0:31:80:9c:ef:ef:72:4c:c3:0c:da:76:39:8e:
e6:2c:7b:e1:66:5d:6a:f2:a6:42:24:09:62:52:8c:
e2:72:16:b5:ea:8b:da:c2:e8:90:87:24:3f:27:f4:
4e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:60:37:86:18:A9:8F:2A:06:16:51:11:26:51:62:70:A8:45:FB:BC
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/UGA3hhipjyoGFlERJlFicKhF-7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.248.0/24
166.108.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f2:8f:60:df:0d:ef:31:17:94:d9:f0:0f:03:ad:46:5a:f8:
8b:66:34:c5:f5:55:d5:1b:e5:97:10:c1:3c:38:db:79:d0:91:
2d:c3:44:cd:89:c9:47:e9:6d:65:28:a2:e3:22:e4:91:58:10:
8f:15:db:f1:ef:f1:d5:1a:f4:25:9b:af:a2:49:49:cd:ba:df:
ab:d4:b8:a2:2a:ad:7b:6c:dd:3c:44:e5:dc:5e:4f:73:d7:dd:
ba:1b:ef:0e:38:74:1a:39:f1:ee:08:e8:51:f2:6d:97:b4:b0:
e1:79:be:77:dc:09:9c:d1:88:05:c5:a9:2e:61:e5:eb:99:24:
e3:0d:bb:16:fb:b4:c1:70:89:29:9c:76:39:22:ea:8f:97:2e:
44:6b:ec:fe:a9:c0:3c:77:b2:4d:96:b8:4a:e3:53:ae:3d:30:
91:0b:05:7f:8d:37:cf:bc:d0:65:9f:5f:6e:37:04:82:59:4a:
b4:e6:2f:76:a2:58:93:9f:d1:69:51:2d:9e:c2:aa:f7:d2:d1:
9b:55:81:ac:d9:f7:15:72:22:b2:f2:d0:67:33:1d:e5:5b:19:
b8:c8:b6:09:da:a9:ba:d5:8c:63:96:c3:dd:cf:b7:2b:26:97:
af:76:41:57:9a:a1:f8:ce:1e:a8:de:1c:fd:45:ce:2a:3f:07:
d8:32:46:d6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBqU52DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDMw
NzE1NDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTA2MDM3ODYxOGE5
OGYyYTA2MTY1MTExMjY1MTYyNzBhODQ1ZmJiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9lVtr9r5gljjvOvtz6OVQOoXOUBVtMY9oTXIZw1MEV9GQc
F56lToLvBCAgwzi1BtftOXJgCDWMURS4HGekIQQ91oJTPpI66/AwPiHwJugA4wZA
V1AU7SzOOY9BKNx4xrdGV6h+V/XhTETj9LZHfwHbtyLljAa26aPxaaeosDCPvw00
9nsZHMbghxbKd5sj64aof3ZV/Ha3MdY0HacArwHkTZ8E/KjhFNMuvNUMaMk+fJhK
kAAEm0XyV5SMA8BVKBcahMmDa0AQJfTKiGPBZxC9FMAxgJzv73JMwwzadjmO5ix7
4WZdavKmQiQJYlKM4nIWteqL2sLokIckPyf0TmkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRQYDeGGKmPKgYWUREmUWJwqEX7vDAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L1VHQTNoaGlwanlvR0ZsRVJKbEZpY0toRi03dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAKZs+AMEAKZs/jANBgkqhkiG9w0B
AQsFAAOCAQEAjPKPYN8N7zEXlNnwDwOtRlr4i2Y0xfVV1RvllxDBPDjbedCRLcNE
zYnJR+ltZSii4yLkkVgQjxXb8e/x1Rr0JZuvoklJzbrfq9S4oiqte2zdPETl3F5P
c9fduhvvDjh0Gjnx7gjoUfJtl7Sw4Xm+d9wJnNGIBcWpLmHl65kk4w27Fvu0wXCJ
KZx2OSLqj5cuRGvs/qnAPHeyTZa4SuNTrj0wkQsFf403z7zQZZ9fbjcEgllKtOYv
dqJYk5/RaVEtnsKq99LRm1WBrNn3FXIisvLQZzMd5VsZuMi2CdqputWMY5bD3c+3
KyaXr3ZBV5qh+M4eqN4c/UXOKj8H2DJG1g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:21 2025 by rpki-client