Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VVsfVMzpxyTM_j8BGmaaQHtZJI8.roa
File: VVsfVMzpxyTM_j8BGmaaQHtZJI8.roa (raw, json)
Hash identifier: Y0pLRECpUZv5VS9xhbzJ5XZAG0IKT8kH/+8Kc4uVIE8=
Subject key identifier: 55:5B:1F:54:CC:E9:C7:24:CC:FE:3F:01:1A:66:9A:40:7B:59:24:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881AC04CDDA6FD0520E31A5CD5F8C67C2B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VVsfVMzpxyTM_j8BGmaaQHtZJI8.roa
Signing time: Sun 14 May 2023 14:53:10 +0000
ROA not before: Sun 14 May 2023 14:53:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.136.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.0.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.121.2.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.130.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:c0:4c:dd:a6:fd:05:20:e3:1a:5c:d5:f8:c6:7c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 14 14:53:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=555b1f54cce9c724ccfe3f011a669a407b59248f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e0:55:a5:6c:28:bc:b8:dd:44:69:fb:ff:00:
77:dc:8a:fa:bf:06:5b:83:4e:62:60:bd:a3:d3:4a:
9e:51:ca:6a:c9:b1:ab:71:71:b1:e3:d1:11:e5:68:
9e:b5:ee:91:4d:e2:a5:c0:15:bb:de:b3:6e:5f:15:
a8:da:e1:6b:32:82:78:22:91:10:a7:ca:e1:d1:ee:
e2:e8:ef:6f:65:94:34:ca:04:91:d2:70:9b:95:a3:
46:03:4d:a6:89:55:08:d5:5d:f7:46:14:c4:98:d7:
e8:3e:b3:8a:c0:46:c8:ff:2c:fc:f3:6f:23:1f:3a:
d2:0c:8f:a4:dd:9d:31:f3:12:b1:bc:1e:cf:90:26:
af:08:c1:e2:27:f7:c5:78:a8:d1:f6:b5:e8:09:76:
b5:34:4b:e4:cf:47:e2:a8:70:d4:bf:5f:5e:c0:54:
48:70:3d:ec:44:9b:a5:4c:88:6d:f9:10:d6:80:96:
89:74:aa:aa:0e:19:34:8f:af:c1:f3:5c:a8:39:a7:
b3:f0:38:26:5c:15:f5:54:1a:e9:ad:98:fb:7b:ae:
d0:a0:14:b2:87:e8:02:44:6a:19:4f:f9:b7:b8:2c:
d7:a6:93:8e:7e:c2:84:8a:95:92:8b:64:15:6f:7b:
f6:85:ce:9f:bb:a3:a8:d6:5b:9b:3d:b8:f9:5e:ce:
0b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5B:1F:54:CC:E9:C7:24:CC:FE:3F:01:1A:66:9A:40:7B:59:24:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VVsfVMzpxyTM_j8BGmaaQHtZJI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
96:12:1c:e0:87:6b:10:66:c7:83:00:90:bf:6d:17:d1:5d:2a:
03:30:f2:a7:d9:05:1b:e6:cd:72:cb:49:d6:7b:2c:08:38:9e:
cd:60:65:a2:37:ad:ff:cb:53:26:cb:56:14:9f:a5:0c:ef:b4:
3e:24:a4:0f:19:45:d1:d3:57:21:ff:41:67:91:1e:26:9e:70:
36:4f:55:d1:99:49:16:51:7c:18:82:3e:11:e7:92:c7:fe:ea:
94:92:9b:37:dc:09:a8:6a:4f:e1:54:3f:75:fe:0c:32:5a:fa:
d6:d7:bb:9c:9c:63:8f:a9:ba:77:f3:e8:cd:97:c8:1f:4d:b4:
a3:df:24:e4:b4:7c:65:87:23:5e:d3:69:26:50:ff:55:4b:5d:
11:e5:15:1e:90:d6:8f:78:6c:f6:a2:31:01:92:e1:07:fc:2c:
05:50:7d:ef:a8:bd:8f:01:84:8a:c2:5f:98:cc:33:17:f6:97:
7c:a5:3f:0c:86:d0:11:60:7b:3d:77:3c:16:fc:90:6b:63:a4:
7a:c5:59:6b:54:49:72:29:b9:95:5a:c3:2c:65:4d:2b:ff:4b:
e5:9e:52:46:59:5d:ac:aa:0d:f2:1c:ff:b7:8e:31:17:45:df:
7a:e6:f6:58:7e:ea:af:2b:2f:d6:b5:0a:d1:22:8e:6e:49:1e:
88:aa:31:b5
-----BEGIN CERTIFICATE-----
MIIHSjCCBjKgAwIBAgISAYgawEzdpv0FIOMaXNX4xnwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE0MTQ1MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTViMWY1NGNjZTljNzI0Y2NmZTNmMDExYTY2OWE0MDdiNTkyNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOBVpWwovLjdRGn7/wB33Ir6vwZb
g05iYL2j00qeUcpqybGrcXGx49ER5Wiete6RTeKlwBW73rNuXxWo2uFrMoJ4IpEQ
p8rh0e7i6O9vZZQ0ygSR0nCblaNGA02miVUI1V33RhTEmNfoPrOKwEbI/yz8828j
HzrSDI+k3Z0x8xKxvB7PkCavCMHiJ/fFeKjR9rXoCXa1NEvkz0fiqHDUv19ewFRI
cD3sRJulTIht+RDWgJaJdKqqDhk0j6/B81yoOaez8DgmXBX1VBrprZj7e67QoBSy
h+gCRGoZT/m3uCzXppOOfsKEipWSi2QVb3v2hc6fu6Oo1lubPbj5Xs4LIQIDAQAB
o4IEVjCCBFIwHQYDVR0OBBYEFFVbH1TM6cckzP4/ARpmmkB7WSSPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVlZzZlZNenB4eVRNX2o4QkdtYWFRSHRaSkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICagYIKwYBBQUHAQcBAf8EggJZMIICVTCCAkIEAgABMIIC
OgMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
XPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQDBABde0AD
BABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4DBABenGIDBABenGQD
BABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6crAMEAF6cuQMEAF6c
vAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAV6c+DAMAwQAXpz7AwQAXpz8MAwD
BAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJmwMEANRJnTANBAIA
AjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAlhIc4IdrEGbHgwCQv20X0V0q
AzDyp9kFG+bNcstJ1nssCDiezWBlojet/8tTJstWFJ+lDO+0PiSkDxlF0dNXIf9B
Z5EeJp5wNk9V0ZlJFlF8GII+EeeSx/7qlJKbN9wJqGpP4VQ/df4MMlr61te7nJxj
j6m6d/PozZfIH020o98k5LR8ZYcjXtNpJlD/VUtdEeUVHpDWj3hs9qIxAZLhB/ws
BVB976i9jwGEisJfmMwzF/aXfKU/DIbQEWB7PXc8FvyQa2OkesVZa1RJcim5lVrD
LGVNK/9L5Z5SRlldrKoN8hz/t44xF0Xfeub2WH7qrysv1rUK0SKObkkeiKoxtQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org