Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/jlqtDjkV-6BVNzYzMnGW3upKkJo.roa
File: jlqtDjkV-6BVNzYzMnGW3upKkJo.roa (raw, json)
Hash identifier: xLo20sJhQbqR1azPQ5HjTxbvWzSDmhpVhI+UJWQn0bI=
Subject key identifier: 8E:5A:AD:0E:39:15:FB:A0:55:37:36:33:32:71:96:DE:EA:4A:90:9A
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01835093319B0DFEB8208786174BA959F1EB
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/jlqtDjkV-6BVNzYzMnGW3upKkJo.roa
Signing time: Sun 18 Sep 2022 12:29:27 +0000
ROA not before: Sun 18 Sep 2022 12:29:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60117
IP address blocks: 166.108.184.0/22 maxlen: 24
166.108.212.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:50:93:31:9b:0d:fe:b8:20:87:86:17:4b:a9:59:f1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 18 12:29:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e5aad0e3915fba055373633327196deea4a909a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:94:11:7d:1f:b7:ed:45:9c:2d:35:dd:66:17:
4f:f6:e3:ad:a5:3b:17:cb:27:8a:32:7a:45:c9:da:
0a:6b:3d:e4:6e:cc:93:66:05:e0:13:ed:42:4d:92:
75:fc:eb:46:6b:f5:e3:76:59:1e:cd:2c:9e:56:86:
d4:e5:40:61:f3:3f:7d:d9:71:50:24:4f:b9:e2:5b:
25:6a:16:01:f5:a7:4b:fb:fc:8d:4a:3d:dc:d6:8a:
10:f0:2f:1e:93:70:e1:5f:72:3c:e0:00:13:cb:00:
58:d7:29:8b:d6:6f:48:0e:0b:72:d8:9a:b0:4c:e8:
aa:a9:d5:fe:c3:d1:58:41:44:d2:0a:04:c9:54:99:
b7:9a:05:c5:73:00:e7:3d:8a:1d:dd:d8:81:34:87:
e8:2b:b8:69:4a:d5:c3:1f:de:f1:f5:fd:33:7c:2b:
fb:5a:82:00:bb:25:97:a3:ce:3b:69:4a:3c:42:9b:
14:46:27:d5:db:62:dc:99:d0:d9:3c:bd:38:78:e8:
c6:3c:68:62:4a:01:22:c0:a2:fb:90:1a:3c:c4:2b:
c2:f9:95:fa:57:53:e7:ac:00:ce:64:3c:52:13:35:
86:40:dd:80:e7:b3:3e:95:f6:df:d1:06:2a:cb:08:
e0:6c:c7:46:94:5c:8e:f6:b1:ce:60:47:7e:04:62:
79:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:5A:AD:0E:39:15:FB:A0:55:37:36:33:32:71:96:DE:EA:4A:90:9A
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/jlqtDjkV-6BVNzYzMnGW3upKkJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.184.0/22
166.108.212.0/22
Signature Algorithm: sha256WithRSAEncryption
17:c7:b5:41:be:9c:a7:73:46:b2:06:2a:02:c0:37:d5:02:94:
8e:55:09:77:4e:9b:83:e0:e5:d5:61:a7:bf:d0:6a:d8:79:86:
c7:21:5b:e5:0f:b9:26:90:cd:51:f6:51:90:2a:d5:ca:05:3e:
fe:55:a6:4b:f8:05:e0:89:b4:d9:0b:41:0f:a0:99:da:14:58:
fc:f4:0e:7f:36:97:d7:ee:be:91:f3:ca:40:b2:ef:ce:c0:c8:
6e:9f:23:9d:93:0c:68:40:4d:41:f9:46:36:c5:62:af:1f:fd:
f0:c1:b9:8d:17:23:ee:4c:bc:10:f0:72:a2:c7:26:47:49:b5:
57:b7:db:15:3d:42:d6:5d:6a:d8:c7:b3:f3:7f:83:e4:a3:3b:
d4:66:1b:a9:3b:f7:4c:e9:8a:4d:ec:b5:c5:f0:c2:1f:b1:99:
1c:db:d5:6d:29:f9:e0:b5:8a:3d:e5:d9:0e:85:14:55:8d:49:
df:04:06:b8:ba:fa:1b:19:c5:12:5b:c7:f6:2f:e1:6d:95:0c:
28:c8:7f:0d:03:39:bd:d9:8a:33:65:97:23:90:c2:3d:80:a0:
61:40:6d:72:b9:90:5a:87:4c:71:63:80:86:8e:e0:77:52:78:
f0:a1:c5:a9:5d:ac:dc:f5:60:6f:0c:ea:0c:7f:19:83:73:48:
fd:49:18:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNQkzGbDf64IIeGF0upWfHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTE4MTIyOTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTVhYWQwZTM5MTVmYmEwNTUzNzM2MzMzMjcxOTZkZWVhNGE5MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspQRfR+37UWcLTXdZhdP9uOtpTsX
yyeKMnpFydoKaz3kbsyTZgXgE+1CTZJ1/OtGa/XjdlkezSyeVobU5UBh8z992XFQ
JE+54lslahYB9adL+/yNSj3c1ooQ8C8ek3DhX3I84AATywBY1ymL1m9IDgty2Jqw
TOiqqdX+w9FYQUTSCgTJVJm3mgXFcwDnPYod3diBNIfoK7hpStXDH97x9f0zfCv7
WoIAuyWXo847aUo8QpsURifV22LcmdDZPL04eOjGPGhiSgEiwKL7kBo8xCvC+ZX6
V1PnrADOZDxSEzWGQN2A57M+lfbf0QYqywjgbMdGlFyO9rHOYEd+BGJ5/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI5arQ45FfugVTc2MzJxlt7qSpCaMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvamxxdERqa1YtNkJWTnpZek1uR1czdXBLa0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpmy4AwQC
pmzUMA0GCSqGSIb3DQEBCwUAA4IBAQAXx7VBvpync0ayBioCwDfVApSOVQl3TpuD
4OXVYae/0GrYeYbHIVvlD7kmkM1R9lGQKtXKBT7+VaZL+AXgibTZC0EPoJnaFFj8
9A5/NpfX7r6R88pAsu/OwMhunyOdkwxoQE1B+UY2xWKvH/3wwbmNFyPuTLwQ8HKi
xyZHSbVXt9sVPULWXWrYx7Pzf4PkozvUZhupO/dM6YpN7LXF8MIfsZkc29VtKfng
tYo95dkOhRRVjUnfBAa4uvobGcUSW8f2L+FtlQwoyH8NAzm92YozZZcjkMI9gKBh
QG1yuZBah0xxY4CGjuB3UnjwocWpXazc9WBvDOoMfxmDc0j9SRjO
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:46 2023 by rpki-client on console.sobornost.net