Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZZLrqWEpfBBUBjtheBlH1ne33U.roa
File: 8ZZLrqWEpfBBUBjtheBlH1ne33U.roa (raw, json)
Hash identifier: VyI/f+afIozrjMmo5EVkKeEiloZOEcwg83Ons/kEeTg=
Subject key identifier: F1:96:4B:AE:A5:84:A5:F0:41:50:18:ED:85:E0:65:1F:59:DE:DF:75
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E6EA5BE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZZLrqWEpfBBUBjtheBlH1ne33U.roa
Signing time: Fri 13 May 2022 08:58:02 +0000
ROA not before: Fri 13 May 2022 08:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8866
IP address blocks: 87.120.192.0/23 maxlen: 23
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.232.0/21 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.84.0/22 maxlen: 24
93.123.80.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/21 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.72.0/21 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 22
93.123.112.0/21 maxlen: 24
87.120.32.0/22 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
91.92.8.0/21 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.136.0/21 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 510567870 (0x1e6ea5be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 13 08:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1964baea584a5f0415018ed85e0651f59dedf75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:ab:f6:7f:e8:68:6a:aa:27:a2:19:56:e5:
49:3e:3a:1b:33:8f:bd:07:7b:68:a2:d0:bd:cb:5d:
12:e2:a6:8c:84:4f:d3:9c:5d:d2:22:14:b1:3f:d5:
02:30:63:bd:a2:61:9f:ee:f3:d4:ba:aa:16:48:a1:
86:6d:57:cf:c1:af:f6:a8:c8:76:fe:17:d4:55:9d:
a7:ce:ca:fa:7b:a8:ec:a8:2a:d2:f2:cc:db:68:91:
56:f7:95:8a:5a:ea:74:2c:d0:96:0b:fa:cc:ca:24:
c2:10:1f:07:f3:70:8d:4d:0a:f7:ce:17:85:6e:99:
5d:9d:f9:e0:7f:a5:7e:70:d2:08:6f:bd:20:7b:3c:
4a:45:f2:e3:36:0a:a3:f6:a3:46:9c:9f:ac:a6:f8:
24:b0:43:6d:94:35:69:ca:a6:f4:77:32:b3:90:e5:
d3:52:9a:99:b3:e7:f2:15:51:45:6c:01:2f:18:3e:
e2:1f:95:28:75:0c:f4:2c:0f:ec:18:30:a3:92:29:
81:41:ab:85:be:6d:1d:fb:8b:02:52:81:22:28:fd:
85:6a:2a:db:f7:66:96:8e:e3:8a:71:25:37:6f:0d:
fe:b7:de:48:02:52:87:4d:6d:47:b5:b3:e3:50:b9:
e0:a6:b9:87:3b:aa:d7:3c:96:41:10:2f:05:d9:4b:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:96:4B:AE:A5:84:A5:F0:41:50:18:ED:85:E0:65:1F:59:DE:DF:75
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8ZZLrqWEpfBBUBjtheBlH1ne33U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0-87.121.105.255
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.8.0-91.92.16.255
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.81.255
93.123.84.0-93.123.95.255
93.123.112.0/21
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.136.0/21
