Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/VjneL9-lkxBfMpseYxGtq6G6ock.roa
File: VjneL9-lkxBfMpseYxGtq6G6ock.roa (raw, json)
Hash identifier: X5SolxKBdnlrtrc3OCGDkHPf4o/0orlpuYCJciW34Dg=
Subject key identifier: 56:39:DE:2F:DF:A5:93:10:5F:32:9B:1E:63:11:AD:AB:A1:BA:A1:C9
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01837E96B2C807A4686A358FC020116F40FA
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/VjneL9-lkxBfMpseYxGtq6G6ock.roa
Signing time: Tue 27 Sep 2022 10:55:48 +0000
ROA not before: Tue 27 Sep 2022 10:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202848
IP address blocks: 166.108.238.0/23 maxlen: 24
166.108.236.0/23 maxlen: 24
166.108.240.0/23 maxlen: 24
166.108.234.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7e:96:b2:c8:07:a4:68:6a:35:8f:c0:20:11:6f:40:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 27 10:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5639de2fdfa593105f329b1e6311adaba1baa1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f4:a7:84:86:fb:00:bf:58:8c:36:1a:63:82:
bc:00:a2:d1:61:e8:69:7c:fd:09:49:c0:4f:80:85:
56:3e:5a:fb:46:12:fc:44:a0:04:59:a2:68:9b:1a:
e6:26:c2:d0:15:95:e2:4f:70:fe:45:13:06:86:35:
80:0c:02:ca:08:cf:a2:0d:8b:b0:6b:27:b5:64:21:
05:2a:ca:ed:d1:ea:d3:82:7a:e0:ff:ab:38:d4:ee:
56:31:0a:b3:87:c3:58:20:73:55:2b:c9:a4:df:a2:
d0:6c:1e:40:73:14:a7:53:42:53:84:e8:bd:25:4b:
49:26:d1:ca:01:6f:39:19:5f:e1:71:f0:e7:04:31:
fa:5b:e7:5d:5a:69:d6:7c:12:ca:64:ac:0e:47:46:
2b:c6:dc:28:86:93:ef:5a:a0:2e:f1:7b:d8:63:ed:
35:2e:89:22:93:08:bd:2b:67:a0:da:d0:fc:91:6e:
78:e2:66:f6:1e:7a:35:01:ed:d0:3f:bd:82:7b:2b:
a4:ca:d9:2a:50:33:82:74:ee:9a:2a:85:0e:78:d0:
a1:16:d5:24:1a:7f:76:6d:03:3d:6a:3f:9a:f5:67:
11:98:0b:23:3a:18:55:d7:ee:38:75:5b:37:77:97:
31:5f:90:25:db:0c:32:0a:e2:de:aa:81:a0:dc:1a:
18:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:39:DE:2F:DF:A5:93:10:5F:32:9B:1E:63:11:AD:AB:A1:BA:A1:C9
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/VjneL9-lkxBfMpseYxGtq6G6ock.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.234.0-166.108.241.255
Signature Algorithm: sha256WithRSAEncryption
37:7e:55:fb:02:7d:81:ba:0a:7c:06:29:03:00:cf:c0:89:8b:
6f:57:bc:6a:b8:1e:f3:f1:2d:3b:0d:47:d8:df:57:2b:92:69:
67:d5:fe:d9:bb:6a:ad:68:08:65:fc:64:4c:f6:2d:50:2d:be:
d3:24:28:9a:8c:6b:c2:de:8a:2d:b3:b2:49:12:ad:df:be:e7:
8b:7c:1d:27:95:ba:bb:e0:bf:69:a5:2a:84:e7:4b:3e:26:88:
04:1f:31:52:b2:82:4b:6e:15:34:c7:0a:8c:01:e5:db:c2:04:
9e:c9:39:37:da:0c:bb:b9:f0:34:db:a4:d1:46:4b:f9:63:58:
7d:34:9c:f4:98:26:6c:f4:80:8c:c8:eb:d1:51:74:ae:1e:88:
86:da:34:35:cb:26:a3:dd:ad:3e:61:bd:f5:a7:66:97:aa:c4:
e8:53:f9:9e:d9:a0:47:4e:72:3f:64:2d:21:38:f3:22:e7:87:
e4:ce:cd:c9:64:86:e8:d0:81:aa:62:25:62:81:cc:17:67:72:
10:3d:9f:3c:a9:1b:e6:cd:71:e4:84:c0:9a:ca:2a:09:df:09:
ab:04:00:65:96:6e:e0:a5:a9:a0:15:08:8e:de:77:f5:48:19:
eb:45:19:f0:13:ba:f8:5b:a3:7b:3e:2c:d5:ef:d8:8f:a0:38:
e4:00:00:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYN+lrLIB6RoajWPwCARb0D6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTI3MTA1NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjM5ZGUyZmRmYTU5MzEwNWYzMjliMWU2MzExYWRhYmExYmFhMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfSnhIb7AL9YjDYaY4K8AKLRYehp
fP0JScBPgIVWPlr7RhL8RKAEWaJomxrmJsLQFZXiT3D+RRMGhjWADALKCM+iDYuw
aye1ZCEFKsrt0erTgnrg/6s41O5WMQqzh8NYIHNVK8mk36LQbB5AcxSnU0JThOi9
JUtJJtHKAW85GV/hcfDnBDH6W+ddWmnWfBLKZKwOR0YrxtwohpPvWqAu8XvYY+01
Lokikwi9K2eg2tD8kW544mb2Hno1Ae3QP72CeyukytkqUDOCdO6aKoUOeNChFtUk
Gn92bQM9aj+a9WcRmAsjOhhV1+44dVs3d5cxX5Al2wwyCuLeqoGg3BoYQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFY53i/fpZMQXzKbHmMRrauhuqHJMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvVmpuZUw5LWxreEJmTXBzZVl4R3RxNkc2b2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGmbOoD
BAGmbPAwDQYJKoZIhvcNAQELBQADggEBADd+VfsCfYG6CnwGKQMAz8CJi29XvGq4
HvPxLTsNR9jfVyuSaWfV/tm7aq1oCGX8ZEz2LVAtvtMkKJqMa8Leii2zskkSrd++
54t8HSeVurvgv2mlKoTnSz4miAQfMVKygktuFTTHCowB5dvCBJ7JOTfaDLu58DTb
pNFGS/ljWH00nPSYJmz0gIzI69FRdK4eiIbaNDXLJqPdrT5hvfWnZpeqxOhT+Z7Z
oEdOcj9kLSE48yLnh+TOzclkhujQgapiJWKBzBdnchA9nzypG+bNceSEwJrKKgnf
CasEAGWWbuClqaAVCI7ed/VIGetFGfATuvhbo3s+LNXv2I+gOOQAACQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org