Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4aVAEJYxpJn4W9XD7u-DtO0tL2M.roa
File: 4aVAEJYxpJn4W9XD7u-DtO0tL2M.roa (raw, json)
Hash identifier: kFQCxZTRY6bYg/Xhm9rY13up4/+Icv+QhKVYuqJNJo0=
Subject key identifier: E1:A5:40:10:96:31:A4:99:F8:5B:D5:C3:EE:EF:83:B4:ED:2D:2F:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188532BE5092DA2AF11E042C51407AB3CDF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4aVAEJYxpJn4W9XD7u-DtO0tL2M.roa
Signing time: Thu 25 May 2023 13:49:25 +0000
ROA not before: Thu 25 May 2023 13:49:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.166.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
193.8.184.0/23 maxlen: 24
85.217.145.0/24 maxlen: 24
193.8.186.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.74.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
193.25.219.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
45.95.2.0/23 maxlen: 24
45.95.0.0/23 maxlen: 24
45.88.90.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:2b:e5:09:2d:a2:af:11:e0:42:c5:14:07:ab:3c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 25 13:49:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a540109631a499f85bd5c3eeef83b4ed2d2f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:39:d5:d1:7f:c2:c2:b0:84:53:f5:71:6b:2d:
eb:de:16:f1:d1:ab:d5:40:8d:86:3f:74:62:82:b7:
e4:c3:c9:ce:1e:24:87:ba:d8:e1:ac:40:c4:f1:79:
ba:f3:de:62:b2:b0:e5:87:f3:4a:b8:40:ba:ac:40:
46:8b:15:45:33:47:33:81:cd:e9:c4:3c:6b:82:d4:
6e:ab:95:26:73:4a:ae:92:b5:d9:29:75:4a:50:0b:
3c:29:96:5a:89:80:fb:53:4c:29:83:c2:90:10:4b:
4b:bc:22:0b:74:4a:26:49:32:a6:2a:64:fd:07:e5:
4b:9d:76:e4:13:48:5e:4d:84:f5:ae:60:fd:82:1c:
98:2e:4b:1c:3d:2d:3e:1c:7b:72:5f:c2:f0:b5:97:
85:49:55:92:0c:f4:9d:7e:68:9b:56:91:a5:0e:76:
2d:ee:17:c6:ac:85:12:af:5f:16:e2:dc:f0:df:d2:
c4:ff:eb:8e:c7:22:70:85:53:5d:4d:0e:7b:4b:de:
98:83:63:93:64:3d:ff:02:d7:bb:07:93:d6:f0:45:
20:a3:7d:e3:44:68:21:c5:ab:ff:e2:0a:ea:2c:90:
7f:53:ee:f2:13:75:b2:b8:21:8e:fd:a1:6d:c6:8a:
77:3c:7c:21:77:d8:2d:7c:68:4c:19:06:16:c7:94:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A5:40:10:96:31:A4:99:F8:5B:D5:C3:EE:EF:83:B4:ED:2D:2F:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4aVAEJYxpJn4W9XD7u-DtO0tL2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
37.139.131.0/24
45.8.92.0/24
45.9.208.0/22
45.88.90.0/24
45.95.0.0/22
45.139.123.0/24
45.143.100.0/22
45.149.235.0/24
84.54.51.0/24
85.217.145.0/24
87.120.166.0/24
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.44.0/24
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.68.0/22
93.123.74.0-93.123.80.255
93.123.112.0/22
93.123.117.0/24
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.8.184.0/22
