Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6r8CXKKFoy9bhKHKC-1ywKITf5I.roa
File: 6r8CXKKFoy9bhKHKC-1ywKITf5I.roa (raw, json)
Hash identifier: Ml4ljNPdxQl/7EqKtOAeeIUJtczVWsK9nToteCa86u4=
Subject key identifier: EA:BF:02:5C:A2:85:A3:2F:5B:84:A1:CA:0B:ED:72:C0:A2:13:7F:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183D6C2D80B9E115318BAA3A69AD6D6F162
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6r8CXKKFoy9bhKHKC-1ywKITf5I.roa
Signing time: Fri 14 Oct 2022 13:50:36 +0000
ROA not before: Fri 14 Oct 2022 13:50:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8866
IP address blocks: 87.120.192.0/23 maxlen: 23
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.232.0/22 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.72.0/21 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 22
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.10.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.14.0/23 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.136.0/21 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:c2:d8:0b:9e:11:53:18:ba:a3:a6:9a:d6:d6:f1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 14 13:50:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eabf025ca285a32f5b84a1ca0bed72c0a2137f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:b7:4c:4e:36:63:51:df:ad:79:d8:5c:5a:
a7:c0:f2:67:17:4f:d4:64:9f:49:ee:6a:69:8c:70:
51:10:b2:60:a5:60:9f:ab:be:ae:d5:81:5f:31:2a:
5a:88:f0:91:ff:22:b6:60:cd:21:7c:8c:e6:6f:42:
7d:2d:6d:7e:55:1d:10:73:59:f4:1c:a9:6f:5d:fe:
be:5d:9f:41:fb:2a:e2:a6:35:71:5a:54:ac:ec:bf:
a2:b5:80:a9:f9:b8:34:80:be:56:14:fd:fa:01:d4:
94:ba:61:b0:13:76:30:58:6b:be:e9:8f:28:ad:aa:
e6:ae:84:f7:39:03:c8:97:20:6a:9d:33:91:60:30:
47:95:88:3d:23:8e:62:d2:b9:5c:c9:12:ad:a3:a9:
7e:45:0d:e8:40:1f:cc:72:70:d3:15:e4:38:a7:00:
a7:56:39:35:b0:1f:87:70:d1:7e:34:7f:1c:e8:89:
e5:f4:3d:69:48:87:80:ef:42:1e:aa:2b:6b:40:31:
43:d9:a3:ac:66:60:54:01:26:bf:0a:1b:01:1f:a7:
d7:17:5e:45:c3:6a:eb:a7:31:e7:f1:14:4f:5f:8b:
35:36:6c:f5:28:df:dc:f0:a5:d6:cc:87:02:03:d8:
29:b8:4d:d3:3b:a8:55:f6:93:20:ad:cd:3a:91:f5:
a9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BF:02:5C:A2:85:A3:2F:5B:84:A1:CA:0B:ED:72:C0:A2:13:7F:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6r8CXKKFoy9bhKHKC-1ywKITf5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0-87.121.105.255
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.8.0/24
91.92.10.0/23
91.92.13.0-91.92.16.255
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.95.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.136.0/21
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.232.0/22
94.156.237.0-94.156.238.255
