Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8BlpOEs3yI4zj0p-3AqnMpyU8U.roa
File: G8BlpOEs3yI4zj0p-3AqnMpyU8U.roa (raw, json)
Hash identifier: pgR3xH99/QL2Oef+WenMWsFkuf2Tu6+Uu/lbSLDgn54=
Subject key identifier: 1B:C0:65:A4:E1:2C:DF:22:38:CE:3D:29:FB:70:2A:9C:CA:72:53:C5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881A1C6A1D3A8DFAB1F9AEDE0F512F44CB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8BlpOEs3yI4zj0p-3AqnMpyU8U.roa
Signing time: Sun 14 May 2023 11:54:09 +0000
ROA not before: Sun 14 May 2023 11:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.136.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.0.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.121.2.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.130.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:1c:6a:1d:3a:8d:fa:b1:f9:ae:de:0f:51:2f:44:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 14 11:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc065a4e12cdf2238ce3d29fb702a9cca7253c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:29:1e:ca:b3:be:e7:25:61:8b:43:83:17:38:
e2:de:34:8f:b3:32:8e:cf:a3:b6:7f:db:06:c4:77:
5b:1e:0a:0d:2d:04:b7:88:24:5b:4d:49:78:85:8c:
f9:5c:2a:0f:e6:0d:90:9a:8d:7d:c1:9b:d6:86:c5:
73:04:f8:28:da:1a:be:b1:64:a0:ac:f7:d0:f3:7d:
72:c4:96:d1:fc:39:1c:5c:fe:8c:fe:9f:a8:88:3b:
d2:4f:66:69:15:46:ac:36:0b:61:2e:21:fe:22:e2:
d7:ed:8e:07:b6:8c:c4:ee:3d:f0:cb:af:5b:de:5a:
4f:97:90:59:14:9f:6e:be:9c:ec:5c:a3:7e:68:1d:
92:25:59:44:b4:69:23:4a:07:d9:24:e8:e8:94:e7:
65:65:07:07:ea:02:10:20:60:63:2f:6d:00:5c:91:
aa:d3:df:bd:82:4d:89:b7:da:b1:ef:34:8a:e8:ac:
72:88:0f:53:61:0a:0d:e1:fe:00:0b:8e:86:ca:5d:
fc:8e:7d:6b:47:89:ec:69:9f:52:d7:1d:83:fc:a9:
95:52:00:55:67:c4:bb:4a:bd:1f:f6:63:47:40:93:
f0:f0:f1:41:02:21:45:d6:c4:f3:8c:a0:76:89:00:
a1:a7:f2:72:6f:3a:dd:1f:e8:db:9f:3a:70:0c:78:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C0:65:A4:E1:2C:DF:22:38:CE:3D:29:FB:70:2A:9C:CA:72:53:C5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/G8BlpOEs3yI4zj0p-3AqnMpyU8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.8.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
52:f8:39:39:6e:b1:89:0e:bd:30:c2:72:c1:c6:70:bd:e2:0f:
65:b2:37:71:33:d4:36:2a:1d:8e:4f:d8:7a:26:09:89:8d:d3:
9b:35:64:db:e6:c0:f6:76:ef:92:89:03:f8:51:e1:8f:7d:1c:
dd:d2:29:91:0f:27:b7:58:c7:08:39:f2:1c:f8:09:d3:48:ee:
38:f5:d1:6a:12:e6:a2:63:d6:ba:2a:38:4c:45:fa:7b:1f:df:
e4:90:76:5a:2a:7b:26:3f:d6:f4:de:56:65:c3:e7:a1:99:a6:
51:be:3a:42:5b:5c:cd:3c:b3:c2:6d:57:8e:93:b3:3d:de:61:
d8:e1:2f:36:dc:7c:3c:f2:2f:82:fb:84:03:ea:4e:64:e0:17:
87:c0:bc:2f:79:a6:f7:a1:74:cd:42:19:c1:d7:60:9b:27:d7:
8e:1d:04:aa:55:2d:d6:5e:05:2d:36:e6:9f:2c:4e:ed:b0:bd:
47:78:29:31:f4:77:1a:63:a2:77:3e:e2:06:e1:0c:a8:86:1b:
85:bb:51:81:f0:df:fc:5f:e4:05:59:d2:a8:57:94:d1:29:9f:
c3:78:f4:52:41:13:28:b4:25:48:be:b5:13:f4:40:0f:da:fd:
20:a4:ad:07:1a:b3:a1:ad:a5:b2:07:a8:18:57:0f:53:eb:aa:
7f:2d:b0:93
-----BEGIN CERTIFICATE-----
MIIHUDCCBjigAwIBAgISAYgaHGodOo36sfmu3g9RL0TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE0MTE1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMwNjVhNGUxMmNkZjIyMzhjZTNkMjlmYjcwMmE5Y2NhNzI1M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiykeyrO+5yVhi0ODFzji3jSPszKO
z6O2f9sGxHdbHgoNLQS3iCRbTUl4hYz5XCoP5g2Qmo19wZvWhsVzBPgo2hq+sWSg
rPfQ831yxJbR/DkcXP6M/p+oiDvST2ZpFUasNgthLiH+IuLX7Y4HtozE7j3wy69b
3lpPl5BZFJ9uvpzsXKN+aB2SJVlEtGkjSgfZJOjolOdlZQcH6gIQIGBjL20AXJGq
09+9gk2Jt9qx7zSK6KxyiA9TYQoN4f4AC46Gyl38jn1rR4nsaZ9S1x2D/KmVUgBV
Z8S7Sr0f9mNHQJPw8PFBAiFF1sTzjKB2iQChp/JybzrdH+jbnzpwDHhHoQIDAQAB
o4IEXDCCBFgwHQYDVR0OBBYEFBvAZaThLN8iOM49KftwKpzKclPFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRzhCbHBPRXMzeUk0emowcC0zQXFuTXB5VThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICcAYIKwYBBQUHAQcBAf8EggJfMIICWzCCAkgEAgABMIIC
QAMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
XPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQDBABde0AD
BABenAgDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4DBABenGID
BABenGQDBABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6crAMEAF6c
uQMEAF6cvAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAV6c+DAMAwQAXpz7AwQA
Xpz8MAwDBAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJmwMEANRJ
nTANBAIAAjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAUvg5OW6xiQ69MMJy
wcZwveIPZbI3cTPUNiodjk/YeiYJiY3TmzVk2+bA9nbvkokD+FHhj30c3dIpkQ8n
t1jHCDnyHPgJ00juOPXRahLmomPWuio4TEX6ex/f5JB2Wip7Jj/W9N5WZcPnoZmm
Ub46QltczTyzwm1XjpOzPd5h2OEvNtx8PPIvgvuEA+pOZOAXh8C8L3mm96F0zUIZ
wddgmyfXjh0EqlUt1l4FLTbmnyxO7bC9R3gpMfR3GmOidz7iBuEMqIYbhbtRgfDf
/F/kBVnSqFeU0Smfw3j0UkETKLQlSL61E/RAD9r9IKStBxqzoa2lsgeoGFcPU+uq
fy2wkw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org