Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FZYAbJ3qfm56P_5KnqqWEW4AYoo.roa
File: FZYAbJ3qfm56P_5KnqqWEW4AYoo.roa (raw, json)
Hash identifier: lMSxuumNE2maDDbD51zN4PKoag3vNyROu4b4r851Q8o=
Subject key identifier: 15:96:00:6C:9D:EA:7E:6E:7A:3F:FE:4A:9E:AA:96:11:6E:00:62:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01869D9407587DE5342B080EADF9E6038099
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FZYAbJ3qfm56P_5KnqqWEW4AYoo.roa
Signing time: Wed 01 Mar 2023 14:29:29 +0000
ROA not before: Wed 01 Mar 2023 14:29:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:94:07:58:7d:e5:34:2b:08:0e:ad:f9:e6:03:80:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 1 14:29:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1596006c9dea7e6e7a3ffe4a9eaa96116e00628a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:02:48:d3:62:31:96:6a:e3:65:57:5c:03:
22:56:9c:4c:a3:e3:bc:1e:a2:5e:6d:f9:c9:f8:e3:
af:8f:bf:90:5a:94:31:73:91:d9:b9:72:3d:89:b8:
60:97:3d:8c:94:34:92:ee:32:d6:88:09:cb:89:e8:
52:18:3d:ba:92:b8:e3:44:11:37:ee:52:03:76:32:
2b:c7:55:8e:49:71:df:70:5e:02:97:6b:a8:0d:40:
d1:91:7f:cb:2c:fe:59:aa:1d:08:57:39:cc:2a:67:
49:57:48:f4:6f:2c:fd:5c:a3:2e:40:25:f3:6e:cb:
bd:e8:93:c4:3b:cc:c8:0d:bc:10:a6:73:65:4e:eb:
85:47:5c:18:ab:f3:d0:64:27:78:4f:4a:bf:aa:db:
f2:a4:02:51:e0:d8:88:f5:f4:e6:68:0e:55:9a:10:
be:de:a2:16:9a:10:9b:dc:24:12:bf:a3:07:db:81:
fa:d8:09:03:74:fa:fd:9a:42:8b:e5:c1:d7:8d:e8:
9f:c0:2d:29:7f:df:43:b4:b1:47:e8:81:4e:2e:3e:
bf:c2:8d:48:bb:0a:7d:9f:99:b2:20:8d:5d:d9:e2:
27:f1:0b:80:4d:f1:48:26:3f:8d:b8:a2:27:1c:1c:
86:9c:23:d0:2b:f4:d0:a5:d6:69:03:7e:61:4c:62:
91:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:96:00:6C:9D:EA:7E:6E:7A:3F:FE:4A:9E:AA:96:11:6E:00:62:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FZYAbJ3qfm56P_5KnqqWEW4AYoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
45.9.208.0/22
45.143.100.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.86.0/23
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
12:78:8a:1a:5e:f5:08:dd:2f:fa:57:42:17:31:ca:ef:c3:36:
98:a1:ca:15:4f:3b:23:cd:4b:19:b7:75:83:19:d1:93:64:7a:
2a:82:61:89:b3:7f:ce:91:8d:3c:c2:f2:7e:49:df:ef:6d:54:
cf:f7:d1:e7:c8:be:00:d1:ab:14:94:d7:7f:95:e7:48:73:e3:
c9:71:e0:a3:2a:c1:6a:c9:9c:9e:e4:e9:63:42:ff:8f:58:6d:
3c:0b:38:8d:a2:9e:78:5e:99:47:f4:24:60:0d:ad:6f:87:ed:
74:f9:a1:03:5b:a9:d6:97:ac:f4:d4:09:11:5e:2d:b7:38:29:
30:59:82:f5:a0:f1:4d:f2:3b:f2:60:20:0f:ad:e2:7e:74:85:
9d:27:5d:48:a3:df:2e:7f:f2:0a:98:9d:25:57:5a:22:9d:48:
89:a0:a1:2a:1a:e3:e8:cb:0c:d0:37:15:5e:9d:80:02:6c:30:
02:72:d6:3d:7a:94:a3:d9:dc:c8:d1:36:f2:9f:e0:6e:8b:64:
27:a2:73:f6:74:27:6b:b7:05:27:ae:81:3d:f9:7e:94:d3:68:
8e:d4:19:18:83:07:a2:c1:a8:b1:8b:f8:db:04:7a:d9:60:f6:
46:1e:3c:b0:e0:d8:3e:e3:3b:1d:24:cc:11:9d:6a:7e:ad:4c:
e0:a1:09:22
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAYadlAdYfeU0KwgOrfnmA4CZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzAxMTQyOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTk2MDA2YzlkZWE3ZTZlN2EzZmZlNGE5ZWFhOTYxMTZlMDA2MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX0CSNNiMZZq42VXXAMiVpxMo+O8
HqJebfnJ+OOvj7+QWpQxc5HZuXI9ibhglz2MlDSS7jLWiAnLiehSGD26krjjRBE3
7lIDdjIrx1WOSXHfcF4Cl2uoDUDRkX/LLP5Zqh0IVznMKmdJV0j0byz9XKMuQCXz
bsu96JPEO8zIDbwQpnNlTuuFR1wYq/PQZCd4T0q/qtvypAJR4NiI9fTmaA5VmhC+
3qIWmhCb3CQSv6MH24H62AkDdPr9mkKL5cHXjeifwC0pf99DtLFH6IFOLj6/wo1I
uwp9n5myII1d2eIn8QuATfFIJj+NuKInHByGnCPQK/TQpdZpA35hTGKRVwIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFBWWAGyd6n5uej/+Sp6qlhFuAGKKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRlpZQWJKM3FmbTU2UF81S25xcVdFVzRBWW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAh8N/AMEASWLggMEAi0J0AMEAi2PZAMEAld4IAMEAVd4LgMEAVd4QAMEAVd4
YAMEAVd4wAMEAFd42zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17UAMEAV17VjAMAwQE
XXtwAwQBXXt0AwQAXXt3AwQBXpqgAwQAXpqtAwQAXpwCAwQAXpwIAwQBXpxOAwQA
XpyDAwQAXpyYAwQBXpyaAwQBXpyoMAwDBARenLADBAFenLQwDAMEAF6c7QMEAF6c
7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAMEZ2wMEAMEvPgMEAME6eQMEAME6
ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEAEniKGl71CN0v
+ldCFzHK78M2mKHKFU87I81LGbd1gxnRk2R6KoJhibN/zpGNPMLyfknf721Uz/fR
58i+ANGrFJTXf5XnSHPjyXHgoyrBasmcnuTpY0L/j1htPAs4jaKeeF6ZR/QkYA2t
b4ftdPmhA1up1pes9NQJEV4ttzgpMFmC9aDxTfI78mAgD63ifnSFnSddSKPfLn/y
CpidJVdaIp1IiaChKhrj6MsM0DcVXp2AAmwwAnLWPXqUo9ncyNE28p/gbotkJ6Jz
9nQna7cFJ66BPfl+lNNojtQZGIMHosGosYv42wR62WD2Rh48sODYPuM7HSTMEZ1q
fq1M4KEJIg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org