Signature Algorithm: sha256WithRSAEncryption
34:e2:c2:4b:89:d0:3a:fd:60:65:23:b0:05:21:05:6d:e9:a5:
30:7d:12:23:77:69:fc:79:ef:bb:48:0c:69:40:59:18:7e:8b:
a5:48:fb:c7:a1:39:a6:ed:18:6d:7f:d2:25:29:ad:b6:60:d7:
18:a1:32:c9:c3:3f:73:05:1f:42:2a:75:44:51:23:e3:44:cd:
01:47:54:fb:fe:bf:34:d4:49:75:9b:47:4c:5f:73:b1:9b:41:
54:0a:ed:1b:7f:81:3a:7f:5a:5b:bd:c2:e8:56:df:d0:dd:8f:
2f:66:41:ad:50:3c:38:e7:20:c5:18:ed:e3:c5:19:74:6d:d8:
43:48:07:fc:6c:85:e2:34:9b:34:43:ee:91:56:b5:b6:e8:5e:
f8:b7:06:7a:30:1d:c5:57:56:ea:d7:a7:3b:f8:78:a2:c7:68:
7f:06:1f:9e:b7:c0:9f:3a:74:cf:9c:85:4d:ff:1d:63:3c:86:
7d:fc:1d:82:ef:af:35:3d:ef:09:75:a4:da:e5:d5:aa:f8:40:
1d:4c:72:51:d0:f2:ef:68:d6:13:6d:33:ab:4a:ee:57:6a:0b:
2c:76:c8:21:47:ae:3c:f0:80:b2:3e:b6:f4:35:c0:e3:3a:ca:
fb:9c:de:09:df:2d:c7:68:1b:c8:49:77:e8:5f:97:c9:a7:99:
95:ea:2a:ec
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAYPWwtgLnhFTGLqjpprW1vFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE0MTM1MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJmMDI1Y2EyODVhMzJmNWI4NGExY2EwYmVkNzJjMGEyMTM3ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCm3TE42Y1HfrXnYXFqnwPJnF0/U
ZJ9J7mppjHBRELJgpWCfq76u1YFfMSpaiPCR/yK2YM0hfIzmb0J9LW1+VR0Qc1n0
HKlvXf6+XZ9B+yripjVxWlSs7L+itYCp+bg0gL5WFP36AdSUumGwE3YwWGu+6Y8o
rarmroT3OQPIlyBqnTORYDBHlYg9I45i0rlcyRKto6l+RQ3oQB/McnDTFeQ4pwCn
Vjk1sB+HcNF+NH8c6Inl9D1pSIeA70IeqitrQDFD2aOsZmBUASa/ChsBH6fXF15F
w2rrpzHn8RRPX4s1Nmz1KN/c8KXWzIcCA9gpuE3TO6hV9pMgrc06kfWpcwIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFOq/AlyihaMvW4ShygvtcsCiE3+SMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNnI4Q1hLS0ZveTliaEtIS0MtMXl3S0lUZjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
ggMEAh8N/AMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEA1d4SAMEAVd4WAMEAVd4
YAMEAld4ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwD
BAFXeTgDBAJXeTwDBABXeUUDBAFXeWQwDAMEAFd5ZwMEAVd5aAMEAVd5cgMEAVd5
kgMEAVd5ogMEAFtcBgMEAFtcCAMEAVtcCjAMAwQAW1wNAwQAW1wQAwQAW1wVAwQC
W1wYAwQAW1xDAwQAXXsWAwQAXXsYAwQBXXsaAwQBXXseAwQAXXsnAwQCXXtEMAwD
BAJde0wDBABde1AwDAMEAF17VQMEBV17QDAMAwQEXXtwAwQBXXt0AwQAXXt3AwQA
XpwCAwQAXpwGAwQAXpwIAwQBXpxOAwQAXpyDAwQDXpyIAwQAXpyYMAwDBAFenJoD
BAFenJwDBAFenKADBAFenKgwDAMEBF6csAMEAV6ctAMEAl6c6DAMAwQAXpztAwQA
XpzuMA0GCSqGSIb3DQEBCwUAA4IBAQA04sJLidA6/WBlI7AFIQVt6aUwfRIjd2n8
ee+7SAxpQFkYfoulSPvHoTmm7Rhtf9IlKa22YNcYoTLJwz9zBR9CKnVEUSPjRM0B
R1T7/r801El1m0dMX3Oxm0FUCu0bf4E6f1pbvcLoVt/Q3Y8vZkGtUDw45yDFGO3j
xRl0bdhDSAf8bIXiNJs0Q+6RVrW26F74twZ6MB3FV1bq16c7+Hiix2h/Bh+et8Cf
OnTPnIVN/x1jPIZ9/B2C7681Pe8JdaTa5dWq+EAdTHJR0PLvaNYTbTOrSu5Xagss
dsghR6488ICyPrb0NcDjOsr7nN4J3y3HaBvISXfoX5fJp5mV6irs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org