Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ns_yqltNEOLBXTkYaFf2zOpd07o.roa
File: ns_yqltNEOLBXTkYaFf2zOpd07o.roa (raw, json)
Hash identifier: mrJ9KVkWsyktSbeG0fKucBNMFddGIn744ZQ1LOCPgg4=
Subject key identifier: 9E:CF:F2:AA:5B:4D:10:E2:C1:5D:39:18:68:57:F6:CC:EA:5D:D3:BA
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 0688CED0
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ns_yqltNEOLBXTkYaFf2zOpd07o.roa
Signing time: Mon 21 Feb 2022 15:45:23 +0000
ROA not before: Mon 21 Feb 2022 15:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 166.108.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109629136 (0x688ced0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Feb 21 15:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ecff2aa5b4d10e2c15d39186857f6ccea5dd3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:53:e9:0f:4a:18:1d:fe:9f:ad:8e:7a:06:de:
81:a7:33:46:72:50:29:6f:66:ac:74:83:e2:8e:f4:
37:70:3b:a3:d3:59:17:cb:22:12:00:05:c5:72:ed:
71:85:ca:37:96:30:60:03:83:61:ba:d2:00:2f:cf:
28:f9:8c:01:de:ce:f9:d7:6a:d9:3a:32:66:6b:0b:
31:8a:2f:60:96:67:c7:32:f2:aa:87:29:d7:de:37:
76:63:17:0c:ea:ce:9b:c2:a8:94:3f:1f:e9:27:14:
ab:bb:ee:71:51:94:b2:ea:85:91:6d:0f:e2:8e:fa:
09:88:21:6c:57:34:ba:8e:19:50:62:3c:d8:c2:28:
6d:77:30:1e:70:ba:39:25:3a:9b:d2:5c:37:6a:76:
7a:36:b3:f4:34:7b:75:d4:a4:5e:84:ee:d3:f0:ce:
d0:47:f6:0c:7e:b1:22:0a:0f:b3:ab:05:b5:86:d8:
2c:eb:64:a4:26:f2:3f:d2:7b:b1:6c:5e:47:4f:03:
5b:09:84:5c:29:07:a3:2d:5a:8f:73:3c:c5:60:32:
e0:21:82:c2:d3:df:0c:77:b6:21:60:26:1c:a1:95:
1c:89:56:ac:75:d5:90:2c:25:86:7c:06:e2:57:7f:
97:89:03:de:99:fa:75:7b:27:42:01:74:e6:a0:64:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CF:F2:AA:5B:4D:10:E2:C1:5D:39:18:68:57:F6:CC:EA:5D:D3:BA
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/ns_yqltNEOLBXTkYaFf2zOpd07o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.254.0/24
Signature Algorithm: sha256WithRSAEncryption
46:28:ec:b9:c6:eb:6f:ff:23:d1:df:2c:ae:d5:06:16:05:7e:
e9:d8:f1:bb:a6:96:99:2f:e4:41:fa:b9:fd:71:47:cb:9c:e1:
a0:3c:13:a6:02:7e:47:0f:13:c4:c2:ae:c7:46:e8:e0:a6:c8:
4e:86:80:5b:d5:2d:a0:0b:9b:d7:51:b1:53:7e:3a:ec:0e:83:
62:36:a6:cc:c3:b4:05:7c:3d:84:1e:67:f6:c8:8f:1b:f0:60:
7d:03:2e:ba:b6:f0:a9:df:bf:80:47:ee:17:bf:02:d9:23:e5:
f1:f8:f5:99:17:6b:3f:d1:3b:b2:5d:d6:32:2f:64:48:ae:fd:
c4:93:aa:f2:10:b3:f4:96:a6:8d:83:a1:c5:64:72:7b:50:9a:
f2:e9:02:ef:e5:6f:23:be:e5:6c:d6:43:81:93:c5:f3:3e:99:
ff:64:c9:d5:2f:73:67:1d:1d:2b:97:f1:92:3b:a7:88:d8:67:
66:50:63:87:8a:63:56:01:ca:93:69:a2:d1:be:72:fc:d5:e3:
f6:38:f6:46:73:a4:78:2f:ef:d5:27:f3:ff:2e:10:37:d2:7a:
3d:06:db:59:66:0c:8b:ce:85:ec:93:d0:92:3f:cd:bf:51:2a:
df:ef:56:55:59:a4:37:e2:3d:20:a1:74:65:a1:7a:34:b3:91:
8e:fd:a3:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBojO0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDIy
MTE1NDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVjZmYyYWE1YjRk
MTBlMmMxNWQzOTE4Njg1N2Y2Y2NlYTVkZDNiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhT6Q9KGB3+n62OegbegaczRnJQKW9mrHSD4o70N3A7o9NZ
F8siEgAFxXLtcYXKN5YwYAODYbrSAC/PKPmMAd7O+ddq2ToyZmsLMYovYJZnxzLy
qocp1943dmMXDOrOm8KolD8f6ScUq7vucVGUsuqFkW0P4o76CYghbFc0uo4ZUGI8
2MIobXcwHnC6OSU6m9JcN2p2ejaz9DR7ddSkXoTu0/DO0Ef2DH6xIgoPs6sFtYbY
LOtkpCbyP9J7sWxeR08DWwmEXCkHoy1aj3M8xWAy4CGCwtPfDHe2IWAmHKGVHIlW
rHXVkCwlhnwG4ld/l4kD3pn6dXsnQgF05qBkc7cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSez/KqW00Q4sFdORhoV/bM6l3TujAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L25zX3lxbHRORU9MQlhUa1lhRmYyek9wZDA3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKZs/jANBgkqhkiG9w0BAQsFAAOC
AQEARijsucbrb/8j0d8srtUGFgV+6djxu6aWmS/kQfq5/XFHy5zhoDwTpgJ+Rw8T
xMKux0bo4KbIToaAW9UtoAub11GxU3467A6DYjamzMO0BXw9hB5n9siPG/BgfQMu
urbwqd+/gEfuF78C2SPl8fj1mRdrP9E7sl3WMi9kSK79xJOq8hCz9JamjYOhxWRy
e1Ca8ukC7+VvI77lbNZDgZPF8z6Z/2TJ1S9zZx0dK5fxkjuniNhnZlBjh4pjVgHK
k2mi0b5y/NXj9jj2RnOkeC/v1Sfz/y4QN9J6PQbbWWYMi86F7JPQkj/Nv1Eq3+9W
VVmkN+I9IKF0ZaF6NLORjv2jug==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:44 2025 by rpki-client