Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PcCjOW_H06ETquCVD5-EOmdEgTM.roa
File: PcCjOW_H06ETquCVD5-EOmdEgTM.roa (raw, json)
Hash identifier: dy4YPDzAt9QBCOJb8cok8roiaMn1M/nuNp4LwBgheFk=
Subject key identifier: 3D:C0:A3:39:6F:C7:D3:A1:13:AA:E0:95:0F:9F:84:3A:67:44:81:33
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186C81B3C0354680D9B24400003AF451ABD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PcCjOW_H06ETquCVD5-EOmdEgTM.roa
Signing time: Thu 09 Mar 2023 20:41:13 +0000
ROA not before: Thu 09 Mar 2023 20:41:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c8:1b:3c:03:54:68:0d:9b:24:40:00:03:af:45:1a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 9 20:41:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dc0a3396fc7d3a113aae0950f9f843a67448133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b4:81:e6:75:c0:fc:e2:b0:2d:68:d6:29:65:
62:7e:b4:9e:17:6d:d9:9a:66:09:61:b5:4e:92:2a:
c6:ae:9c:76:ae:28:e1:da:c3:6d:09:9f:c8:46:f2:
96:c5:96:1b:ab:2c:49:e1:1f:e9:bc:f0:0c:3d:73:
77:66:50:35:a9:9e:a8:d6:35:1b:c8:11:5f:a2:df:
0e:ec:c4:c4:67:ef:fe:a8:c2:c6:5a:31:1c:55:52:
46:2a:7c:1d:14:bc:cf:bd:f7:ec:a9:ab:24:20:dc:
c8:78:e0:1e:5e:27:cc:e1:81:d5:54:80:0f:c6:2a:
ed:5c:98:0e:37:ea:cf:0b:b4:59:d6:59:50:9e:df:
79:65:f0:1f:b0:d9:61:65:25:5e:f4:29:c3:3f:3a:
04:56:64:f1:24:64:76:63:f6:f2:86:5d:34:e2:b1:
26:7b:e5:d7:2a:86:69:99:7c:c8:32:c6:fc:ba:c7:
10:70:36:87:4f:0a:ae:6e:a1:37:8b:02:52:af:7e:
af:80:cc:30:14:f8:5a:74:97:dd:cc:9e:28:64:f3:
fc:60:78:30:a8:a0:08:39:f0:3a:81:2d:98:a2:6b:
ea:f9:fc:3b:05:dc:ec:14:03:86:50:84:56:b0:dd:
e9:9a:a3:41:37:b3:33:8d:75:0b:4e:dd:94:12:bc:
8a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C0:A3:39:6F:C7:D3:A1:13:AA:E0:95:0F:9F:84:3A:67:44:81:33
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PcCjOW_H06ETquCVD5-EOmdEgTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
45.9.208.0/22
45.143.100.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.86.0/23
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
80:1f:a2:e2:2f:52:41:da:d1:e8:d5:ca:54:60:3f:83:cd:0d:
55:85:35:61:d3:12:3d:18:ae:89:9f:eb:d9:2d:ad:1d:4b:ea:
8e:e7:9e:cd:f6:57:76:46:40:b1:a4:8e:be:a6:d6:74:83:09:
3a:f0:5a:aa:68:ab:8e:ad:7f:bb:5d:aa:57:b0:22:e0:1d:c3:
09:38:30:14:6e:69:19:c1:92:14:37:73:4b:17:6c:0b:c6:bf:
56:08:15:49:7c:03:9f:b8:9f:46:b4:1f:b7:30:58:40:69:63:
fb:c2:3a:23:fd:09:66:88:c9:41:d0:fc:7b:11:67:91:ff:da:
fb:0b:44:2f:3f:50:38:97:ad:5e:bb:63:31:a7:ca:04:bd:e9:
79:34:21:aa:78:1a:70:cb:af:a7:72:71:33:9d:3c:1a:83:ce:
f7:09:cd:15:6c:39:72:5c:70:22:fb:04:44:78:86:8f:55:b6:
a6:f7:86:2a:c6:d4:31:74:a7:c2:16:be:97:76:4f:41:fc:d1:
7d:75:63:9a:78:42:53:45:c9:dd:6a:25:c2:43:77:0a:36:00:
6a:22:25:f2:f5:4a:76:fe:51:8f:72:ca:c4:66:7e:ec:ec:57:
f2:79:81:8e:58:4a:b6:9b:bb:b9:9b:97:73:ba:07:7a:be:0c:
a9:96:00:57
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAYbIGzwDVGgNmyRAAAOvRRq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzA5MjA0MTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMwYTMzOTZmYzdkM2ExMTNhYWUwOTUwZjlmODQzYTY3NDQ4MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrSB5nXA/OKwLWjWKWVifrSeF23Z
mmYJYbVOkirGrpx2rijh2sNtCZ/IRvKWxZYbqyxJ4R/pvPAMPXN3ZlA1qZ6o1jUb
yBFfot8O7MTEZ+/+qMLGWjEcVVJGKnwdFLzPvffsqaskINzIeOAeXifM4YHVVIAP
xirtXJgON+rPC7RZ1llQnt95ZfAfsNlhZSVe9CnDPzoEVmTxJGR2Y/byhl004rEm
e+XXKoZpmXzIMsb8uscQcDaHTwqubqE3iwJSr36vgMwwFPhadJfdzJ4oZPP8YHgw
qKAIOfA6gS2Yomvq+fw7BdzsFAOGUIRWsN3pmqNBN7MzjXULTt2UEryKrQIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFD3Aozlvx9OhE6rglQ+fhDpnRIEzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUGNDak9XX0gwNkVUcXVDVkQ1LUVPbWRFZ1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAh8N/AMEASWLggMEAi0J0AMEAi2PZAMEAld4IAMEAVd4LgMEAVd4QAMEAVd4
YAMEAVd4wAMEAFd42zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17UAMEAV17VjAMAwQE
XXtwAwQBXXt0AwQAXXt3AwQBXpqgAwQAXpqtAwQAXpwCAwQAXpwIAwQBXpxOAwQA
XpyDAwQAXpyYAwQBXpyaAwQBXpyoMAwDBARenLADBAFenLQwDAMEAF6c7QMEAF6c
7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAMEZ2wMEAMEvPgMEAME6eQMEAME6
ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEAgB+i4i9SQdrR
6NXKVGA/g80NVYU1YdMSPRiuiZ/r2S2tHUvqjueezfZXdkZAsaSOvqbWdIMJOvBa
qmirjq1/u12qV7Ai4B3DCTgwFG5pGcGSFDdzSxdsC8a/VggVSXwDn7ifRrQftzBY
QGlj+8I6I/0JZojJQdD8exFnkf/a+wtELz9QOJetXrtjMafKBL3peTQhqngacMuv
p3JxM508GoPO9wnNFWw5clxwIvsERHiGj1W2pveGKsbUMXSnwha+l3ZPQfzRfXVj
mnhCU0XJ3WolwkN3CjYAaiIl8vVKdv5Rj3LKxGZ+7OxX8nmBjlhKtpu7uZuXc7oH
er4MqZYAVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org