Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ePBsJ4l1mMwejZ_EMlyP1b1JswQ.roa
File: ePBsJ4l1mMwejZ_EMlyP1b1JswQ.roa (raw, json)
Hash identifier: O4J0Diebl1cVQMh+ucwINSPVm7fzOe/MUj10z5+L+IE=
Subject key identifier: 78:F0:6C:27:89:75:98:CC:1E:8D:9F:C4:32:5C:8F:D5:BD:49:B3:04
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06BFE0F0
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ePBsJ4l1mMwejZ_EMlyP1b1JswQ.roa
Signing time: Fri 18 Mar 2022 10:59:20 +0000
ROA not before: Fri 18 Mar 2022 10:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 166.108.218.0/23 maxlen: 24
166.108.216.0/23 maxlen: 24
166.108.226.0/23 maxlen: 24
166.108.220.0/23 maxlen: 24
166.108.222.0/23 maxlen: 24
166.108.224.0/23 maxlen: 24
166.108.228.0/23 maxlen: 24
166.108.230.0/23 maxlen: 24
166.108.232.0/23 maxlen: 24
166.108.234.0/23 maxlen: 24
166.108.236.0/23 maxlen: 24
166.108.238.0/23 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.244.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.255.0/24 maxlen: 24
166.108.164.0/22 maxlen: 24
166.108.160.0/22 maxlen: 24
166.108.172.0/22 maxlen: 24
166.108.168.0/22 maxlen: 24
166.108.176.0/22 maxlen: 24
166.108.184.0/22 maxlen: 24
166.108.180.0/22 maxlen: 24
166.108.192.0/22 maxlen: 24
166.108.188.0/22 maxlen: 24
166.108.196.0/22 maxlen: 24
166.108.200.0/22 maxlen: 24
166.108.212.0/22 maxlen: 24
166.108.208.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113238256 (0x6bfe0f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 18 10:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78f06c27897598cc1e8d9fc4325c8fd5bd49b304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9c:05:c3:03:bb:e8:3b:83:01:fa:54:43:c6:
80:e7:f3:d4:a4:e0:72:9a:17:bc:e0:18:a3:91:8f:
95:ee:3b:b5:04:44:26:fe:6c:b4:de:e7:4e:8b:51:
cc:f0:c1:67:20:c2:47:24:01:16:62:7c:d8:45:b6:
9f:12:a4:3a:c4:1f:74:3b:75:e0:93:16:8f:29:a2:
e7:e5:37:f5:03:89:25:b9:f2:42:47:24:2b:43:e8:
16:e7:2e:37:97:56:54:b8:39:4d:37:98:e1:9c:4e:
ec:a1:f1:37:cb:d7:d8:5b:5e:8f:39:12:21:a0:09:
d2:7a:ec:86:1e:f5:2b:8b:24:29:2b:96:84:7e:98:
19:71:39:64:03:59:8f:1a:be:8c:ff:0c:aa:51:73:
e3:2f:aa:9f:f1:7c:17:99:27:0a:80:ba:27:0c:68:
dc:b8:1b:2b:86:3a:90:12:c2:f0:eb:67:71:b4:ce:
aa:33:50:cf:8a:05:50:a1:20:49:f6:ab:10:ae:ee:
f3:7a:cb:80:8e:24:ae:de:52:92:06:c5:7c:f8:80:
5d:b2:fa:ab:bb:00:9d:3a:03:b9:23:1f:76:47:bd:
9f:bd:c2:06:cf:3a:d8:51:92:69:4b:18:24:be:ec:
c0:21:4f:02:d1:69:cd:7e:be:15:55:2b:0e:20:11:
f0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F0:6C:27:89:75:98:CC:1E:8D:9F:C4:32:5C:8F:D5:BD:49:B3:04
