Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/0CvuTIKWVgFRSVZl0OYqHmvLBfQ.roa
File: 0CvuTIKWVgFRSVZl0OYqHmvLBfQ.roa (raw, json)
Hash identifier: UkjT9dF/UeYqugZhjc2QDp3zkeKdtmFOhw4mrNxJvS4=
Subject key identifier: D0:2B:EE:4C:82:96:56:01:51:49:56:65:D0:E6:2A:1E:6B:CB:05:F4
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 06A548FF
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/0CvuTIKWVgFRSVZl0OYqHmvLBfQ.roa
Signing time: Mon 07 Mar 2022 15:43:38 +0000
ROA not before: Mon 07 Mar 2022 15:43:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 166.108.240.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111495423 (0x6a548ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Mar 7 15:43:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d02bee4c8296560151495665d0e62a1e6bcb05f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:03:e7:70:d8:97:dc:e8:17:cb:48:0e:7d:79:
4f:67:a4:e7:40:ad:07:60:eb:98:7d:dd:bf:89:9b:
20:ab:23:ef:68:68:63:38:c0:0d:6f:02:dc:1f:e1:
6c:66:eb:5d:9c:b3:d0:5d:ce:c4:64:40:e9:06:fc:
38:2b:57:9a:de:16:5a:49:8e:29:37:fa:fd:fa:bf:
5f:b1:f5:da:75:22:34:62:ca:da:3d:9c:db:6b:63:
97:91:24:2e:6c:7d:49:83:74:b0:e6:c1:1f:e8:e4:
c8:d2:65:de:d6:12:50:56:78:e9:03:52:b4:f6:12:
d2:8c:4d:bd:37:0c:86:90:e9:db:41:aa:65:36:bf:
af:8f:5b:6e:a7:04:fe:99:f5:50:92:5d:71:44:fe:
40:91:35:be:62:fb:88:4c:7e:16:ad:a9:9c:0f:24:
ef:0a:1c:21:8f:07:24:33:fe:5b:dd:7b:4d:1a:d3:
c9:19:ab:7a:a4:81:63:64:ef:23:bb:6b:74:e2:65:
df:b7:98:b9:04:c5:17:bc:34:ff:e2:70:fa:35:4e:
df:a9:94:5b:5d:c5:97:78:82:f9:59:71:01:f7:9d:
13:54:a5:3f:2a:99:bc:ba:e5:ec:d2:3b:b2:9e:27:
5d:0a:53:83:e6:f5:9c:01:f0:a4:92:46:52:2a:2a:
76:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2B:EE:4C:82:96:56:01:51:49:56:65:D0:E6:2A:1E:6B:CB:05:F4
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/0CvuTIKWVgFRSVZl0OYqHmvLBfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.240.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:a0:7b:e9:0d:a6:81:69:8b:37:18:f7:a6:bd:43:06:b5:e1:
58:b6:08:dc:e1:13:92:38:3e:06:15:99:4a:8a:38:04:5e:b0:
2f:fb:9a:86:b4:5a:64:d5:15:3d:1f:54:4f:5f:32:a3:80:a1:
3f:78:8b:96:8d:b4:b6:6f:91:7c:37:91:da:f6:49:c9:11:6d:
82:86:75:5e:aa:fe:0a:7a:49:af:a5:03:77:47:15:27:c1:4d:
3a:50:08:74:8f:4a:32:4e:9d:11:ce:ce:7b:26:cc:94:97:bf:
a0:80:a8:fc:d0:c1:ac:61:5b:fa:ef:0b:e1:22:84:28:4f:33:
df:c2:e9:ab:b1:79:bc:28:67:6b:26:35:5b:29:4c:e7:a1:b2:
29:16:50:a1:a5:c3:c8:7a:80:c8:6d:e6:ce:7d:b5:45:7d:98:
a3:d0:b6:77:27:82:b1:d8:0a:91:5f:2b:1b:21:37:a2:36:cc:
c1:b4:44:9e:c3:55:6f:bf:b2:b8:83:c1:02:53:06:05:8d:64:
07:e6:3d:1c:2d:7d:c5:cb:83:28:37:e8:05:e9:1b:d6:fb:d6:
8d:3f:03:79:dc:e7:96:23:86:17:c4:40:1f:f0:50:df:db:39:
ff:18:9f:5e:e0:37:43:42:8a:f5:e7:4e:02:7e:4f:99:7d:ad:
c3:5a:40:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBqVI/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTJiODYwOTVjZTU1OGQyZTk2MTg3MjhhNDQyMjhhMjdiZTkwOThmMB4XDTIyMDMw
NzE1NDMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAyYmVlNGM4Mjk2
NTYwMTUxNDk1NjY1ZDBlNjJhMWU2YmNiMDVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcD53DYl9zoF8tIDn15T2ek50CtB2DrmH3dv4mbIKsj72ho
YzjADW8C3B/hbGbrXZyz0F3OxGRA6Qb8OCtXmt4WWkmOKTf6/fq/X7H12nUiNGLK
2j2c22tjl5EkLmx9SYN0sObBH+jkyNJl3tYSUFZ46QNStPYS0oxNvTcMhpDp20Gq
ZTa/r49bbqcE/pn1UJJdcUT+QJE1vmL7iEx+Fq2pnA8k7wocIY8HJDP+W917TRrT
yRmreqSBY2TvI7trdOJl37eYuQTFF7w0/+Jw+jVO36mUW13Fl3iC+VlxAfedE1Sl
PyqZvLrl7NI7sp4nXQpTg+b1nAHwpJJGUioqdu8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTQK+5MgpZWAVFJVmXQ5ioea8sF9DAfBgNVHSMEGDAWgBSZK4YJXOVY0ulh
hyikQiiie+kJjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21TdUdDVnpsV05McFlZY29wRUlvb252cENZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvOGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8x
LzBDdnVUSUtXVmdGUlNWWmwwT1lxSG12TEJmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
OGVhOWI5LTNiNmUtNGZkZi1iNWQxLWYwNGZkY2MwOWU1MS8xL21TdUdDVnpsV05M
cFlZY29wRUlvb252cENZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaZs8DANBgkqhkiG9w0BAQsFAAOC
AQEAS6B76Q2mgWmLNxj3pr1DBrXhWLYI3OETkjg+BhWZSoo4BF6wL/uahrRaZNUV
PR9UT18yo4ChP3iLlo20tm+RfDeR2vZJyRFtgoZ1Xqr+CnpJr6UDd0cVJ8FNOlAI
dI9KMk6dEc7OeybMlJe/oICo/NDBrGFb+u8L4SKEKE8z38Lpq7F5vChnayY1WylM
56GyKRZQoaXDyHqAyG3mzn21RX2Yo9C2dyeCsdgKkV8rGyE3ojbMwbREnsNVb7+y
uIPBAlMGBY1kB+Y9HC19xcuDKDfoBekb1vvWjT8DedznliOGF8RAH/BQ39s5/xif
XuA3Q0KK9edOAn5PmX2tw1pAAw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:46 2023 by rpki-client on console.sobornost.net