Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/eneNUZIhfYxYwJZ_2DM9z7dB27M.roa
File: eneNUZIhfYxYwJZ_2DM9z7dB27M.roa (raw, json)
Hash identifier: O2qAujn2f+3ZA2kx3qZIqSQq9XIY9hO6tpE3vJPNSno=
Subject key identifier: 7A:77:8D:51:92:21:7D:8C:58:C0:96:7F:D8:33:3D:CF:B7:41:DB:B3
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06710820
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/eneNUZIhfYxYwJZ_2DM9z7dB27M.roa
Signing time: Mon 14 Feb 2022 08:22:45 +0000
ROA not before: Mon 14 Feb 2022 08:22:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 166.108.204.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108070944 (0x6710820)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 14 08:22:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a778d5192217d8c58c0967fd8333dcfb741dbb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:a3:79:ef:57:69:e3:15:4a:41:ed:af:9b:
0f:bd:6e:df:2c:1b:1e:df:fb:71:5f:c6:63:dd:a8:
4b:6a:b5:80:ba:ae:17:c4:5a:d8:68:df:d6:be:7a:
d6:a3:ad:09:97:ba:b2:12:90:dd:d7:81:90:e1:8f:
52:f3:1d:31:eb:64:a2:6b:fe:af:00:d4:73:f2:ae:
55:30:11:5f:8c:30:d1:c3:66:06:28:f9:b5:6a:68:
87:03:f7:f7:6d:d3:50:ee:7a:04:a5:ba:70:ae:59:
44:0a:3c:39:43:eb:1c:0b:3d:3e:31:58:4b:a2:1f:
76:ff:30:e8:ce:0b:43:43:3c:b9:93:bc:9f:c1:4f:
f6:0e:19:2d:a1:7d:86:0c:6b:ef:27:b3:e4:2a:99:
1d:46:99:56:b7:96:cc:5a:7f:77:af:70:92:ed:de:
18:1d:44:08:c8:15:9f:7b:6d:f2:a0:e6:c6:6e:ad:
32:07:2b:75:6b:d2:31:09:08:ba:c4:33:e8:4e:dd:
a9:80:c5:57:a3:5a:0c:a4:b6:0a:1b:de:67:08:25:
4b:90:98:97:6a:2d:62:13:86:e7:06:26:e5:c9:e3:
b8:a8:e6:52:77:26:62:b2:57:72:d4:5f:53:77:bb:
9f:57:d3:35:ad:33:b7:d9:53:37:7b:9a:27:68:3f:
1c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:77:8D:51:92:21:7D:8C:58:C0:96:7F:D8:33:3D:CF:B7:41:DB:B3
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/eneNUZIhfYxYwJZ_2DM9z7dB27M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:d9:dc:83:46:31:a7:7c:66:78:81:03:8c:49:48:62:33:a3:
fd:f4:0f:bc:ed:e0:15:6d:0f:ca:4a:e7:53:c5:d5:ee:18:3e:
44:d4:10:26:db:17:97:11:e6:ef:41:66:e4:c1:74:5f:58:75:
98:52:3f:24:e1:b0:6b:89:40:c9:0d:8e:96:00:c3:59:1e:55:
1b:34:8f:bf:3b:33:da:b6:77:82:56:46:76:d8:51:33:41:29:
b8:9a:16:68:6d:b9:a2:93:9c:a0:0f:26:01:91:26:1d:66:f1:
a9:24:38:db:7b:3c:c4:3d:c8:5c:81:6a:53:04:68:17:75:02:
d7:63:56:b1:86:d8:75:c7:8f:ca:1a:f8:f2:7f:fe:07:a5:20:
fa:74:26:a0:45:a9:bb:f2:d4:0c:21:51:ce:b2:0e:f5:a4:f8:
b4:73:61:6d:f3:32:84:c6:36:09:ae:01:9e:34:ab:6a:49:08:
9e:be:b4:81:05:cd:10:e9:8f:f5:92:68:ad:87:e6:14:c5:59:
c8:10:17:22:73:8f:53:91:4c:2f:f8:7a:ad:92:31:d2:19:d1:
ce:3d:57:4d:50:a7:29:4f:55:ad:30:e6:db:be:af:f3:0f:77:
7a:3b:e0:cb:4b:8b:71:ae:7b:6f:4b:5e:00:13:88:8b:39:a9:
66:a5:9a:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBnEIIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDIx
NDA4MjI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E3NzhkNTE5MjIx
N2Q4YzU4YzA5NjdmZDgzMzNkY2ZiNzQxZGJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLIo3nvV2njFUpB7a+bD71u3ywbHt/7cV/GY92oS2q1gLqu
F8Ra2Gjf1r561qOtCZe6shKQ3deBkOGPUvMdMetkomv+rwDUc/KuVTARX4ww0cNm
Bij5tWpohwP3923TUO56BKW6cK5ZRAo8OUPrHAs9PjFYS6Ifdv8w6M4LQ0M8uZO8
n8FP9g4ZLaF9hgxr7yez5CqZHUaZVreWzFp/d69wku3eGB1ECMgVn3tt8qDmxm6t
MgcrdWvSMQkIusQz6E7dqYDFV6NaDKS2ChveZwglS5CYl2otYhOG5wYm5cnjuKjm
UncmYrJXctRfU3e7n1fTNa0zt9lTN3uaJ2g/HLsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR6d41RkiF9jFjAln/YMz3Pt0HbszAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L2VuZU5VWkloZll4WXdKWl8yRE05ejdkQjI3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqZszDANBgkqhkiG9w0BAQsFAAOC
AQEAStncg0Yxp3xmeIEDjElIYjOj/fQPvO3gFW0PykrnU8XV7hg+RNQQJtsXlxHm
70Fm5MF0X1h1mFI/JOGwa4lAyQ2OlgDDWR5VGzSPvzsz2rZ3glZGdthRM0EpuJoW
aG25opOcoA8mAZEmHWbxqSQ423s8xD3IXIFqUwRoF3UC12NWsYbYdcePyhr48n/+
B6Ug+nQmoEWpu/LUDCFRzrIO9aT4tHNhbfMyhMY2Ca4BnjSrakkInr60gQXNEOmP
9ZJorYfmFMVZyBAXInOPU5FML/h6rZIx0hnRzj1XTVCnKU9VrTDm276v8w93ejvg
y0uLca57b0teABOIizmpZqWa0Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:13 2025 by rpki-client