Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmpmF7ebnvbEQq-33LOKBsuy12s.roa
File: CmpmF7ebnvbEQq-33LOKBsuy12s.roa (raw, json)
Hash identifier: ebU3dOl6Gb1LXsMpp1sg82EHHPXNEagYILBcWZ3iAK8=
Subject key identifier: 0A:6A:66:17:B7:9B:9E:F6:C4:42:AF:B7:DC:B3:8A:06:CB:B2:D7:6B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E54ADE1B5BC092BB171759381589B6A0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmpmF7ebnvbEQq-33LOKBsuy12s.roa
Signing time: Mon 17 Oct 2022 09:33:52 +0000
ROA not before: Mon 17 Oct 2022 09:33:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 87.120.192.0/23 maxlen: 23
87.120.192.0/24 maxlen: 24
87.120.193.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.169.0/24 maxlen: 24
94.156.168.0/24 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
87.120.64.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.69.0/24 maxlen: 24
87.120.65.0/24 maxlen: 24
87.120.72.0/21 maxlen: 21
87.120.77.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.97.0/24 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.96.0/24 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.46.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
87.120.47.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.157.0/24 maxlen: 24
94.156.156.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.147.0/24 maxlen: 24
87.121.146.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
31.13.252.0/24 maxlen: 24
31.13.252.0/22 maxlen: 22
31.13.253.0/24 maxlen: 24
31.13.254.0/24 maxlen: 24
31.13.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:4a:de:1b:5b:c0:92:bb:17:17:59:38:15:89:b6:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 09:33:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a6a6617b79b9ef6c442afb7dcb38a06cbb2d76b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4a:12:ba:69:9f:07:76:77:13:7f:eb:0a:60:
e0:7b:7d:11:52:b3:a8:98:74:af:60:b9:4a:1b:e7:
25:cb:2e:70:86:3b:3b:42:80:43:75:54:b9:d3:76:
0e:a0:88:5d:13:57:2f:81:65:0f:f5:cb:9c:e1:4d:
06:b2:b8:03:c1:03:86:06:fc:75:87:ef:5d:d2:a1:
bc:95:c7:e6:c5:15:ea:55:84:1b:8a:86:12:e1:1f:
2a:dd:28:67:2b:fe:d8:29:9e:d1:a0:90:7d:6e:ee:
c8:57:6c:05:4f:f5:25:05:55:84:fa:53:80:77:21:
6c:f5:f1:e6:0e:92:28:ee:f7:8a:84:c4:cd:55:38:
2f:5e:d9:61:bb:0b:ef:8a:7f:98:34:b7:7d:ab:87:
a8:8f:7e:de:55:dc:13:f1:72:58:80:36:5c:03:28:
d2:a7:45:08:c5:d6:5b:64:4c:0c:e2:10:79:95:96:
c4:f7:de:5d:19:c8:66:b4:b9:2c:59:de:c2:d8:71:
21:ff:60:6e:c0:94:80:19:ea:2d:18:0a:94:8d:ca:
71:82:90:8e:c7:0a:a5:4a:22:6d:1f:96:d3:09:3b:
6b:59:80:33:e3:f8:a4:d2:49:c9:82:3e:56:07:1a:
6e:55:48:be:3b:59:94:68:85:ec:3f:66:63:89:6b:
