Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bZcLavcOXCyDWgK2JYNf8uJQ6aE.roa
File: bZcLavcOXCyDWgK2JYNf8uJQ6aE.roa (raw, json)
Hash identifier: MDQQI1LGK3xO9QiZsXT3J8aokiOzDmhVHxszMZwug/Y=
Subject key identifier: 6D:97:0B:6A:F7:0E:5C:2C:83:5A:02:B6:25:83:5F:F2:E2:50:E9:A1
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0652CF71
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bZcLavcOXCyDWgK2JYNf8uJQ6aE.roa
Signing time: Wed 02 Feb 2022 16:46:58 +0000
ROA not before: Wed 02 Feb 2022 16:46:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 166.108.216.0/23 maxlen: 23
166.108.218.0/23 maxlen: 23
166.108.224.0/23 maxlen: 23
166.108.226.0/23 maxlen: 23
166.108.220.0/23 maxlen: 23
166.108.222.0/23 maxlen: 23
166.108.230.0/23 maxlen: 23
166.108.232.0/23 maxlen: 23
166.108.228.0/23 maxlen: 23
166.108.238.0/23 maxlen: 23
166.108.234.0/23 maxlen: 23
166.108.236.0/23 maxlen: 23
166.108.240.0/23 maxlen: 23
166.108.244.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 23
166.108.251.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.248.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.255.0/24 maxlen: 24
166.108.164.0/22 maxlen: 22
166.108.160.0/22 maxlen: 22
166.108.168.0/22 maxlen: 22
166.108.172.0/22 maxlen: 22
166.108.176.0/22 maxlen: 22
166.108.180.0/22 maxlen: 22
166.108.184.0/22 maxlen: 22
166.108.192.0/22 maxlen: 22
166.108.188.0/22 maxlen: 22
166.108.196.0/22 maxlen: 22
166.108.200.0/22 maxlen: 22
166.108.204.0/22 maxlen: 22
166.108.208.0/22 maxlen: 22
166.108.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106090353 (0x652cf71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 2 16:46:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d970b6af70e5c2c835a02b625835ff2e250e9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5a:d4:40:c8:24:0b:52:22:85:42:eb:1a:8b:
5f:ca:35:4f:0e:4a:47:0c:23:4c:96:11:5c:50:70:
77:fe:ed:72:05:02:bf:46:2f:d4:e4:23:e4:6a:2e:
be:fe:7e:fb:d8:a1:7b:90:af:6d:83:39:65:38:c5:
5d:6e:1a:c2:1b:23:f1:76:ca:dc:f3:ef:05:c8:3a:
aa:6f:6c:c6:5a:ed:70:e4:a9:fa:da:e0:ac:31:01:
6b:bc:68:7e:2d:8e:5e:d7:d1:ee:13:91:e6:97:3d:
3f:e8:78:4c:f3:21:cb:bd:8b:0a:ec:b2:aa:9d:2b:
57:d7:24:01:d8:c5:49:ae:d6:b2:c3:d2:7f:1e:66:
66:51:92:71:ec:52:c0:48:93:80:57:4d:9e:bd:8c:
8b:e2:1d:64:1c:d2:06:05:72:ec:dd:93:ed:e5:a2:
54:3c:80:64:5c:a3:0d:7d:35:50:1d:b2:3e:76:49:
ca:76:ca:a9:b5:45:1c:c9:ee:14:d9:89:ed:93:ca:
19:ed:28:1e:f3:7b:00:43:bc:c5:b7:75:5a:85:a1:
f0:de:48:b4:32:44:7b:59:30:93:73:7f:67:69:5e:
