Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/10tNT4WbCPi1KvlqvC3aS9LwEpI.roa
File: 10tNT4WbCPi1KvlqvC3aS9LwEpI.roa (raw, json)
Hash identifier: slq1ivRJBjx3OAfXw+W9bKEWN4G8jCXae/XOFHMfn8A=
Subject key identifier: D7:4B:4D:4F:85:9B:08:F8:B5:2A:F9:6A:BC:2D:DA:4B:D2:F0:12:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E60EC9440ACD7D6B016232EDE1F05BB3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/10tNT4WbCPi1KvlqvC3aS9LwEpI.roa
Signing time: Mon 17 Oct 2022 13:07:52 +0000
ROA not before: Mon 17 Oct 2022 13:07:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 87.121.36.0/23 maxlen: 24
87.121.44.0/22 maxlen: 24
92.249.50.0/24 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
185.218.136.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.37.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.160.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:0e:c9:44:0a:cd:7d:6b:01:62:32:ed:e1:f0:5b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 13:07:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d74b4d4f859b08f8b52af96abc2dda4bd2f01292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:c3:b9:8b:39:2e:27:ca:61:3f:97:89:31:
1f:ce:6a:ec:7d:fa:ba:ce:cf:8e:ff:38:fe:7d:b4:
4e:29:0d:b5:6c:d3:3e:49:ec:35:8c:ed:57:ce:ab:
5e:f8:ef:dc:ac:b4:e0:e0:a8:b5:df:5a:f4:15:9e:
65:e4:fe:fd:6b:c2:03:13:53:9b:96:70:36:30:b9:
64:c3:40:06:75:8c:e0:f3:b6:3f:b6:72:20:76:f2:
bd:28:7b:df:43:21:95:b5:ca:72:d2:b5:41:90:66:
81:05:b5:4c:37:e6:7c:ac:28:d5:ac:05:f1:1d:cd:
9b:0d:28:15:ba:4f:d8:d6:04:0b:96:0b:6b:ca:79:
d9:aa:c7:ec:57:d4:2f:91:21:55:1e:d6:43:e7:7e:
74:d7:48:2e:e1:4f:d6:1a:0c:49:e9:d6:03:9c:50:
c0:a2:b9:df:4d:e6:83:0a:56:6f:4e:8d:af:bd:ec:
4a:07:5c:05:7f:0b:37:fd:1e:e3:fe:57:f6:c9:27:
ef:9b:ab:46:66:32:25:08:1d:cc:39:c2:84:88:45:
87:d3:77:f4:24:28:dc:ba:21:50:5b:7b:e3:1c:1b:
f1:bd:4f:89:6d:7d:3b:c5:92:9d:c5:59:00:1e:a3:
6a:12:9f:14:42:ff:6b:27:c7:44:81:6e:d7:44:b5:
66:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4B:4D:4F:85:9B:08:F8:B5:2A:F9:6A:BC:2D:DA:4B:D2:F0:12:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/10tNT4WbCPi1KvlqvC3aS9LwEpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
79.110.48.0/24
87.120.32.0/22
87.120.100.0/22
87.120.218.0-87.120.221.255
87.121.36.0/23
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.103.0/24
87.121.114.0/23
87.121.160.0/24
87.121.162.0/23
87.121.220.0/23
91.92.6.0/24
91.92.16.0/24
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
92.249.50.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.103.126.0/24
94.154.160.0/23
94.154.163.0/24
94.154.173.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.236.0-178.215.238.255
185.218.136.0/23
185.246.223.0/24
185.252.177.0/24
193.25.219.0/24
