Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/blgzUGHFjvofGhxeIycbaCEnQiI.roa
File: blgzUGHFjvofGhxeIycbaCEnQiI.roa (raw, json)
Hash identifier: 7LWCJKXYRYZhaTOMleur5tZZwwPiZ9OhXIz5vjFv2wo=
Subject key identifier: 6E:58:33:50:61:C5:8E:FA:1F:1A:1C:5E:23:27:1B:68:21:27:42:22
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0185719577AF6F2F57BAAC3EA433606E3D3E
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/blgzUGHFjvofGhxeIycbaCEnQiI.roa
Signing time: Mon 02 Jan 2023 08:24:58 +0000
ROA not before: Mon 02 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 166.108.242.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:77:af:6f:2f:57:ba:ac:3e:a4:33:60:6e:3d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 2 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e58335061c58efa1f1a1c5e23271b6821274222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d7:e3:98:23:26:12:f2:98:4e:85:92:26:32:
69:88:65:e4:a9:61:d3:8e:b7:10:80:c5:5f:87:90:
cd:36:a4:ed:10:12:0d:23:02:97:03:33:ce:4a:d5:
7c:a6:f5:ce:6d:6e:90:92:b7:6c:ac:47:7a:42:ab:
bd:75:11:7b:28:ad:88:68:bd:22:26:7e:77:ed:01:
73:1c:16:cf:f7:31:c1:7d:76:fc:47:10:87:43:cd:
93:84:eb:64:6f:26:43:5b:7a:4f:03:15:c5:b3:3e:
9f:ca:84:f8:cc:b0:fd:b8:a9:78:98:d5:2a:c4:5c:
76:65:4e:e6:40:01:6c:3f:74:02:2e:ef:66:26:75:
08:b8:97:cb:38:a9:66:52:4c:bc:d7:3e:ec:ab:ff:
ea:c5:19:39:94:10:a7:b5:e3:cc:bf:76:75:f8:b3:
a2:a7:5f:3c:5e:35:65:69:57:bf:98:ad:9a:f2:37:
5b:d1:8f:47:97:cb:32:71:e2:d1:b2:90:2c:2d:5b:
ac:9f:09:ce:41:42:5f:9b:3a:4e:36:d3:8d:3f:09:
a3:0d:34:3a:f3:23:95:ae:03:57:95:4a:6c:9b:f8:
68:8b:03:fc:8f:b5:fb:5a:e0:53:0a:d4:a3:a4:db:
96:54:1f:db:76:22:1a:29:00:42:18:6e:a2:da:29:
f8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:58:33:50:61:C5:8E:FA:1F:1A:1C:5E:23:27:1B:68:21:27:42:22
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/blgzUGHFjvofGhxeIycbaCEnQiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.242.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:8a:d0:8a:ca:0b:9c:3e:f1:31:04:80:09:eb:5e:70:7c:da:
cb:9e:fd:d9:d6:91:07:2d:ce:6e:3f:21:94:a8:0a:b0:0d:aa:
6c:14:d0:1a:d1:7b:35:b1:4f:65:00:ad:5e:ea:4e:c9:9e:ca:
13:02:0e:b6:99:6a:7d:05:5a:0a:3a:c9:4b:31:24:18:8f:38:
0b:71:62:62:73:9f:cd:fc:a5:06:be:05:c0:17:b9:55:ed:6c:
a0:ca:f3:da:c1:92:bb:d4:9c:90:53:2c:16:04:90:7c:7f:ba:
03:11:f1:a2:6c:ef:4d:ae:40:58:39:f1:ed:39:38:34:9c:46:
ce:df:f5:cf:ce:97:b1:00:d7:f9:4a:11:d5:07:58:cd:f9:0f:
04:5a:36:3d:e2:cf:73:ca:fe:88:13:e3:80:7f:ed:dd:2c:28:
f3:46:17:04:15:46:54:3b:93:ae:d9:ee:c8:02:49:fa:be:d0:
61:4f:f7:7d:d4:ad:05:8f:c6:f4:3a:d2:22:79:a0:eb:f8:8c:
11:7a:30:85:3b:04:c3:60:8c:79:d0:e5:dc:87:76:41:dd:3f:
52:a8:75:33:b9:3a:96:04:63:9f:08:b2:4c:b0:ee:64:4c:c4:
a6:3d:8f:c8:27:51:e0:11:0b:3f:23:e9:16:21:8c:74:b2:05:
5d:68:92:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlXevby9Xuqw+pDNgbj0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjMwMTAyMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU4MzM1MDYxYzU4ZWZhMWYxYTFjNWUyMzI3MWI2ODIxMjc0MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNfjmCMmEvKYToWSJjJpiGXkqWHT
jrcQgMVfh5DNNqTtEBINIwKXAzPOStV8pvXObW6QkrdsrEd6Qqu9dRF7KK2IaL0i
Jn537QFzHBbP9zHBfXb8RxCHQ82ThOtkbyZDW3pPAxXFsz6fyoT4zLD9uKl4mNUq
xFx2ZU7mQAFsP3QCLu9mJnUIuJfLOKlmUky81z7sq//qxRk5lBCntePMv3Z1+LOi
p188XjVlaVe/mK2a8jdb0Y9Hl8syceLRspAsLVusnwnOQUJfmzpONtONPwmjDTQ6
8yOVrgNXlUpsm/hoiwP8j7X7WuBTCtSjpNuWVB/bdiIaKQBCGG6i2in41wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5YM1BhxY76HxocXiMnG2ghJ0IiMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvYmxnelVHSEZqdm9mR2h4ZUl5Y2JhQ0VuUWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBpmzyMA0G
CSqGSIb3DQEBCwUAA4IBAQAtitCKygucPvExBIAJ615wfNrLnv3Z1pEHLc5uPyGU
qAqwDapsFNAa0Xs1sU9lAK1e6k7JnsoTAg62mWp9BVoKOslLMSQYjzgLcWJic5/N
/KUGvgXAF7lV7WygyvPawZK71JyQUywWBJB8f7oDEfGibO9NrkBYOfHtOTg0nEbO
3/XPzpexANf5ShHVB1jN+Q8EWjY94s9zyv6IE+OAf+3dLCjzRhcEFUZUO5Ou2e7I
Akn6vtBhT/d91K0Fj8b0OtIieaDr+IwRejCFOwTDYIx50OXch3ZB3T9SqHUzuTqW
BGOfCLJMsO5kTMSmPY/IJ1HgEQs/I+kWIYx0sgVdaJK0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-fra.rpki-client.org