cd:dd:33:03:ba:55:4b:4a:7a:53:eb:dc:9a:d6:0d:
03:bf:59:89:84:96:53:24:a6:45:4c:60:ba:6a:2e:
7e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:97:0B:6A:F7:0E:5C:2C:83:5A:02:B6:25:83:5F:F2:E2:50:E9:A1
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/bZcLavcOXCyDWgK2JYNf8uJQ6aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0-166.108.255.255
Signature Algorithm: sha256WithRSAEncryption
3f:e7:9e:f7:77:62:2b:61:94:33:90:b2:67:67:57:00:c6:a0:
8e:06:a7:6c:6c:a1:12:9d:71:e1:2f:a0:c1:b0:22:a0:e2:e4:
d3:50:61:fd:13:1a:42:42:63:12:3c:47:94:a3:16:62:a4:71:
61:3b:06:59:fc:50:a2:8b:60:d6:09:0c:e1:5a:f3:0d:d5:bd:
07:5d:5a:b0:3f:20:6c:20:ee:0e:05:52:d8:a7:31:27:4e:30:
8a:9c:37:80:81:99:90:4c:87:51:93:47:d3:ee:97:41:a8:58:
fe:bb:93:32:d0:b3:30:4c:25:66:29:f7:52:81:f6:ae:ed:3f:
88:ba:cc:64:c6:40:d2:08:f5:bf:dd:b2:f6:3d:9d:32:a6:6a:
6b:16:98:5c:38:08:1c:4a:f8:86:23:7a:fb:b0:72:fd:0d:4b:
29:0b:34:61:c9:15:22:52:45:7a:47:3f:54:f5:fb:28:54:e5:
d1:9a:d1:00:7c:c5:1d:85:d0:c6:54:08:66:c3:34:1c:35:4b:
92:de:ed:38:ed:19:7b:33:f4:66:f6:32:25:89:c5:d6:d5:c7:
9d:4e:27:26:fc:27:58:e5:08:9b:b9:29:d5:d5:7e:0b:4a:be:
ee:dc:37:9b:76:32:d9:33:b3:1b:95:c3:41:1c:05:27:c1:17:
6a:d2:7f:81
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEBlLPcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDIw
MjE2NDY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ5NzBiNmFmNzBl
NWMyYzgzNWEwMmI2MjU4MzVmZjJlMjUwZTlhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZa1EDIJAtSIoVC6xqLX8o1Tw5KRwwjTJYRXFBwd/7tcgUC
v0Yv1OQj5Gouvv5++9ihe5CvbYM5ZTjFXW4awhsj8XbK3PPvBcg6qm9sxlrtcOSp
+trgrDEBa7xofi2OXtfR7hOR5pc9P+h4TPMhy72LCuyyqp0rV9ckAdjFSa7WssPS
fx5mZlGScexSwEiTgFdNnr2Mi+IdZBzSBgVy7N2T7eWiVDyAZFyjDX01UB2yPnZJ
ynbKqbVFHMnuFNmJ7ZPKGe0oHvN7AEO8xbd1WoWh8N5ItDJEe1kwk3N/Z2lezd0z
A7pVS0p6U+vcmtYNA79ZiYSWUySmRUxgumoufm0CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBRtlwtq9w5cLINaArYlg1/y4lDpoTAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L2JaY0xhdmNPWEN5RFdnSzJKWU5mOHVKUTZhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAm
BggrBgEFBQcBBwEB/wQXMBUwEwQCAAEwDTALAwQFpmygAwMApmwwDQYJKoZIhvcN
AQELBQADggEBAD/nnvd3YithlDOQsmdnVwDGoI4Gp2xsoRKdceEvoMGwIqDi5NNQ
Yf0TGkJCYxI8R5SjFmKkcWE7Bln8UKKLYNYJDOFa8w3VvQddWrA/IGwg7g4FUtin
MSdOMIqcN4CBmZBMh1GTR9Pul0GoWP67kzLQszBMJWYp91KB9q7tP4i6zGTGQNII
9b/dsvY9nTKmamsWmFw4CBxK+IYjevuwcv0NSykLNGHJFSJSRXpHP1T1+yhU5dGa
0QB8xR2F0MZUCGbDNBw1S5Le7TjtGXsz9Gb2MiWJxdbVx51OJyb8J1jlCJu5KdXV
fgtKvu7cN5t2MtkzsxuVw0EcBSfBF2rSf4E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org