Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/uFO3PIrSDMwNDJV0NavHR597K_I.roa
File: uFO3PIrSDMwNDJV0NavHR597K_I.roa (raw, json)
Hash identifier: YQoikRSwB9waN8MgCHsN1RPQBz8SBW0ERyXtyZTS1lw=
Subject key identifier: B8:53:B7:3C:8A:D2:0C:CC:0D:0C:95:74:35:AB:C7:47:9F:7B:2B:F2
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01834FB7782953E84D5E331E9A342F7DE2F5
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/uFO3PIrSDMwNDJV0NavHR597K_I.roa
Signing time: Sun 18 Sep 2022 08:29:27 +0000
ROA not before: Sun 18 Sep 2022 08:29:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 166.108.216.0/23 maxlen: 23
166.108.218.0/23 maxlen: 23
166.108.224.0/23 maxlen: 23
166.108.226.0/23 maxlen: 23
166.108.220.0/23 maxlen: 23
166.108.222.0/23 maxlen: 23
166.108.230.0/23 maxlen: 23
166.108.232.0/23 maxlen: 23
166.108.228.0/23 maxlen: 23
166.108.238.0/23 maxlen: 23
166.108.234.0/23 maxlen: 23
166.108.236.0/23 maxlen: 23
166.108.240.0/23 maxlen: 23
166.108.244.0/24 maxlen: 24
166.108.245.0/24 maxlen: 24
166.108.246.0/24 maxlen: 24
166.108.242.0/23 maxlen: 23
166.108.251.0/24 maxlen: 24
166.108.252.0/24 maxlen: 24
166.108.253.0/24 maxlen: 24
166.108.247.0/24 maxlen: 24
166.108.249.0/24 maxlen: 24
166.108.250.0/24 maxlen: 24
166.108.254.0/24 maxlen: 24
166.108.160.0/22 maxlen: 22
166.108.168.0/22 maxlen: 22
166.108.172.0/22 maxlen: 22
166.108.176.0/22 maxlen: 22
166.108.180.0/22 maxlen: 22
166.108.184.0/22 maxlen: 22
166.108.188.0/22 maxlen: 22
166.108.192.0/22 maxlen: 22
166.108.196.0/22 maxlen: 22
166.108.200.0/22 maxlen: 22
166.108.204.0/22 maxlen: 22
166.108.208.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:4f:b7:78:29:53:e8:4d:5e:33:1e:9a:34:2f:7d:e2:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Sep 18 08:29:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b853b73c8ad20ccc0d0c957435abc7479f7b2bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:1c:25:6c:e8:23:0b:f6:52:77:02:40:f8:
e3:14:7a:a3:19:ac:40:9b:da:76:65:7d:ad:ee:17:
e4:09:51:fc:ff:5b:80:b7:57:ea:f7:13:47:4c:15:
d1:8b:5e:aa:92:c4:ff:89:49:af:ba:13:e9:c0:d5:
d4:5f:5b:26:0c:d8:af:20:8e:8d:08:17:1c:b4:7e:
49:b3:6a:41:21:fe:8f:ed:b5:49:de:d9:0f:d4:39:
fa:58:de:24:82:47:77:93:f9:d9:fe:08:b2:4e:34:
1f:c8:2e:50:1f:28:d0:55:dc:4b:5c:81:3c:3f:5f:
fd:da:8f:24:cb:14:99:b0:f3:e9:c8:f2:07:60:1d:
da:eb:dc:6e:44:64:77:23:04:4e:73:f7:71:87:16:
47:5d:fc:49:6d:79:53:94:4a:fb:e7:63:27:95:9f:
38:8c:99:01:9a:14:5e:9c:53:f3:e8:a7:c2:69:65:
73:2e:90:ab:44:12:2f:9f:e2:fc:93:41:d2:51:91:
a8:16:95:75:ba:50:85:fa:ee:7e:10:a4:19:a4:33:
fa:6b:14:74:1e:18:1d:be:31:ca:84:c2:36:c6:3e:
85:dc:85:1d:58:ee:92:39:82:ac:5f:2b:09:1a:c4:
00:aa:74:01:cb:a4:49:2d:60:f3:8e:26:b9:89:bc:
05:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:53:B7:3C:8A:D2:0C:CC:0D:0C:95:74:35:AB:C7:47:9F:7B:2B:F2
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/uFO3PIrSDMwNDJV0NavHR597K_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.160.0/22
166.108.168.0-166.108.211.255
166.108.216.0-166.108.247.255
166.108.249.0-166.108.254.255
Signature Algorithm: sha256WithRSAEncryption
49:42:fd:05:ae:72:17:df:e5:a4:2f:09:31:33:87:f8:8c:eb:
16:2f:0a:1d:98:e2:1b:d6:ac:a0:5d:d9:08:4a:88:6d:00:c1:
fd:30:ef:74:8c:cc:ab:34:4e:a3:fa:ed:d3:37:a0:f0:92:2f:
5b:60:83:2a:44:d0:36:8d:2c:af:35:2f:6e:d3:27:fc:c8:e3:
06:a2:12:e2:51:a5:a6:89:18:53:1c:8c:e8:dd:a1:4a:9e:b7:
de:f7:12:5c:ab:e0:e3:52:97:d8:6d:52:40:c7:96:91:f1:d1:
1d:a5:60:4d:25:56:31:4d:03:ef:d5:81:85:8a:01:f8:9a:02:
8b:cf:4c:e3:09:84:5d:0a:a7:83:08:7b:d5:fa:c6:ec:b2:a4:
f5:bb:26:65:57:25:68:15:f7:58:84:35:25:5e:42:4d:f3:fc:
27:5f:92:8d:35:c2:8e:3b:64:6d:ef:10:6e:4c:51:be:03:65:
70:f5:33:3b:08:a9:ff:f0:09:de:d1:f5:b6:96:7b:80:7e:49:
0c:22:53:a1:2e:3e:50:02:33:c3:be:72:9b:59:8b:04:b7:ba:
e0:fa:c9:d2:09:0c:89:bb:8a:08:96:6f:c8:61:f9:c8:c2:0f:
df:3f:e9:29:1c:2a:a4:b5:ce:9f:00:2e:60:e4:8b:57:af:cc:
c0:4d:e2:53
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYNPt3gpU+hNXjMemjQvfeL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwOTE4MDgyOTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODUzYjczYzhhZDIwY2NjMGQwYzk1NzQzNWFiYzc0NzlmN2IyYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlscJWzoIwv2UncCQPjjFHqjGaxA
m9p2ZX2t7hfkCVH8/1uAt1fq9xNHTBXRi16qksT/iUmvuhPpwNXUX1smDNivII6N
CBcctH5Js2pBIf6P7bVJ3tkP1Dn6WN4kgkd3k/nZ/giyTjQfyC5QHyjQVdxLXIE8
P1/92o8kyxSZsPPpyPIHYB3a69xuRGR3IwROc/dxhxZHXfxJbXlTlEr752MnlZ84
jJkBmhRenFPz6KfCaWVzLpCrRBIvn+L8k0HSUZGoFpV1ulCF+u5+EKQZpDP6axR0
HhgdvjHKhMI2xj6F3IUdWO6SOYKsXysJGsQAqnQBy6RJLWDzjia5ibwF0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLhTtzyK0gzMDQyVdDWrx0efeyvyMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvdUZPM1BJclNETXdOREpWME5hdkhSNTk3S19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCpmygMAwD
BAOmbKgDBAKmbNAwDAMEA6Zs2AMEA6Zs8DAMAwQApmz5AwQApmz+MA0GCSqGSIb3
DQEBCwUAA4IBAQBJQv0FrnIX3+WkLwkxM4f4jOsWLwodmOIb1qygXdkISohtAMH9
MO90jMyrNE6j+u3TN6Dwki9bYIMqRNA2jSyvNS9u0yf8yOMGohLiUaWmiRhTHIzo
3aFKnrfe9xJcq+DjUpfYbVJAx5aR8dEdpWBNJVYxTQPv1YGFigH4mgKLz0zjCYRd
CqeDCHvV+sbssqT1uyZlVyVoFfdYhDUlXkJN8/wnX5KNNcKOO2Rt7xBuTFG+A2Vw
9TM7CKn/8Ane0fW2lnuAfkkMIlOhLj5QAjPDvnKbWYsEt7rg+snSCQyJu4oIlm/I
YfnIwg/fP+kpHCqktc6fAC5g5ItXr8zATeJT
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:46 2023 by rpki-client on console.sobornost.net