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ePBsJ4l1mMwejZ_EMlyP1b1JswQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0-166.108.203.255
166.108.208.0-166.108.239.255
166.108.242.0-166.108.247.255
166.108.249.0-166.108.255.255
Signature Algorithm: sha256WithRSAEncryption
bb:31:6f:32:fc:20:5a:0a:a7:79:dd:66:6e:3a:68:23:b5:e9:
f9:06:a5:ac:e3:22:76:b9:3c:a8:e5:cf:31:3e:d6:05:f5:01:
2b:bf:01:9e:53:e4:3e:01:b5:5b:bb:0a:ac:4a:27:62:80:13:
98:a0:f5:d6:d9:3e:67:86:7f:50:85:e9:e5:6f:15:a7:f6:18:
c5:70:7e:85:1c:b8:cb:16:f7:d4:91:af:5b:48:a8:ad:cb:70:
f3:44:f8:2c:5d:de:6d:86:92:6e:7d:c7:5a:0b:52:10:80:23:
63:7d:4d:5c:f3:cf:2d:fe:ba:34:c3:55:8a:7a:a5:b2:35:7e:
51:2d:df:e7:54:c6:54:75:66:b9:5e:46:d9:2b:17:96:ab:3d:
58:c9:aa:1e:6e:cf:6a:7c:ed:98:37:56:c2:2a:41:ae:9d:00:
0a:0d:bc:8c:51:90:60:e6:77:1c:c4:80:a4:5a:73:27:95:ad:
9a:e8:db:f9:c3:02:ee:e7:8f:f2:12:61:07:bc:70:b8:de:49:
cd:a7:7f:66:f0:90:5a:e3:03:c6:2a:cc:8e:aa:6b:c6:3a:02:
7e:f8:88:fc:4c:06:38:ef:2e:14:69:d9:69:b1:0b:bf:3b:ed:
b6:d3:36:30:a8:91:37:64:2a:76:d7:ad:01:df:ec:2c:6a:92:
42:64:19:77
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIEBr/g8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDMx
ODEwNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzhmMDZjMjc4OTc1
OThjYzFlOGQ5ZmM0MzI1YzhmZDViZDQ5YjMwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6cBcMDu+g7gwH6VEPGgOfz1KTgcpoXvOAYo5GPle47tQRE
Jv5stN7nTotRzPDBZyDCRyQBFmJ82EW2nxKkOsQfdDt14JMWjymi5+U39QOJJbny
QkckK0PoFucuN5dWVLg5TTeY4ZxO7KHxN8vX2FtejzkSIaAJ0nrshh71K4skKSuW
hH6YGXE5ZANZjxq+jP8MqlFz4y+qn/F8F5knCoC6Jwxo3LgbK4Y6kBLC8OtncbTO
qjNQz4oFUKEgSfarEK7u83rLgI4krt5SkgbFfPiAXbL6q7sAnToDuSMfdke9n73C
Bs862FGSaUsYJL7swCFPAtFpzX6+FVUrDiAR8GsCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBR48GwniXWYzB6Nn8QyXI/VvUmzBDAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L2VQQnNKNGwxbU13ZWpaX0VNbHlQMWIxSnN3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wPQQCAAEwNzAMAwQFpmygAwQCpmzIMAwDBASmbNAD
BASmbOAwDAMEAaZs8gMEA6Zs8DALAwQApmz5AwMApmwwDQYJKoZIhvcNAQELBQAD
ggEBALsxbzL8IFoKp3ndZm46aCO16fkGpazjIna5PKjlzzE+1gX1ASu/AZ5T5D4B
tVu7CqxKJ2KAE5ig9dbZPmeGf1CF6eVvFaf2GMVwfoUcuMsW99SRr1tIqK3LcPNE
+Cxd3m2Gkm59x1oLUhCAI2N9TVzzzy3+ujTDVYp6pbI1flEt3+dUxlR1ZrleRtkr
F5arPVjJqh5uz2p87Zg3VsIqQa6dAAoNvIxRkGDmdxzEgKRacyeVrZro2/nDAu7n
j/ISYQe8cLjeSc2nf2bwkFrjA8YqzI6qa8Y6An74iPxMBjjvLhRp2WmxC7877bbT
NjCokTdkKnbXrQHf7CxqkkJkGXc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org