9e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6A:66:17:B7:9B:9E:F6:C4:42:AF:B7:DC:B3:8A:06:CB:B2:D7:6B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CmpmF7ebnvbEQq-33LOKBsuy12s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.192.0/23
87.121.38.0/24
87.121.100.0/23
87.121.104.0/23
87.121.146.0/23
93.123.85.0-93.123.95.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.131.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
Signature Algorithm: sha256WithRSAEncryption
14:40:e4:d1:7c:73:4f:e4:29:1c:d2:2f:7f:12:62:05:1a:f7:
fb:66:42:0d:b4:b1:f3:f4:1b:2d:96:71:98:6a:e1:35:c2:8c:
66:af:67:0e:84:a3:ca:fa:a9:3a:cd:78:80:73:96:88:eb:70:
bd:56:da:b5:7b:b8:ac:ba:79:5c:1f:c8:58:37:b7:07:54:9a:
07:7e:62:80:68:c8:a6:9e:ce:3d:cb:c8:7e:7d:3e:2a:08:27:
91:51:c2:24:5a:f3:a8:d6:05:13:7e:ae:4e:bd:a9:af:f0:21:
2b:d8:85:b4:01:f1:39:33:4a:bc:88:6a:1c:ee:6f:bf:c3:e7:
96:be:a0:a4:57:40:9e:88:02:f3:2b:48:74:01:70:b4:35:93:
7e:84:15:94:a4:0f:cf:05:c0:44:cc:5b:c5:dd:8b:73:ca:b1:
67:74:d7:f6:1e:00:5f:6f:ce:82:18:10:57:d7:fc:30:05:32:
f4:84:fc:f8:e1:da:38:9b:e1:82:e5:cf:44:bb:88:2f:d9:5f:
e2:55:57:a8:a1:ce:d2:b1:9d:91:44:e5:6a:3d:03:e3:e7:c7:
d5:c9:b3:39:d2:38:98:08:c0:40:44:0c:f6:ae:ad:1b:e8:44:
63:c7:98:2a:45:06:a0:52:0c:65:46:56:b0:d7:80:f5:31:bb:
81:f2:32:35
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYPlSt4bW8CSuxcXWTgVibagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MDkzMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZhNjYxN2I3OWI5ZWY2YzQ0MmFmYjdkY2IzOGEwNmNiYjJkNzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0oSummfB3Z3E3/rCmDge30RUrOo
mHSvYLlKG+clyy5whjs7QoBDdVS503YOoIhdE1cvgWUP9cuc4U0GsrgDwQOGBvx1
h+9d0qG8lcfmxRXqVYQbioYS4R8q3ShnK/7YKZ7RoJB9bu7IV2wFT/UlBVWE+lOA
dyFs9fHmDpIo7veKhMTNVTgvXtlhuwvvin+YNLd9q4eoj37eVdwT8XJYgDZcAyjS
p0UIxdZbZEwM4hB5lZbE995dGchmtLksWd7C2HEh/2BuwJSAGeotGAqUjcpxgpCO
xwqlSiJtH5bTCTtrWYAz4/ik0knJgj5WBxpuVUi+O1mUaIXsP2ZjiWueEQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFApqZhe3m572xEKvt9yzigbLstdrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ21wbUY3ZWJudmJFUXEtMzNMT0tCc3V5MTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAIf
DfwDBAFXeC4DBAFXeEADBAFXeEQDBANXeEgDBAFXeFgDBAFXeGADBAFXeMADBABX
eSYDBAFXeWQDBAFXeWgDBAFXeZIwDAMEAF17VQMEBV17QDAMAwQEXXtwAwQBXXt0
AwQAXXt3AwQAXpyDMAwDBAFenJoDBAFenJwDBAFenKADBAFenKgwDAMEBF6csAME
AV6ctDAMAwQAXpztAwQAXpzuMA0GCSqGSIb3DQEBCwUAA4IBAQAUQOTRfHNP5Ckc
0i9/EmIFGvf7ZkINtLHz9BstlnGYauE1woxmr2cOhKPK+qk6zXiAc5aI63C9Vtq1
e7isunlcH8hYN7cHVJoHfmKAaMimns49y8h+fT4qCCeRUcIkWvOo1gUTfq5Ovamv
8CEr2IW0AfE5M0q8iGoc7m+/w+eWvqCkV0CeiALzK0h0AXC0NZN+hBWUpA/PBcBE
zFvF3YtzyrFndNf2HgBfb86CGBBX1/wwBTL0hPz44do4m+GC5c9Eu4gv2V/iVVeo
oc7SsZ2RROVqPQPj58fVybM50jiYCMBARAz2rq0b6ERjx5gqRQagUgxlRlaw14D1
MbuB8jI1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:33 2023 by rpki-client on console-ams.rpki-client.org