Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yPHvVE7b6aylFqyUgIONX0l-7JU.roa
File: yPHvVE7b6aylFqyUgIONX0l-7JU.roa (raw, json)
Hash identifier: nNl/gkKCH/UvP1DcC348wVXYBajlPdzEkAsBuvmruyM=
Subject key identifier: C8:F1:EF:54:4E:DB:E9:AC:A5:16:AC:94:80:83:8D:5F:49:7E:EC:95
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06339C13
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yPHvVE7b6aylFqyUgIONX0l-7JU.roa
Signing time: Thu 20 Jan 2022 09:34:53 +0000
ROA not before: Thu 20 Jan 2022 09:34:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 166.108.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104045587 (0x6339c13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Jan 20 09:34:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8f1ef544edbe9aca516ac9480838d5f497eec95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:61:ac:b0:cd:ec:da:ea:04:0a:94:aa:50:f4:
91:9e:6d:08:a9:be:b7:a2:a6:79:82:5a:48:37:87:
2a:8d:48:aa:d8:ee:4a:6c:f5:a8:60:06:da:5e:14:
c9:cc:4c:30:bb:5f:5f:9c:74:7c:b6:fd:6b:a0:c8:
7b:0b:b1:98:10:f0:b3:e8:3b:6c:85:ed:41:3a:e2:
c6:e0:b1:da:26:1d:0e:ed:26:9c:61:23:96:72:7e:
fd:94:ff:54:5f:af:a5:1a:57:3b:57:28:a8:5f:a1:
f8:db:7a:13:a9:cb:37:9a:5c:39:b8:c0:70:69:da:
b8:97:5a:95:7b:af:e7:c8:43:4a:5e:89:51:81:ac:
ad:3c:a0:b8:74:ab:57:68:f9:c1:8f:9c:87:d2:3e:
3d:85:ce:3e:79:71:e6:c2:df:30:7f:18:53:8f:f7:
3b:43:01:e4:e9:06:c4:c5:10:9f:5d:cc:c9:b8:73:
5a:86:ff:e3:df:a7:62:cc:65:b2:fc:38:25:f3:73:
57:5c:47:6a:16:60:08:c6:d3:bb:68:a1:d2:16:8a:
c6:5c:11:11:c7:ad:ec:c6:39:fa:5d:1b:c0:82:a2:
e0:2a:b0:5f:9a:bf:e9:cf:ec:42:1f:9d:53:2e:6d:
20:9b:7f:12:2a:e4:5c:65:08:98:b7:ad:9f:5c:51:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F1:EF:54:4E:DB:E9:AC:A5:16:AC:94:80:83:8D:5F:49:7E:EC:95
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/yPHvVE7b6aylFqyUgIONX0l-7JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
97:06:0a:ca:f1:46:f0:ec:d6:a2:95:94:8b:73:94:df:85:b2:
90:99:84:30:3f:47:c6:c3:15:32:db:68:99:46:a0:db:ca:85:
a0:c1:ab:eb:a1:16:99:ba:ad:04:94:e1:b1:5e:fb:2a:b1:c5:
dd:7b:da:65:a6:55:fa:91:e4:01:df:41:da:1b:f1:20:d8:a7:
06:74:99:fe:d0:57:18:f2:cc:cc:9b:04:91:fa:0e:81:de:27:
b4:d9:df:69:69:ca:bf:48:8a:f5:9a:62:74:6c:b3:be:a7:ba:
09:64:2f:07:6a:ad:83:9c:a6:9a:a9:a4:a1:4f:ea:2d:26:72:
0e:ff:e4:ee:b1:0b:7a:d4:c1:ae:e3:0d:d7:26:80:ef:6d:67:
0c:5d:30:fd:09:87:0a:d0:7d:c7:dc:5a:52:2f:ae:17:3d:0f:
a1:62:89:63:cb:d7:29:a0:e2:96:b5:a7:7b:46:cb:9e:a1:1e:
39:a9:a4:b6:df:33:df:d9:d5:90:ad:a4:7c:3a:d6:a8:ba:e8:
62:49:67:63:ff:c4:24:19:e5:47:da:54:0c:24:44:89:50:db:
96:49:b8:49:44:ef:12:1b:70:42:6c:0e:9d:09:31:4e:7b:ab:
e7:fa:2c:31:69:36:a4:41:4e:3f:e2:aa:f4:18:cd:09:04:be:
93:e9:ad:16
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBjOcEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDEy
MDA5MzQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhmMWVmNTQ0ZWRi
ZTlhY2E1MTZhYzk0ODA4MzhkNWY0OTdlZWM5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9hrLDN7NrqBAqUqlD0kZ5tCKm+t6KmeYJaSDeHKo1Iqtju
Smz1qGAG2l4UycxMMLtfX5x0fLb9a6DIewuxmBDws+g7bIXtQTrixuCx2iYdDu0m
nGEjlnJ+/ZT/VF+vpRpXO1coqF+h+Nt6E6nLN5pcObjAcGnauJdalXuv58hDSl6J
UYGsrTyguHSrV2j5wY+ch9I+PYXOPnlx5sLfMH8YU4/3O0MB5OkGxMUQn13Mybhz
Wob/49+nYsxlsvw4JfNzV1xHahZgCMbTu2ih0haKxlwREcet7MY5+l0bwIKi4Cqw
X5q/6c/sQh+dUy5tIJt/EirkXGUImLetn1xRDv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTI8e9UTtvprKUWrJSAg41fSX7slTAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
L3lQSHZWRTdiNmF5bEZxeVVnSU9OWDBsLTdKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKZs/zANBgkqhkiG9w0BAQsFAAOC
AQEAlwYKyvFG8OzWopWUi3OU34WykJmEMD9HxsMVMttomUag28qFoMGr66EWmbqt
BJThsV77KrHF3XvaZaZV+pHkAd9B2hvxINinBnSZ/tBXGPLMzJsEkfoOgd4ntNnf
aWnKv0iK9ZpidGyzvqe6CWQvB2qtg5ymmqmkoU/qLSZyDv/k7rELetTBruMN1yaA
721nDF0w/QmHCtB9x9xaUi+uFz0PoWKJY8vXKaDilrWne0bLnqEeOamktt8z39nV
kK2kfDrWqLroYklnY//EJBnlR9pUDCREiVDblkm4SUTvEhtwQmwOnQkxTnur5/os
MWk2pEFOP+Kq9BjNCQS+k+mtFg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:33 2025 by rpki-client