Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L1gUZ_FqsI45kCvveNIZiNF18kM.roa
File: L1gUZ_FqsI45kCvveNIZiNF18kM.roa (raw, json)
Hash identifier: 5ClHzOFv4TXy2dqf7pE/vrgXx6omwIJ2GFQjHHk58Jg=
Subject key identifier: 2F:58:14:67:F1:6A:B0:8E:39:90:2B:EF:78:D2:19:88:D1:75:F2:43
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185CE48DF4F5773F0092EB88E13821D4965
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L1gUZ_FqsI45kCvveNIZiNF18kM.roa
Signing time: Fri 20 Jan 2023 08:26:00 +0000
ROA not before: Fri 20 Jan 2023 08:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:48:df:4f:57:73:f0:09:2e:b8:8e:13:82:1d:49:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 20 08:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f581467f16ab08e39902bef78d21988d175f243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cd:9f:e1:9b:e4:4f:2b:e9:45:7c:f1:ed:aa:
e0:95:d0:cf:bd:99:8e:3a:6b:ba:b5:00:9f:8c:cc:
1f:8f:ff:6d:ed:a8:0e:d5:b0:01:bd:2c:c2:a7:84:
5b:b4:38:16:50:f6:03:99:75:51:ac:2a:b7:21:30:
7d:76:2b:9a:d9:dd:74:70:78:00:e1:3a:26:fc:a2:
9e:ae:58:86:89:53:d4:9b:fb:6b:3d:52:f2:13:9e:
3d:7c:1f:83:79:5b:e2:44:c4:e9:21:5f:b6:3e:ea:
a9:68:99:c4:2a:ef:d9:7a:56:a4:e1:37:27:b0:b1:
89:b9:4e:4b:f3:2b:32:fb:43:18:10:56:d8:40:0b:
61:af:00:44:67:50:04:8c:76:40:56:28:7f:38:f7:
3c:2b:65:7e:c0:31:e8:61:33:7d:15:a1:fa:56:4c:
54:f3:b2:31:15:83:7c:97:00:25:8e:98:db:39:33:
19:43:aa:97:c4:46:71:63:0b:64:20:e2:73:3a:8f:
fc:aa:76:ca:34:5b:98:38:df:09:a7:51:89:a8:c4:
84:9d:2c:53:13:24:08:26:eb:ef:99:43:b9:ed:07:
58:19:19:e7:6b:51:43:0a:7f:97:ef:f1:f0:78:f1:
2b:d3:c0:0b:61:ad:dd:b7:f3:72:05:30:1f:a5:f5:
bf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:58:14:67:F1:6A:B0:8E:39:90:2B:EF:78:D2:19:88:D1:75:F2:43
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L1gUZ_FqsI45kCvveNIZiNF18kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.69.0/24
87.121.103.0/24
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.87.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.236.0/24
178.215.238.0/24
185.252.177.0/24
193.25.219.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
79:1c:d0:ff:88:5d:ec:22:1d:0a:49:00:41:b3:50:9f:ae:68:
37:c8:88:7a:63:27:26:fa:45:ea:ca:20:e2:f0:f5:0f:29:2f:
72:7d:66:6e:74:8f:5a:6b:b6:b9:20:a8:8b:87:22:2b:45:d5:
b9:82:c3:e6:8e:71:22:9f:64:cd:63:ba:35:1a:1f:0f:25:79:
c5:63:c5:34:c5:3d:be:e9:7b:cd:b6:24:ee:b9:0d:f3:89:6a:
42:21:df:61:1c:41:be:01:58:00:b8:19:b8:e9:f5:19:1d:fd:
af:b9:ff:dd:f5:0d:62:4e:37:7b:05:db:af:3f:83:59:eb:dd:
de:7d:04:ac:35:f8:ea:89:9b:39:ef:6a:66:41:81:df:4e:bc:
e6:55:92:32:b3:ec:92:7f:63:02:3d:62:b0:85:3a:da:76:3e:
59:aa:e8:58:fc:36:33:0a:f9:80:ea:24:e1:9c:97:88:cb:0d:
9d:16:2a:c6:da:f5:ec:33:76:68:5e:52:d1:82:ef:7c:88:0f:
7b:00:bd:27:bd:b8:48:ee:fc:08:9b:42:10:03:e6:8b:d4:b7:
2c:a0:b2:b2:7c:b8:b9:d5:55:8a:d6:bc:66:0c:04:c5:d7:ad:
80:1c:21:a5:11:47:02:a0:ff:3f:c3:cd:8e:9e:10:ca:f2:76:
29:db:36:e2
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgISAYXOSN9PV3PwCS64jhOCHUllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTIwMDgyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU4MTQ2N2YxNmFiMDhlMzk5MDJiZWY3OGQyMTk4OGQxNzVmMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl82f4ZvkTyvpRXzx7argldDPvZmO
Omu6tQCfjMwfj/9t7agO1bABvSzCp4RbtDgWUPYDmXVRrCq3ITB9diua2d10cHgA
4Tom/KKerliGiVPUm/trPVLyE549fB+DeVviRMTpIV+2PuqpaJnEKu/Zelak4Tcn
sLGJuU5L8ysy+0MYEFbYQAthrwBEZ1AEjHZAVih/OPc8K2V+wDHoYTN9FaH6VkxU
87IxFYN8lwAljpjbOTMZQ6qXxEZxYwtkIOJzOo/8qnbKNFuYON8Jp1GJqMSEnSxT
EyQIJuvvmUO57QdYGRnna1FDCn+X7/HwePEr08ALYa3dt/NyBTAfpfW/7QIDAQAB
o4IDZTCCA2EwHQYDVR0OBBYEFC9YFGfxarCOOZAr73jSGYjRdfJDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTDFnVVpfRnFzSTQ1a0N2dmVOSVppTkYxOGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBeQYIKwYBBQUHAQcBAf8EggFoMIIBZDCCAWAEAgABMIIB
WAMEAh8N/AMEASWLggMEAld4IAMEAVd4LgMEAVd4QAMEAVd4YAMEAld4ZAMEAVd4
wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeTwDBABXeUUDBABXeWcD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17UDAMAwQAXXtVAwQD
XXtQMAwDBARde3ADBAFde3QDBABde3cDBAFemqADBABemq0DBABenAIDBABenAgD
BAFenE4DBABenIMDBAFenJoDBAFenKgwDAMEBF6csAMEAV6ctDAMAwQAXpztAwQA
XpzuAwQAstfsAwQAstfuAwQAufyxAwQAwRnbAwQAwTp5AwQAwTp7AwQAwjD5AwQA
wjfiAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQB5HND/iF3sIh0KSQBBs1Cfrmg3
yIh6Yycm+kXqyiDi8PUPKS9yfWZudI9aa7a5IKiLhyIrRdW5gsPmjnEin2TNY7o1
Gh8PJXnFY8U0xT2+6XvNtiTuuQ3ziWpCId9hHEG+AVgAuBm46fUZHf2vuf/d9Q1i
Tjd7BduvP4NZ693efQSsNfjqiZs572pmQYHfTrzmVZIys+ySf2MCPWKwhTradj5Z
quhY/DYzCvmA6iThnJeIyw2dFirG2vXsM3ZoXlLRgu98iA97AL0nvbhI7vwIm0IQ
A+aL1LcsoLKyfLi51VWK1rxmDATF162AHCGlEUcCoP8/w82OnhDK8nYp2zbi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:30 2024 by rpki-client on console-ams.rpki-client.org