Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Eg9U9BGGc_jxNwF8G038d3z58Nw.roa
File: Eg9U9BGGc_jxNwF8G038d3z58Nw.roa (raw, json)
Hash identifier: ysWxYso0wgiiFJwJZ8PJy8tPv1oU2OzprNid3AjDGqs=
Subject key identifier: 12:0F:54:F4:11:86:73:F8:F1:37:01:7C:1B:4D:FC:77:7C:F9:F0:DC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01876EDA263975A0FECB524F830C632C5691
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Eg9U9BGGc_jxNwF8G038d3z58Nw.roa
Signing time: Tue 11 Apr 2023 05:46:42 +0000
ROA not before: Tue 11 Apr 2023 05:46:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:da:26:39:75:a0:fe:cb:52:4f:83:0c:63:2c:56:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 11 05:46:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=120f54f4118673f8f137017c1b4dfc777cf9f0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:fd:5d:41:f6:2d:a8:b0:a3:7a:17:d1:88:
51:b9:d4:9a:1d:0a:0d:84:9c:a4:ea:ad:e5:fe:3e:
ed:fa:59:72:46:6d:2c:8d:1f:b0:b7:be:42:a6:21:
fc:11:d8:c5:df:db:3a:9b:fc:77:a3:bf:10:c8:55:
16:4f:fd:0e:51:d3:6b:1c:60:88:ef:ff:5a:d7:7e:
d4:ab:c4:06:1d:db:b9:81:3d:a8:cc:51:f1:56:f6:
33:fc:92:a7:5c:d5:bb:c7:40:15:6d:58:96:90:75:
33:19:f0:2b:4a:17:16:93:98:65:75:cf:67:ce:bd:
6d:0b:fb:7d:79:1e:dd:64:e7:e4:0d:fa:e1:13:2a:
bb:ec:ee:1b:fb:1b:2d:31:e8:74:a3:21:63:6a:ea:
e8:5c:d7:46:b6:84:f1:71:83:ca:05:39:3f:21:39:
98:3f:01:df:4d:d7:46:67:53:a4:95:c5:cf:98:a3:
26:30:30:b7:6c:c1:de:a9:96:c0:9a:b4:0c:ce:d9:
f6:78:45:a0:1f:e9:9d:0f:e6:14:da:13:81:50:23:
59:29:6b:1e:be:f8:5a:46:9d:b3:ce:fe:1c:61:a6:
a4:f2:5e:9f:57:5e:44:4e:f5:0d:9c:60:1f:d1:91:
c1:83:cf:3f:68:fc:9d:0e:52:39:b3:86:47:54:e4:
d2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0F:54:F4:11:86:73:F8:F1:37:01:7C:1B:4D:FC:77:7C:F9:F0:DC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Eg9U9BGGc_jxNwF8G038d3z58Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
45.9.208.0/22
45.143.100.0/22
87.120.46.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.86.0/23
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:45:64:ee:a1:e7:8b:a7:18:96:17:74:22:85:84:4e:96:50:
4d:1e:a3:2a:64:ff:ee:69:df:27:11:dc:68:96:fa:93:83:b9:
d3:8d:18:ae:d9:d6:b4:30:53:80:31:9b:e4:00:2d:70:e3:97:
d3:a7:ce:7c:21:61:14:8b:8e:ee:c3:f4:c9:da:21:9e:26:79:
bb:20:ca:ed:f9:95:f8:fc:76:f5:e5:29:d3:07:0a:06:60:2e:
95:3c:f9:b2:26:52:1f:32:81:7b:6e:e0:fc:88:12:40:c2:63:
9c:39:ce:dc:e5:dd:7a:8f:6c:44:6c:16:4d:8c:fc:d0:b5:1f:
e7:f6:c7:16:ac:4d:0b:ca:05:c1:6d:98:05:c4:1e:3a:0f:8f:
eb:74:ce:b9:cb:72:59:9c:fa:ab:e0:f0:a5:6a:76:31:96:93:
90:23:8e:69:56:70:d8:99:e2:ec:40:44:22:1b:b9:06:7f:e4:
ee:91:91:80:99:d8:4e:a4:53:f7:4d:ce:82:c6:9c:a7:0c:b9:
15:9d:1a:c4:ac:ec:69:dd:3e:27:98:b1:df:c3:81:d4:f6:cf:
9c:e7:0e:32:c4:30:bb:8c:74:c6:2b:7b:71:b8:89:6c:e2:11:
4d:a7:5f:91:ea:56:16:aa:8a:81:ba:98:eb:8c:9c:9d:03:1f:
e0:94:be:3d
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgISAYdu2iY5daD+y1JPgwxjLFaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDExMDU0NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjBmNTRmNDExODY3M2Y4ZjEzNzAxN2MxYjRkZmM3NzdjZjlmMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBr9XUH2Laiwo3oX0YhRudSaHQoN
hJyk6q3l/j7t+llyRm0sjR+wt75CpiH8EdjF39s6m/x3o78QyFUWT/0OUdNrHGCI
7/9a137Uq8QGHdu5gT2ozFHxVvYz/JKnXNW7x0AVbViWkHUzGfArShcWk5hldc9n
zr1tC/t9eR7dZOfkDfrhEyq77O4b+xstMeh0oyFjauroXNdGtoTxcYPKBTk/ITmY
PwHfTddGZ1OklcXPmKMmMDC3bMHeqZbAmrQMztn2eEWgH+mdD+YU2hOBUCNZKWse
vvhaRp2zzv4cYaak8l6fV15ETvUNnGAf0ZHBg88/aPydDlI5s4ZHVOTSzQIDAQAB
o4IDRTCCA0EwHQYDVR0OBBYEFBIPVPQRhnP48TcBfBtN/Hd8+fDcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRWc5VTlCR0djX2p4TndGOEcwMzhkM3o1OE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWQYIKwYBBQUHAQcBAf8EggFIMIIBRDCCAUAEAgABMIIB
OAMEAh8N/AMEASWLggMEAi0J0AMEAi2PZAMEAVd4LgMEAVd4YAMEAVd4wAMEAFd4
2zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgDBAFXeXIDBAFXeZID
BABXeaMDBABbXBADBAFbXBoDBABbXEMDBABdexgDBAFdexoDBAFdex4DBAJde0Qw
DAMEAl17TAMEAF17UAMEAV17VjAMAwQEXXtwAwQBXXt0AwQAXXt3AwQBXpqgAwQA
XpqtAwQAXpwCAwQAXpyYAwQBXpyaAwQBXpyoMAwDBARenLADBAFenLQwDAMEAF6c
7QMEAF6c7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAMEZ2wMEAMEvPgMEAME6
eQMEAME6ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEAP0Vk
7qHni6cYlhd0IoWETpZQTR6jKmT/7mnfJxHcaJb6k4O5040YrtnWtDBTgDGb5AAt
cOOX06fOfCFhFIuO7sP0ydohniZ5uyDK7fmV+Px29eUp0wcKBmAulTz5siZSHzKB
e27g/IgSQMJjnDnO3OXdeo9sRGwWTYz80LUf5/bHFqxNC8oFwW2YBcQeOg+P63TO
uctyWZz6q+DwpWp2MZaTkCOOaVZw2Jni7EBEIhu5Bn/k7pGRgJnYTqRT903Ogsac
pwy5FZ0axKzsad0+J5ix38OB1PbPnOcOMsQwu4x0xit7cbiJbOIRTadfkepWFqqK
gbqY64ycnQMf4JS+PQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:02 2024 by rpki-client on console-fra.rpki-client.org