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
55:2d:08:3c:09:12:73:05:b8:d7:10:cd:be:e7:af:14:f7:56:
7e:fa:72:78:d4:ec:99:15:bc:b1:d1:de:fd:38:a4:b6:26:39:
c9:2a:12:10:bc:af:06:4b:d2:b4:0b:19:a2:2b:7f:66:13:f1:
4f:86:d2:c2:64:b2:c4:2b:fb:eb:01:f0:8f:55:f8:46:fc:96:
d3:3a:1e:97:bd:0b:4c:05:de:6d:1a:1f:50:01:8c:de:41:cd:
24:83:39:09:d7:c2:d1:b1:76:67:58:6f:d0:4f:5b:cf:e4:eb:
f5:db:86:a8:3e:b5:80:ac:5e:92:6c:44:e1:98:ce:54:3e:ae:
5a:30:ca:18:e3:9f:da:ca:15:2d:74:01:63:56:67:b0:65:ea:
5c:8b:ae:6e:33:d6:e9:a6:53:04:f4:77:6f:a3:46:1d:07:2c:
dd:3d:82:b7:a4:d6:24:11:cd:fc:da:ec:39:41:09:f2:8e:eb:
6a:72:76:1b:6c:11:bc:0e:39:fe:32:d8:93:5b:33:ac:57:54:
6d:d6:fd:2a:13:1a:8e:bd:58:58:b0:44:42:2c:5e:01:3e:2f:
30:71:6b:63:9d:bb:04:61:42:13:65:f3:bc:86:fc:ac:90:5b:
91:68:3a:63:6e:cd:69:00:fd:1a:9f:0a:54:b5:89:2b:d1:3d:
f4:90:ba:6b
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAYhTK+UJLaKvEeBCxRQHqzzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI1MTM0OTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE1NDAxMDk2MzFhNDk5Zjg1YmQ1YzNlZWVmODNiNGVkMmQyZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlznV0X/CwrCEU/Vxay3r3hbx0avV
QI2GP3Rigrfkw8nOHiSHutjhrEDE8Xm6895isrDlh/NKuEC6rEBGixVFM0czgc3p
xDxrgtRuq5Umc0qukrXZKXVKUAs8KZZaiYD7U0wpg8KQEEtLvCILdEomSTKmKmT9
B+VLnXbkE0heTYT1rmD9ghyYLkscPS0+HHtyX8LwtZeFSVWSDPSdfmibVpGlDnYt
7hfGrIUSr18W4tzw39LE/+uOxyJwhVNdTQ57S96Yg2OTZD3/Ate7B5PW8EUgo33j
RGghxav/4grqLJB/U+7yE3WyuCGO/aFtxop3PHwhd9gtfGhMGQYWx5Rm8wIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFOGlQBCWMaSZ+FvVw+7vg7TtLS9jMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNGFWQUVKWXhwSm40VzlYRDd1LUR0TzB0TDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAgX9OAMEACWLgwMEAC0IXAMEAi0J0AMEAC1YWgMEAi1fAAMEAC2LewMEAi2P
ZAMEAC2V6wMEAFQ2MwMEAFXZkQMEAFd4pgMEAVd4wAMEAFd42zAMAwQCV3kkAwQA
V3kmAwQAV3ksAwQCV3k8MAwDBABXeWcDBABXeWgDBAFXeXIDBAFXeZIDBABXeaMD
BABbXBADBAFbXBoDBABbXEMDBABdexgDBAFdexoDBAFdex4DBAJde0QwDAMEAV17
SgMEAF17UAMEAl17cAMEAF17dQMEAF17dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6c
mAMEAV6cmjAMAwQEXpywAwQBXpy0MAwDBABenO0DBABenO4DBAK5k2QDBAG5zw4D
BAC5/LEDBALBCLgDBADBGdsDBADBLz4DBADBOnkDBADBOnsDBADCMPkDBADCN+ID
BADUV80wDQYJKoZIhvcNAQELBQADggEBAFUtCDwJEnMFuNcQzb7nrxT3Vn76cnjU
7JkVvLHR3v04pLYmOckqEhC8rwZL0rQLGaIrf2YT8U+G0sJkssQr++sB8I9V+Eb8
ltM6Hpe9C0wF3m0aH1ABjN5BzSSDOQnXwtGxdmdYb9BPW8/k6/Xbhqg+tYCsXpJs
ROGYzlQ+rlowyhjjn9rKFS10AWNWZ7Bl6lyLrm4z1ummUwT0d2+jRh0HLN09grek
1iQRzfza7DlBCfKO62pydhtsEbwOOf4y2JNbM6xXVG3W/SoTGo69WFiwREIsXgE+
LzBxa2OduwRhQhNl87yG/KyQW5FoOmNuzWkA/RqfClS1iSvRPfSQums=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-ams.rpki-client.org