Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8zR8PYLrm8HEviIc63la2Dp-2b8.roa
File: 8zR8PYLrm8HEviIc63la2Dp-2b8.roa (raw, json)
Hash identifier: ZcodNlqkvnXq+usPWssyTbcwR3qDF+AuVBlZdSg8m9E=
Subject key identifier: F3:34:7C:3D:82:EB:9B:C1:C4:BE:22:1C:EB:79:5A:D8:3A:7E:D9:BF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183DA58322E17DF83D275EE126DA7D1CB43
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8zR8PYLrm8HEviIc63la2Dp-2b8.roa
Signing time: Sat 15 Oct 2022 06:32:36 +0000
ROA not before: Sat 15 Oct 2022 06:32:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8866
IP address blocks: 87.120.192.0/23 maxlen: 23
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.232.0/22 maxlen: 24
94.156.236.0/22 maxlen: 24
94.156.234.0/23 maxlen: 24
94.156.238.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.72.0/21 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 22
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.10.0/23 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.14.0/23 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.136.0/21 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:da:58:32:2e:17:df:83:d2:75:ee:12:6d:a7:d1:cb:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 15 06:32:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3347c3d82eb9bc1c4be221ceb795ad83a7ed9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:32:52:a8:be:f9:fb:af:1e:3b:4f:fc:0b:a1:
d8:36:2a:aa:54:bd:22:df:b0:37:d9:c4:97:9a:64:
20:e7:3d:05:7a:f0:aa:c8:c6:45:96:eb:2a:c3:91:
c8:25:f4:49:97:fa:94:02:85:bd:8c:32:a5:7d:ab:
13:cf:84:a0:1d:46:47:16:ee:0a:e6:2f:9a:e8:da:
91:01:39:ec:bc:14:fa:24:29:ab:6e:ae:ec:f2:f8:
ec:f8:0b:78:58:20:76:23:e6:f9:05:fe:91:ff:17:
a0:40:8a:12:5f:0f:be:70:c5:d3:da:e3:a2:f4:9e:
77:a2:ab:87:74:d8:d3:6c:75:2f:78:a7:b7:79:b8:
eb:45:21:ba:ff:39:26:42:e3:9e:d6:8b:66:1c:01:
ad:59:96:71:83:94:59:a2:44:9e:d8:a9:04:88:d6:
62:b6:75:88:9f:2e:3d:cf:3f:7d:25:ba:c2:e4:35:
ad:23:b3:a9:1f:3a:b7:4d:05:bd:70:d9:1d:7c:aa:
e6:8d:48:4a:34:4c:89:9f:fc:2d:a2:6b:17:be:cb:
7f:2b:60:80:21:11:ca:3f:b5:c2:c2:a5:cb:dd:d4:
34:b7:45:08:3c:9b:b2:4d:10:b6:f8:9d:7e:f1:a0:
a5:18:14:29:47:21:fc:e0:a5:e2:2b:f7:b1:87:37:
ab:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:7C:3D:82:EB:9B:C1:C4:BE:22:1C:EB:79:5A:D8:3A:7E:D9:BF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8zR8PYLrm8HEviIc63la2Dp-2b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0-87.121.105.255
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.8.0/24
91.92.10.0/23
91.92.13.0-91.92.16.255
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.95.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.136.0/21
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.232.0/21
