Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/fYMqXMoDugAenBvqLPDBeSKRO6E.roa
File: fYMqXMoDugAenBvqLPDBeSKRO6E.roa (raw, json)
Hash identifier: fWxk2/km1YuLpbJaIKhw5ufJz+/zxseU2SHYP9zoFGw=
Subject key identifier: 7D:83:2A:5C:CA:03:BA:00:1E:9C:1B:EA:2C:F0:C1:79:22:91:3B:A1
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 064F5DE3
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/fYMqXMoDugAenBvqLPDBeSKRO6E.roa
Signing time: Wed 02 Feb 2022 16:13:38 +0000
ROA not before: Wed 02 Feb 2022 16:13:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 166.108.244.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.251.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.248.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105864675 (0x64f5de3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 2 16:13:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d832a5cca03ba001e9c1bea2cf0c17922913ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c5:76:ae:36:db:4c:06:6e:b1:fa:52:77:80:
93:bd:85:3b:a0:d1:85:44:c9:b4:62:e5:98:12:41:
fc:8e:3b:84:0e:c6:d5:98:cf:10:3c:7d:e7:42:3d:
93:9f:1d:65:f9:7d:fc:e8:50:20:5d:84:50:3e:11:
c3:88:66:8b:85:91:7e:6b:36:d0:f1:e1:ea:61:bf:
00:df:15:b3:4e:26:75:d4:82:30:70:4c:4c:2f:ba:
17:89:8c:d7:50:ea:42:8b:b9:f0:87:34:1d:31:75:
ed:97:29:80:13:1d:92:c7:91:83:29:c4:47:41:f2:
15:78:86:25:8c:34:93:c0:77:04:eb:d1:87:93:a1:
4c:6e:34:93:3b:06:7f:48:b2:47:52:92:9f:45:b4:
2f:a3:41:55:67:c6:aa:c7:91:fc:b6:dc:66:c6:22:
ea:2f:64:e0:a7:72:5d:21:51:a6:42:fd:db:95:88:
68:88:75:14:c8:53:71:ee:95:1a:ee:00:dc:08:12:
d2:a0:80:94:0c:56:2b:e6:c1:14:af:3e:ff:4e:37:
e7:d8:dd:cd:ad:7e:2b:22:8b:ea:48:c4:d7:15:54:
7c:1f:bd:8a:e9:7d:04:28:f7:c5:cf:ee:6e:49:b1:
6d:e8:74:79:1a:55:4d:bc:90:09:c4:c5:23:e3:d4:
74:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:83:2A:5C:CA:03:BA:00:1E:9C:1B:EA:2C:F0:C1:79:22:91:3B:A1
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/fYMqXMoDugAenBvqLPDBeSKRO6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.244.0-166.108.255.255
Signature Algorithm: sha256WithRSAEncryption
70:25:ca:83:49:9b:68:8a:f0:59:5f:c8:fc:3e:3c:e2:16:83:
9e:fc:5b:25:dc:20:ff:54:18:0b:52:d1:32:81:3f:36:ca:35:
a7:e8:e6:41:b1:94:30:fe:54:c5:85:ca:59:f4:a6:44:97:67:
c4:e2:22:65:da:54:f5:36:62:90:b6:5c:93:27:57:0c:60:49:
a9:d2:a1:59:99:09:56:53:10:e8:c3:f8:40:6a:40:ef:a8:ac:
4d:db:95:b5:87:23:2d:11:bc:ca:49:94:f6:41:10:4c:2b:fc:
19:3b:d8:35:02:ca:bc:56:e0:86:81:24:27:5a:22:98:d8:90:
e9:2f:6c:63:17:52:1f:ac:c6:eb:d9:fe:61:e8:ec:d5:30:74:
1a:5c:69:5a:a5:42:48:c9:68:99:de:e0:93:89:fa:38:74:9e:
41:29:90:57:99:f7:1c:c2:95:ac:d0:cd:a7:22:45:c9:c5:d4:
ac:95:5b:8f:39:26:bf:ce:bc:ac:ce:12:3c:97:61:ee:b4:8a:
ab:57:40:7d:e6:5f:b3:af:d5:2b:a2:63:cb:ee:81:f7:26:00:
c5:14:ff:d5:87:d6:c9:3e:b3:7a:08:16:ea:de:6d:d5:2f:1f:
dd:e9:14:a1:c0:28:2b:b9:cf:b5:46:6a:40:9e:c6:14:df:ff:
2a:22:cc:ad
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEBk9d4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDIw
MjE2MTMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q4MzJhNWNjYTAz
YmEwMDFlOWMxYmVhMmNmMGMxNzkyMjkxM2JhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjFdq4220wGbrH6UneAk72FO6DRhUTJtGLlmBJB/I47hA7G
1ZjPEDx950I9k58dZfl9/OhQIF2EUD4Rw4hmi4WRfms20PHh6mG/AN8Vs04mddSC
MHBMTC+6F4mM11DqQou58Ic0HTF17ZcpgBMdkseRgynER0HyFXiGJYw0k8B3BOvR
h5OhTG40kzsGf0iyR1KSn0W0L6NBVWfGqseR/LbcZsYi6i9k4KdyXSFRpkL925WI
aIh1FMhTce6VGu4A3AgS0qCAlAxWK+bBFK8+/04359jdza1+KyKL6kjE1xVUfB+9
iul9BCj3xc/ubkmxbeh0eRpVTbyQCcTFI+PUdNUCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBR9gypcygO6AB6cG+os8MF5IpE7oTAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L2ZZTXFYTW9EdWdBZW5CdnFMUERCZVNLUk82RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAm
BggrBgEFBQcBBwEB/wQXMBUwEwQCAAEwDTALAwQCpmz0AwMApmwwDQYJKoZIhvcN
AQELBQADggEBAHAlyoNJm2iK8FlfyPw+POIWg578WyXcIP9UGAtS0TKBPzbKNafo
5kGxlDD+VMWFyln0pkSXZ8TiImXaVPU2YpC2XJMnVwxgSanSoVmZCVZTEOjD+EBq
QO+orE3blbWHIy0RvMpJlPZBEEwr/Bk72DUCyrxW4IaBJCdaIpjYkOkvbGMXUh+s
xuvZ/mHo7NUwdBpcaVqlQkjJaJne4JOJ+jh0nkEpkFeZ9xzClazQzaciRcnF1KyV
W485Jr/OvKzOEjyXYe60iqtXQH3mX7Ov1SuiY8vugfcmAMUU/9WH1sk+s3oIFure
bdUvH93pFKHAKCu5z7VGakCexhTf/yoizK0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:27 2023 by rpki-client on console-ams.rpki-client.org