Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UKGdcpx5o7atLAmGTGNDBJYOuPY.roa
File: UKGdcpx5o7atLAmGTGNDBJYOuPY.roa (raw, json)
Hash identifier: HvJ1FS+d0HFSHai0LTrnbuMGmYZt4Ifr7ffLbSr03VA=
Subject key identifier: 50:A1:9D:72:9C:79:A3:B6:AD:2C:09:86:4C:63:43:04:96:0E:B8:F6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018607402C623FD6D1A417B179729BEE4BCB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UKGdcpx5o7atLAmGTGNDBJYOuPY.roa
Signing time: Tue 31 Jan 2023 09:54:51 +0000
ROA not before: Tue 31 Jan 2023 09:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:40:2c:62:3f:d6:d1:a4:17:b1:79:72:9b:ee:4b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 31 09:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50a19d729c79a3b6ad2c09864c634304960eb8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bc:5e:8c:53:72:00:ea:48:20:ba:c0:bb:e9:
bd:09:0d:9a:dc:74:e9:b0:5f:18:40:9d:89:55:03:
a2:c3:05:2a:28:12:21:0c:ba:86:fa:34:68:58:db:
39:05:48:b2:eb:1d:7a:84:d0:a2:a2:b6:ca:8b:71:
3e:e7:0f:46:97:cf:e0:3c:15:58:58:c9:fd:c7:a5:
d5:26:a2:68:13:9d:2c:b2:e1:ec:3a:5a:ef:9f:94:
40:cd:9a:8a:0d:78:82:69:6a:43:27:3c:fa:ba:c6:
04:30:6c:16:b0:eb:ae:36:4f:1d:1f:40:cd:79:d2:
d0:1b:6c:cd:53:4a:c4:76:8f:dc:47:ae:21:24:82:
03:8c:cc:a9:37:63:4e:eb:aa:fc:bc:0e:52:98:7a:
b6:12:e3:3e:3f:8e:47:ad:0f:17:90:8c:6d:6c:0c:
2d:c9:56:9c:e8:63:43:fb:ab:1e:b8:dc:1d:92:83:
ac:bf:35:18:56:d6:e6:60:38:6e:d1:b2:32:6d:63:
67:8e:70:b7:3c:98:e8:8d:b1:2e:77:f4:6d:0a:63:
52:32:98:81:70:a5:2b:a9:e3:54:d5:22:e2:ea:06:
3a:fa:9d:fc:3b:a6:3e:78:56:82:60:58:4f:ba:07:
9c:e3:d0:b3:66:3b:5d:29:52:89:f4:5a:10:29:39:
09:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A1:9D:72:9C:79:A3:B6:AD:2C:09:86:4C:63:43:04:96:0E:B8:F6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UKGdcpx5o7atLAmGTGNDBJYOuPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.219.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.69.0/24
87.121.103.0/24
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.87.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:36:de:13:8c:c0:f1:20:d7:74:3d:97:b0:fb:06:2b:03:ff:
bb:7a:29:9a:da:e6:2e:3d:72:28:b9:94:84:3d:2a:a3:e5:41:
f4:88:4d:52:94:b2:8f:bd:b2:cd:65:92:2f:e6:e1:12:82:cf:
a0:fb:37:b9:08:08:5e:24:61:c0:ae:fe:81:7a:b8:c0:78:a7:
0a:92:4f:37:91:68:db:3e:49:19:8c:f1:07:17:55:a2:da:eb:
91:dc:a2:73:af:87:d5:30:d3:fe:dd:22:4d:3c:ab:8b:80:41:
7f:18:79:09:c5:6e:56:49:cd:f5:ad:e3:36:be:70:00:6b:aa:
af:da:0f:58:04:ef:41:ba:df:33:80:73:31:81:d6:01:f0:2c:
da:ec:0e:bd:90:8d:31:3c:15:64:c0:d4:ef:eb:48:82:7a:3e:
84:01:3f:47:8b:e8:1f:9b:0e:05:0f:f3:23:23:10:76:b9:f9:
3c:ed:2d:26:ec:d1:55:67:50:1f:9e:a5:ae:71:a3:90:3f:ac:
a2:f8:f4:80:a4:13:28:1c:7d:f5:b0:b8:c2:0b:e9:da:9f:55:
7f:fa:cf:22:52:d2:fc:cd:0a:d1:f9:b7:95:59:94:e8:78:56:
60:83:e8:95:85:31:4b:79:ca:fc:74:19:62:09:26:33:e0:9e:
9f:94:ea:d3
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAYYHQCxiP9bRpBexeXKb7kvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTMxMDk1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGExOWQ3MjljNzlhM2I2YWQyYzA5ODY0YzYzNDMwNDk2MGViOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrxejFNyAOpIILrAu+m9CQ2a3HTp
sF8YQJ2JVQOiwwUqKBIhDLqG+jRoWNs5BUiy6x16hNCiorbKi3E+5w9Gl8/gPBVY
WMn9x6XVJqJoE50ssuHsOlrvn5RAzZqKDXiCaWpDJzz6usYEMGwWsOuuNk8dH0DN
edLQG2zNU0rEdo/cR64hJIIDjMypN2NO66r8vA5SmHq2EuM+P45HrQ8XkIxtbAwt
yVac6GND+6seuNwdkoOsvzUYVtbmYDhu0bIybWNnjnC3PJjojbEud/RtCmNSMpiB
cKUrqeNU1SLi6gY6+p38O6Y+eFaCYFhPugec49CzZjtdKVKJ9FoQKTkJQQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFFChnXKceaO2rSwJhkxjQwSWDrj2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVUtHZGNweDVvN2F0TEFtR1RHTkRCSllPdVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEAh8N/AMEASWLggMEAld4IAMEAVd4LgMEAVd4QAMEAVd4YAMEAld4ZAMEAVd4
wDAMAwQAV3jbAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeTwDBABXeUUDBABXeWcD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17UDAMAwQAXXtVAwQD
XXtQMAwDBARde3ADBAFde3QDBABde3cDBAFemqADBABemq0DBABenAIDBABenAgD
BAFenE4DBABenIMDBABenJgDBAFenJoDBAFenKgwDAMEBF6csAMEAV6ctDAMAwQA
XpztAwQAXpzuAwQAstfuAwQAufyxAwQAwRnbAwQAwS8+AwQAwTp5AwQAwTp7AwQA
wjD5AwQAwjfiAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQAKNt4TjMDxINd0PZew
+wYrA/+7eima2uYuPXIouZSEPSqj5UH0iE1SlLKPvbLNZZIv5uESgs+g+ze5CAhe
JGHArv6BerjAeKcKkk83kWjbPkkZjPEHF1Wi2uuR3KJzr4fVMNP+3SJNPKuLgEF/
GHkJxW5WSc31reM2vnAAa6qv2g9YBO9But8zgHMxgdYB8Cza7A69kI0xPBVkwNTv
60iCej6EAT9Hi+gfmw4FD/MjIxB2ufk87S0m7NFVZ1AfnqWucaOQP6yi+PSApBMo
HH31sLjCC+nan1V/+s8iUtL8zQrR+beVWZToeFZgg+iVhTFLecr8dBliCSYz4J6f
lOrT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org