Signature Algorithm: sha256WithRSAEncryption
73:1d:2d:5e:de:f4:c6:4d:be:23:61:7f:48:72:98:96:8d:92:
af:1f:ca:5a:c2:95:c0:58:aa:ce:d7:8d:9b:a1:88:e2:10:30:
4f:2a:aa:b5:7b:8f:e2:31:94:1f:74:6d:9a:88:fa:ab:ed:3b:
07:23:de:bf:8f:9c:63:a7:a1:55:86:2a:70:aa:3c:c5:24:8a:
20:79:85:78:44:fd:7a:ff:cb:58:fe:98:3b:2e:77:16:34:28:
39:0e:ff:c6:ac:57:15:37:05:09:b7:b4:6e:a2:35:4b:d2:4a:
51:11:10:b7:14:1b:fc:e3:45:9b:fd:a6:2c:d4:77:9d:94:21:
c8:0b:36:90:2d:69:9f:0a:f9:a0:58:2b:0c:98:8f:8d:0e:3e:
a1:f3:cf:11:b1:4c:22:5f:f6:88:25:9e:a0:27:ec:38:37:d4:
22:07:35:1b:3d:48:0d:3f:3f:b5:b3:d6:49:b7:84:2e:65:ea:
96:9b:d3:3b:cd:d4:24:a0:a0:96:19:85:b5:af:5a:e5:72:ab:
20:4a:bb:8a:e2:fb:4e:70:04:fe:b4:11:35:d8:91:2e:ce:59:
4d:79:7b:5d:02:08:1a:25:3b:7f:2c:a0:8b:ab:43:dd:c6:12:
1e:3c:f2:7a:52:c3:5d:5d:25:11:ad:c0:3a:f7:27:b4:0a:25:
bd:41:ba:1f
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgISAYPaWDIuF9+D0nXuEm2n0ctDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE1MDYzMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM0N2MzZDgyZWI5YmMxYzRiZTIyMWNlYjc5NWFkODNhN2VkOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzJSqL75+68eO0/8C6HYNiqqVL0i
37A32cSXmmQg5z0FevCqyMZFlusqw5HIJfRJl/qUAoW9jDKlfasTz4SgHUZHFu4K
5i+a6NqRATnsvBT6JCmrbq7s8vjs+At4WCB2I+b5Bf6R/xegQIoSXw++cMXT2uOi
9J53oquHdNjTbHUveKe3ebjrRSG6/zkmQuOe1otmHAGtWZZxg5RZokSe2KkEiNZi
tnWIny49zz99JbrC5DWtI7OpHzq3TQW9cNkdfKrmjUhKNEyJn/wtomsXvst/K2CA
IRHKP7XCwqXL3dQ0t0UIPJuyTRC2+J1+8aClGBQpRyH84KXiK/exhzertQIDAQAB
o4IDgTCCA30wHQYDVR0OBBYEFPM0fD2C65vBxL4iHOt5Wtg6ftm/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOHpSOFBZTHJtOEhFdmlJYzYzbGEyRHAtMmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlQYIKwYBBQUHAQcBAf8EggGEMIIBgDCCAXwEAgABMIIB
dAMEAh8N/AMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEA1d4SAMEAVd4WAMEAVd4
YAMEAld4ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwD
BAFXeTgDBAJXeTwDBABXeUUDBAFXeWQwDAMEAFd5ZwMEAVd5aAMEAVd5cgMEAVd5
kgMEAVd5ogMEAFtcBgMEAFtcCAMEAVtcCjAMAwQAW1wNAwQAW1wQAwQAW1wVAwQC
W1wYAwQAW1xDAwQAXXsWAwQAXXsYAwQBXXsaAwQBXXseAwQAXXsnAwQCXXtEMAwD
BAJde0wDBABde1AwDAMEAF17VQMEBV17QDAMAwQEXXtwAwQBXXt0AwQAXXt3AwQA
XpwCAwQAXpwGAwQAXpwIAwQBXpxOAwQAXpyDAwQDXpyIAwQAXpyYMAwDBAFenJoD
BAFenJwDBAFenKADBAFenKgwDAMEBF6csAMEAV6ctAMEA16c6DANBgkqhkiG9w0B
AQsFAAOCAQEAcx0tXt70xk2+I2F/SHKYlo2Srx/KWsKVwFiqzteNm6GI4hAwTyqq
tXuP4jGUH3Rtmoj6q+07ByPev4+cY6ehVYYqcKo8xSSKIHmFeET9ev/LWP6YOy53
FjQoOQ7/xqxXFTcFCbe0bqI1S9JKUREQtxQb/ONFm/2mLNR3nZQhyAs2kC1pnwr5
oFgrDJiPjQ4+ofPPEbFMIl/2iCWeoCfsODfUIgc1Gz1IDT8/tbPWSbeELmXqlpvT
O83UJKCglhmFta9a5XKrIEq7iuL7TnAE/rQRNdiRLs5ZTXl7XQIIGiU7fyygi6tD
3cYSHjzyelLDXV0lEa3AOvcntAolvUG6Hw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:38 2023 by rpki-client on console-fra.rpki-client.org