Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/W_K0HQmDWAMSWRft3eO2QLEe4p4.roa
File: W_K0HQmDWAMSWRft3eO2QLEe4p4.roa (raw, json)
Hash identifier: b+STTQJrr6+HvVapRGB5RlirL4T9oQ6bV9GAb2mkkCI=
Subject key identifier: 5B:F2:B4:1D:09:83:58:03:12:59:17:ED:DD:E3:B6:40:B1:1E:E2:9E
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0185727DBF76995A4AFC3B2E03A73DE86984
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/W_K0HQmDWAMSWRft3eO2QLEe4p4.roa
Signing time: Mon 02 Jan 2023 12:38:41 +0000
ROA not before: Mon 02 Jan 2023 12:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 166.108.216.0/23 maxlen: 23
166.108.226.0/23 maxlen: 23
166.108.220.0/23 maxlen: 23
166.108.222.0/23 maxlen: 23
166.108.230.0/23 maxlen: 23
166.108.232.0/23 maxlen: 23
166.108.228.0/23 maxlen: 23
166.108.244.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 23
166.108.251.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.160.0/22 maxlen: 22
166.108.168.0/22 maxlen: 22
166.108.172.0/22 maxlen: 22
166.108.176.0/22 maxlen: 22
166.108.184.0/22 maxlen: 22
166.108.188.0/22 maxlen: 22
166.108.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7d:bf:76:99:5a:4a:fc:3b:2e:03:a7:3d:e8:69:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 2 12:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bf2b41d09835803125917eddde3b640b11ee29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:83:4d:8e:27:7b:32:69:75:ae:fd:a6:3a:3c:
2a:e8:ab:51:7c:11:bc:1a:ca:69:10:44:da:ee:c2:
3a:5b:5d:af:b4:e9:0c:2b:a8:52:64:ac:51:9b:6b:
fa:a7:d0:0e:22:12:c1:3e:5d:81:2c:f1:39:46:ba:
94:9b:1e:92:dc:02:63:3c:6c:09:0e:ab:44:cb:9b:
77:4e:a2:c4:f2:20:54:34:fa:2c:ab:b7:e5:e0:69:
69:64:03:cb:eb:2d:8e:e7:4d:ba:99:d8:26:7b:a3:
ea:36:b1:48:3c:8e:8a:dc:d9:dc:d9:36:0f:1b:0c:
3a:e9:e6:a3:91:27:53:54:9f:73:70:2c:c4:b0:a5:
ea:ec:85:7b:59:d5:18:85:01:0c:ca:45:2d:90:95:
4e:ae:2d:be:17:ab:b7:f4:b6:9c:e0:93:3c:9b:66:
43:60:cf:e0:f9:8e:62:d3:cb:40:10:25:06:64:36:
28:af:14:cf:17:70:c0:24:73:60:03:ee:69:1a:6b:
d4:2e:66:df:d8:47:e3:b7:2d:bb:09:a5:ba:dd:02:
60:09:4c:90:bf:f2:11:ff:63:28:b7:65:30:ef:b5:
1d:bd:49:ce:c3:2e:37:1d:28:e5:17:1c:93:04:e7:
b9:ef:bf:31:5a:ba:b0:21:19:52:9f:a6:d3:c9:ce:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F2:B4:1D:09:83:58:03:12:59:17:ED:DD:E3:B6:40:B1:1E:E2:9E
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/W_K0HQmDWAMSWRft3eO2QLEe4p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0/22
166.108.168.0-166.108.179.255
166.108.184.0/21
166.108.204.0/22
166.108.216.0/23
166.108.220.0/22
166.108.226.0-166.108.233.255
166.108.242.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
a3:1d:e1:11:9e:c3:19:b9:66:db:0f:82:5f:04:c4:14:65:44:
96:d6:ec:c7:21:15:e2:7c:93:66:44:41:76:d3:d7:0f:4c:ea:
df:ef:69:70:41:b4:68:ab:fb:e9:96:e7:4a:cc:4b:51:ff:ef:
63:47:49:b9:e7:1a:f9:5e:85:16:1b:a4:0a:f7:fc:5f:b2:41:
29:23:cc:78:11:30:49:ad:c7:7c:d1:43:f3:db:51:b2:1a:09:
4e:05:05:67:5a:90:a8:e6:f1:0d:4b:9a:93:7b:59:13:9e:1b:
e6:e2:d4:f7:9d:9c:10:29:a3:47:49:80:d8:68:03:3c:e6:f9:
31:5d:99:42:23:ae:2c:17:d0:f8:73:38:3a:04:69:8c:64:67:
e4:f5:2e:c2:1d:b2:d0:2b:b1:3e:5a:6d:13:72:a1:09:73:c5:
92:74:ab:ba:16:54:d1:28:e1:de:cc:5c:39:22:8e:ed:44:e9:
a5:a4:9e:41:be:94:bd:42:ef:dc:fb:8e:50:3a:37:b6:8c:c6:
20:fd:f4:b6:ae:8e:07:f8:3f:68:fd:80:b0:c7:11:7d:fd:57:
4d:a0:fe:6b:c1:85:01:c6:9a:ae:35:d8:46:cb:6f:42:cb:43:
8a:7b:1b:71:75:07:fe:0b:bb:0c:48:5a:cd:48:1a:0d:e8:35:
55:97:bf:47
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVyfb92mVpK/DsuA6c96GmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMTAyMTIzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmYyYjQxZDA5ODM1ODAzMTI1OTE3ZWRkZGUzYjY0MGIxMWVlMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoNNjid7Mml1rv2mOjwq6KtRfBG8
GsppEETa7sI6W12vtOkMK6hSZKxRm2v6p9AOIhLBPl2BLPE5RrqUmx6S3AJjPGwJ
DqtEy5t3TqLE8iBUNPosq7fl4GlpZAPL6y2O5026mdgme6PqNrFIPI6K3Nnc2TYP
Gww66eajkSdTVJ9zcCzEsKXq7IV7WdUYhQEMykUtkJVOri2+F6u39Lac4JM8m2ZD
YM/g+Y5i08tAECUGZDYorxTPF3DAJHNgA+5pGmvULmbf2Efjty27CaW63QJgCUyQ
v/IR/2Mot2Uw77UdvUnOwy43HSjlFxyTBOe5778xWrqwIRlSn6bTyc7ucwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFFvytB0Jg1gDElkX7d3jtkCxHuKeMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvV19LMEhRbURXQU1TV1JmdDNlTzJRTEVlNHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCpmygMAwD
BAOmbKgDBAKmbLADBAOmbLgDBAKmbMwDBAGmbNgDBAKmbNwwDAMEAaZs4gMEAaZs
6DAMAwQBpmzyAwQDpmzwMAwDBACmbPkDBACmbP4wDQYJKoZIhvcNAQELBQADggEB
AKMd4RGewxm5ZtsPgl8ExBRlRJbW7MchFeJ8k2ZEQXbT1w9M6t/vaXBBtGir++mW
50rMS1H/72NHSbnnGvlehRYbpAr3/F+yQSkjzHgRMEmtx3zRQ/PbUbIaCU4FBWda
kKjm8Q1LmpN7WROeG+bi1PednBApo0dJgNhoAzzm+TFdmUIjriwX0PhzODoEaYxk
Z+T1LsIdstArsT5abRNyoQlzxZJ0q7oWVNEo4d7MXDkiju1E6aWknkG+lL1C79z7
jlA6N7aMxiD99Laujgf4P2j9gLDHEX39V02g/mvBhQHGmq412EbLb0LLQ4p7G3F1
B/4LuwxIWs1IGg3oNVWXv0c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org