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0/21
94.156.232.0/21
Signature Algorithm: sha256WithRSAEncryption
82:fa:2a:86:18:e6:e8:b2:e0:66:c0:a2:4e:57:7f:11:9a:16:
2c:df:b1:57:84:15:09:57:36:93:aa:0c:0c:6e:6e:b8:00:a5:
6f:5a:03:d8:7c:3f:14:8d:6b:2a:fc:6e:b1:95:2e:04:2f:28:
5c:ae:9f:b3:1d:a8:c2:7d:55:02:4f:d3:77:09:17:ba:00:57:
11:f5:87:c8:da:41:85:6c:c7:31:a2:16:1a:61:c2:1c:9a:c5:
ac:ec:53:b0:a5:5c:80:78:bf:fc:62:ef:f0:bd:44:db:2c:7c:
16:e3:7c:d0:d6:15:1d:fb:e5:a0:d7:35:a7:45:88:59:e1:60:
7f:b1:64:92:df:98:8e:36:9e:b2:23:1c:f6:b0:2d:c5:ed:22:
ff:3a:51:42:9d:dd:b7:50:ba:dc:bd:1a:37:a9:3f:52:2e:9f:
8f:e4:29:19:c0:35:c4:e0:a9:9c:b7:07:fa:37:67:7d:aa:89:
3d:c6:11:a0:22:e7:1d:55:7f:70:86:00:38:9e:1a:89:70:eb:
7a:16:c2:08:a0:d8:df:d4:1d:99:14:bf:3b:f6:53:04:38:2e:
b2:a4:f4:b4:14:a7:8f:46:3b:8c:63:35:20:10:b0:ae:0d:fa:
42:3c:5a:c1:d5:04:91:35:a4:4d:0b:68:45:df:08:f6:83:f3:
40:40:cc:32
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgIEHm6lvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
MzA4NTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE5NjRiYWVhNTg0
YTVmMDQxNTAxOGVkODVlMDY1MWY1OWRlZGY3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKu2q/Z/6GhqqieiGVblST46GzOPvQd7aKLQvctdEuKmjIRP
05xd0iIUsT/VAjBjvaJhn+7z1LqqFkihhm1Xz8Gv9qjIdv4X1FWdp87K+nuo7Kgq
0vLM22iRVveVilrqdCzQlgv6zMokwhAfB/NwjU0K984XhW6ZXZ354H+lfnDSCG+9
IHs8SkXy4zYKo/ajRpyfrKb4JLBDbZQ1acqm9Hcys5Dl01KambPn8hVRRWwBLxg+
4h+VKHUM9CwP7Bgwo5IpgUGrhb5tHfuLAlKBIij9hWoq2/dmlo7jinElN28N/rfe
SAJSh01tR7Wz41C54Ka5hzuq1zyWQRAvBdlLqIkCAwEAAaOCA18wggNbMB0GA1Ud
DgQWBBTxlkuupYSl8EFQGO2F4GUfWd7fdTAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
LzhaWkxycVdFcGZCQlVCanRoZUJsSDFuZTMzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXMGCCsGAQUFBwEHAQH/BIIBYjCCAV4wggFaBAIAATCCAVIDBAIfDfwDBAJXeCAD
BAFXeC4DBAFXeEADBAFXeEQDBANXeEgDBAFXeFgDBAFXeGADBAJXeGQDBAFXeMAw
DAMEAVd42gMEAVd43DAMAwQCV3kkAwQAV3kmAwQCV3ksAwQBV3k4AwQCV3k8AwQA
V3lFAwQBV3lkMAwDBABXeWcDBAFXeWgDBAFXeXIDBAFXeZIDBAFXeaIDBABbXAYw
DAMEA1tcCAMEAFtcEAMEAFtcFQMEAltcGAMEAFtcQwMEAF17FgMEAF17GAMEAV17
GgMEAV17HgMEAF17JwMEAl17RDAMAwQCXXtMAwQBXXtQMAwDBAJde1QDBAVde0AD
BANde3ADBABenAIDBABenAYDBABenAgDBAFenE4DBABenIMDBANenIgDBABenJgw
DAMEAV6cmgMEAV6cnAMEAV6coAMEAV6cqAMEA16csAMEA16c6DANBgkqhkiG9w0B
AQsFAAOCAQEAgvoqhhjm6LLgZsCiTld/EZoWLN+xV4QVCVc2k6oMDG5uuAClb1oD
2Hw/FI1rKvxusZUuBC8oXK6fsx2own1VAk/TdwkXugBXEfWHyNpBhWzHMaIWGmHC
HJrFrOxTsKVcgHi//GLv8L1E2yx8FuN80NYVHfvloNc1p0WIWeFgf7Fkkt+Yjjae
siMc9rAtxe0i/zpRQp3dt1C63L0aN6k/Ui6fj+QpGcA1xOCpnLcH+jdnfaqJPcYR
oCLnHVV/cIYAOJ4aiXDrehbCCKDY39QdmRS/O/ZTBDgusqT0tBSnj0Y7jGM1IBCw
rg36QjxawdUEkTWkTQtoRd8I9oPzQEDMMg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org