Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NdsaYyq_SM9y0lu-pUGiaQTVwK8.roa
File: NdsaYyq_SM9y0lu-pUGiaQTVwK8.roa (raw, json)
Hash identifier: CacwqqZKExVbkTUsuJbG0U4JicxBEZvQDwpypKIbLzA=
Subject key identifier: 35:DB:1A:63:2A:BF:48:CF:72:D2:5B:BE:A5:41:A2:69:04:D5:C0:AF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187E1B3169B9D2E51005FF107321766311B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NdsaYyq_SM9y0lu-pUGiaQTVwK8.roa
Signing time: Wed 03 May 2023 13:00:23 +0000
ROA not before: Wed 03 May 2023 13:00:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.136.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.0.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.121.2.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.130.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:b3:16:9b:9d:2e:51:00:5f:f1:07:32:17:66:31:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 3 13:00:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35db1a632abf48cf72d25bbea541a26904d5c0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cb:0c:30:28:b3:2b:61:80:46:72:f5:f7:a1:
3c:85:83:04:51:1a:3c:75:d6:a6:9c:fe:0f:20:f5:
16:4e:64:82:af:b1:40:ca:7b:ea:5e:9b:ac:4d:64:
6f:a5:68:8b:9d:87:27:1f:d1:17:b6:f8:43:91:b8:
db:34:2a:2b:87:98:2e:c0:a7:9c:74:56:cb:e6:73:
93:8e:f4:1f:6b:01:8b:14:54:a0:a4:5c:04:32:a1:
d3:3f:3a:cb:34:af:89:12:9d:8a:82:18:94:22:b3:
57:00:ef:8d:8a:b7:50:e2:ae:c9:f8:40:63:3e:99:
f1:14:98:8c:cf:d8:23:72:81:69:99:5c:f6:f4:d4:
c0:aa:1b:78:53:e0:61:df:33:6d:d4:16:c9:e3:03:
a1:9f:e2:98:6b:a1:93:6d:d4:a3:70:e6:66:e9:90:
13:39:aa:be:08:d0:50:70:29:79:38:2a:64:e2:81:
5b:30:56:3b:eb:a7:e0:1b:a9:f2:71:79:b4:1d:93:
6b:a0:8d:0d:bd:14:71:ad:ba:54:59:db:e3:69:a7:
fc:89:35:3c:c1:13:c0:31:ff:4d:a0:bd:d4:d6:18:
fe:4d:da:ab:70:19:57:ed:cc:a5:61:be:41:65:8f:
70:4d:92:84:c6:73:6a:c3:cb:f7:ca:79:26:bb:43:
8a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DB:1A:63:2A:BF:48:CF:72:D2:5B:BE:A5:41:A2:69:04:D5:C0:AF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NdsaYyq_SM9y0lu-pUGiaQTVwK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
3d:fc:70:e2:2c:a2:fe:2f:69:27:4a:b2:d3:d3:59:52:7f:62:
9a:3a:fb:7a:b1:fd:30:87:31:7d:15:7a:b9:45:94:dd:01:d1:
34:b8:82:43:dd:b2:0e:88:e0:55:fb:d7:26:d2:68:77:70:c5:
65:5f:77:27:33:6c:50:b8:48:af:44:c7:2a:24:b3:4b:eb:3e:
be:d0:8e:70:f6:c6:ad:e9:ab:d3:40:73:b7:aa:ea:5a:97:14:
c0:20:7c:3f:bb:38:24:d8:42:69:f1:2d:63:f6:32:b2:c2:66:
b7:f4:7e:6e:4e:70:2b:43:96:b5:43:44:26:8b:dd:24:9c:43:
47:7c:f7:19:99:de:cf:d2:0e:3c:73:e0:37:97:87:dd:7b:c4:
6d:d4:eb:a0:8e:bc:db:53:79:37:a6:df:0b:c7:2a:2b:87:6f:
3e:b3:41:5a:bb:c8:2a:eb:30:35:9d:52:70:ac:5c:5a:41:4e:
56:73:41:99:be:21:76:24:79:a2:8f:5f:55:49:9e:70:0c:e1:
40:a4:97:9a:9c:8a:99:4e:ab:25:ff:c7:75:fe:cd:63:3e:06:
07:a3:16:7e:74:c4:de:2b:57:05:7b:f4:5a:e9:af:ea:87:c4:
e0:48:ef:96:04:99:6d:09:97:d7:bc:d1:6b:2e:43:25:05:fb:
58:66:99:95
-----BEGIN CERTIFICATE-----
MIIHSjCCBjKgAwIBAgISAYfhsxabnS5RAF/xBzIXZjEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTAzMTMwMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRiMWE2MzJhYmY0OGNmNzJkMjViYmVhNTQxYTI2OTA0ZDVjMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMsMMCizK2GARnL196E8hYMEURo8
ddamnP4PIPUWTmSCr7FAynvqXpusTWRvpWiLnYcnH9EXtvhDkbjbNCorh5guwKec
dFbL5nOTjvQfawGLFFSgpFwEMqHTPzrLNK+JEp2KghiUIrNXAO+NirdQ4q7J+EBj
PpnxFJiMz9gjcoFpmVz29NTAqht4U+Bh3zNt1BbJ4wOhn+KYa6GTbdSjcOZm6ZAT
Oaq+CNBQcCl5OCpk4oFbMFY766fgG6nycXm0HZNroI0NvRRxrbpUWdvjaaf8iTU8
wRPAMf9NoL3U1hj+TdqrcBlX7cylYb5BZY9wTZKExnNqw8v3ynkmu0OKZwIDAQAB
o4IEVjCCBFIwHQYDVR0OBBYEFDXbGmMqv0jPctJbvqVBomkE1cCvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTmRzYVl5cV9TTTl5MGx1LXBVR2lhUVRWd0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICagYIKwYBBQUHAQcBAf8EggJZMIICVTCCAkIEAgABMIIC
OgMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
XPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQDBABde0AD
BABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4DBABenGIDBABenGQD
BABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6crAMEAF6cuQMEAF6c
vAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAV6c+DAMAwQAXpz7AwQAXpz8MAwD
BAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJmwMEANRJnTANBAIA
AjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAPfxw4iyi/i9pJ0qy09NZUn9i
mjr7erH9MIcxfRV6uUWU3QHRNLiCQ92yDojgVfvXJtJod3DFZV93JzNsULhIr0TH
KiSzS+s+vtCOcPbGremr00Bzt6rqWpcUwCB8P7s4JNhCafEtY/YyssJmt/R+bk5w
K0OWtUNEJovdJJxDR3z3GZnez9IOPHPgN5eH3XvEbdTroI6821N5N6bfC8cqK4dv
PrNBWrvIKuswNZ1ScKxcWkFOVnNBmb4hdiR5oo9fVUmecAzhQKSXmpyKmU6rJf/H
df7NYz4GB6MWfnTE3itXBXv0Wumv6ofE4EjvlgSZbQmX17zRay5DJQX7WGaZlQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org