193.35.18.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/22
193.47.62.0/24
193.58.120.0/22
193.222.98.0/23
194.180.37.0-194.180.39.255
Signature Algorithm: sha256WithRSAEncryption
8a:b3:78:4c:f5:b7:7e:21:c7:27:59:f2:b7:39:75:9c:ae:d6:
c0:fb:af:41:a0:f9:cb:f6:38:97:e7:5e:79:46:d6:eb:e5:f3:
80:50:25:da:18:90:35:f6:50:71:d6:3a:b6:5d:b8:a2:3d:11:
64:82:2c:7f:ff:9a:e8:ce:e2:6d:7f:11:8b:92:ac:7e:86:a1:
02:04:03:a8:68:6d:9d:4b:4e:19:bb:7b:37:e2:df:96:a8:02:
1a:0c:31:7e:ce:16:c5:81:59:b9:12:3a:5e:e7:10:1e:3e:58:
dc:9c:0b:e3:ae:9d:f6:b4:0a:d5:a4:e5:03:91:d0:78:eb:ae:
90:cc:8e:14:58:5f:b0:ea:8d:8d:31:b2:1f:c6:27:89:19:04:
fa:d1:d9:30:f4:d9:4d:b0:45:9e:f4:9e:b9:2c:c9:a8:57:3f:
2b:7f:36:7e:74:4f:70:71:cc:01:f9:23:b2:b7:e3:f4:b9:a0:
e5:d1:80:b4:f7:e1:07:fc:73:fa:d7:33:d7:2c:cf:d6:c3:33:
e6:e5:19:06:d1:f7:78:22:a7:c6:c2:4d:78:5f:91:90:c9:8d:
6a:9e:64:00:80:3c:98:c7:c4:0b:a4:43:14:6c:7a:ae:e6:bf:
75:e9:59:00:55:35:d0:84:13:dc:fd:be:0c:33:7b:45:02:07:
17:7e:03:c0
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgISAYPmDslECs19awFiMu3h8FuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MTMwNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzRiNGQ0Zjg1OWIwOGY4YjUyYWY5NmFiYzJkZGE0YmQyZjAxMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpzDuYs5LifKYT+XiTEfzmrsffq6
zs+O/zj+fbROKQ21bNM+Sew1jO1Xzqte+O/crLTg4Ki131r0FZ5l5P79a8IDE1Ob
lnA2MLlkw0AGdYzg87Y/tnIgdvK9KHvfQyGVtcpy0rVBkGaBBbVMN+Z8rCjVrAXx
Hc2bDSgVuk/Y1gQLlgtrynnZqsfsV9QvkSFVHtZD535010gu4U/WGgxJ6dYDnFDA
ornfTeaDClZvTo2vvexKB1wFfws3/R7j/lf2ySfvm6tGZjIlCB3MOcKEiEWH03f0
JCjcuiFQW3vjHBvxvU+JbX07xZKdxVkAHqNqEp8UQv9rJ8dEgW7XRLVmPQIDAQAB
o4IDlTCCA5EwHQYDVR0OBBYEFNdLTU+Fmwj4tSr5arwt2kvS8BKSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMTB0TlQ0V2JDUGkxS3ZscXZDM2FTOUx3RXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAZAEAgABMIIB
iAMEAh8N/AMEAE9uMAMEAld4IAMEAld4ZDAMAwQBV3jaAwQBV3jcAwQBV3kkAwQC
V3ksAwQBV3k4AwQCV3k8AwQAV3lFAwQAV3lnAwQBV3lyAwQAV3mgAwQBV3miAwQB
V3ncAwQAW1wGAwQAW1wQAwQAW1wVAwQCW1wYAwQAW1xDAwQAXPkyAwQAXXsWAwQA
XXsYAwQBXXsaAwQBXXseAwQAXXsnAwQCXXtEMAwDBAJde0wDBABde1AwDAMEBF17
cAMEAV17dAMEAF17dwMEAF5nfgMEAV6aoAMEAF6aowMEAF6arQMEAF6cAgMEAF6c
BgMEAF6cCAMEAV6cTgMEAF6cgwMEAF6cmAMEAV6cmjAMAwQEXpywAwQBXpy0MAwD
BABenO0DBABenO4wDAMEArLX7AMEALLX7gMEAbnaiAMEALn23wMEALn8sQMEAMEZ
2wMEAMEjEgMEAMElKgMEAMElLwMEAsEqIAMEAMEvPgMEAsE6eAMEAcHeYjAMAwQA
wrQlAwQDwrQgMA0GCSqGSIb3DQEBCwUAA4IBAQCKs3hM9bd+IccnWfK3OXWcrtbA
+69BoPnL9jiX5155Rtbr5fOAUCXaGJA19lBx1jq2XbiiPRFkgix//5rozuJtfxGL
kqx+hqECBAOoaG2dS04Zu3s34t+WqAIaDDF+zhbFgVm5Ejpe5xAePljcnAvjrp32
tArVpOUDkdB4666QzI4UWF+w6o2NMbIfxieJGQT60dkw9NlNsEWe9J65LMmoVz8r
fzZ+dE9wccwB+SOyt+P0uaDl0YC09+EH/HP61zPXLM/WwzPm5RkG0fd4IqfGwk14
X5GQyY1qnmQAgDyYx8QLpEMUbHqu5r916VkAVTXQhBPc/b4MM3tFAgcXfgPA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org