Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bBAjIVo6YG72d7MoIbECrsXOxR4.roa
File: bBAjIVo6YG72d7MoIbECrsXOxR4.roa (raw, json)
Hash identifier: MCoE6N/tK6zOj4kk16McOD30jKP7zXazqO+FGTQaKCM=
Subject key identifier: 6C:10:23:21:5A:3A:60:6E:F6:77:B3:28:21:B1:02:AE:C5:CE:C5:1E
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01836525A403EDED177DE042508D15B63BDB
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bBAjIVo6YG72d7MoIbECrsXOxR4.roa
Signing time: Thu 22 Sep 2022 12:21:48 +0000
ROA not before: Thu 22 Sep 2022 12:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 166.108.164.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:25:a4:03:ed:ed:17:7d:e0:42:50:8d:15:b6:3b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 22 12:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c1023215a3a606ef677b32821b102aec5cec51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6e:75:5d:97:ad:aa:3f:a8:78:5c:bc:0b:9c:
24:7f:9c:06:08:e0:00:5f:7a:fb:42:71:b5:12:f8:
f6:b3:c9:36:07:79:6c:77:d0:51:ee:43:27:80:ba:
9d:34:82:08:8e:51:dc:a6:de:93:bf:75:b5:2b:5e:
24:c3:67:ee:5c:b5:8e:db:38:85:ed:9b:5d:0d:8d:
93:81:22:b5:b2:1d:90:f2:35:5d:3d:5e:89:64:87:
04:07:4b:d0:05:e4:05:82:03:52:59:94:a3:ed:2a:
5d:d4:59:fc:a2:e4:a9:3e:9d:18:5f:66:4b:13:95:
72:22:6f:1a:d6:96:05:6b:72:0c:8d:74:51:fe:70:
50:83:ba:ec:40:c5:07:e4:52:e8:e9:e5:4c:6d:27:
a8:7a:3b:bd:40:be:cf:f6:39:6b:87:8c:0c:58:e9:
f6:c6:eb:64:38:de:c4:fa:42:06:43:3f:62:ba:83:
78:d7:35:76:65:b0:61:de:a5:87:8c:30:44:f6:b5:
1a:f5:c3:1e:bc:a4:af:84:4d:93:43:72:f9:03:9f:
8d:5b:b7:15:0a:91:fa:a1:f9:57:6a:71:d1:58:b5:
d9:ef:20:8e:7e:5b:20:02:b7:ee:15:ce:e2:7e:72:
69:1a:a0:1c:3f:ff:46:96:8e:5a:14:58:bd:92:09:
23:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:10:23:21:5A:3A:60:6E:F6:77:B3:28:21:B1:02:AE:C5:CE:C5:1E
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bBAjIVo6YG72d7MoIbECrsXOxR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.164.0/22
166.108.196.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:d1:b0:13:7b:2a:98:36:61:11:40:a8:ea:01:06:07:f9:0b:
e2:01:6e:1f:6b:84:c1:d0:ac:11:02:51:bb:33:74:d4:59:09:
ca:7d:18:13:59:d2:c5:4d:cc:21:fa:50:e6:96:40:7e:d3:df:
24:42:3b:79:f0:a3:97:06:73:51:85:11:9a:8d:3a:b6:3a:5b:
01:ce:2f:7d:7a:0d:a3:3d:8f:7c:55:6e:58:f2:ad:ce:ad:cf:
ec:22:22:84:11:13:fe:c9:39:a2:11:4b:00:c4:16:b7:b5:7c:
4c:00:a3:f7:35:5e:e2:04:b3:0a:b8:d2:7d:a8:c6:e5:37:36:
98:98:aa:76:38:b6:8e:2f:33:52:65:6d:50:6e:e4:f3:fe:df:
10:37:f6:a2:80:46:d4:a3:a4:ec:eb:e8:2c:fe:7f:c1:fc:31:
b0:63:87:0e:c5:75:87:f6:f0:f1:1b:d9:a5:31:54:c8:1e:3f:
42:26:0c:b5:ff:0f:f4:03:bc:7e:8c:55:20:1a:d5:13:09:1e:
63:66:9d:e5:4e:cd:4e:d9:ba:6d:9e:2e:d9:3c:7d:1c:16:f7:
c2:ba:d4:87:af:a2:5d:80:e3:a0:90:54:c6:b1:9d:69:b4:77:
c5:0f:6e:53:33:d0:a3:4f:c5:c6:9a:11:05:50:c3:7a:3a:d4:
86:34:90:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNlJaQD7e0XfeBCUI0VtjvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTIyMTIyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEwMjMyMTVhM2E2MDZlZjY3N2IzMjgyMWIxMDJhZWM1Y2VjNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW51XZetqj+oeFy8C5wkf5wGCOAA
X3r7QnG1Evj2s8k2B3lsd9BR7kMngLqdNIIIjlHcpt6Tv3W1K14kw2fuXLWO2ziF
7ZtdDY2TgSK1sh2Q8jVdPV6JZIcEB0vQBeQFggNSWZSj7Spd1Fn8ouSpPp0YX2ZL
E5VyIm8a1pYFa3IMjXRR/nBQg7rsQMUH5FLo6eVMbSeoeju9QL7P9jlrh4wMWOn2
xutkON7E+kIGQz9iuoN41zV2ZbBh3qWHjDBE9rUa9cMevKSvhE2TQ3L5A5+NW7cV
CpH6oflXanHRWLXZ7yCOflsgArfuFc7ifnJpGqAcP/9Glo5aFFi9kgkjnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwQIyFaOmBu9nezKCGxAq7FzsUeMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvYkJBaklWbzZZRzcyZDdNb0liRUNyc1hPeFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpmykAwQC
pmzEMA0GCSqGSIb3DQEBCwUAA4IBAQC90bATeyqYNmERQKjqAQYH+QviAW4fa4TB
0KwRAlG7M3TUWQnKfRgTWdLFTcwh+lDmlkB+098kQjt58KOXBnNRhRGajTq2OlsB
zi99eg2jPY98VW5Y8q3Orc/sIiKEERP+yTmiEUsAxBa3tXxMAKP3NV7iBLMKuNJ9
qMblNzaYmKp2OLaOLzNSZW1QbuTz/t8QN/aigEbUo6Ts6+gs/n/B/DGwY4cOxXWH
9vDxG9mlMVTIHj9CJgy1/w/0A7x+jFUgGtUTCR5jZp3lTs1O2bptni7ZPH0cFvfC
utSHr6JdgOOgkFTGsZ1ptHfFD25TM9CjT8XGmhEFUMN6OtSGNJCj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:46 2024 by rpki-client on console-fra.rpki-client.org