Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XdfuUlHqmy1m9jqS1-JN60erCGY.roa
File: XdfuUlHqmy1m9jqS1-JN60erCGY.roa (raw, json)
Hash identifier: g1N/y2kZmEkEGvCy6JYeDpRvZgX3z6612M3zY4P3IQU=
Subject key identifier: 5D:D7:EE:52:51:EA:9B:2D:66:F6:3A:92:D7:E2:4D:EB:47:AB:08:66
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185BFDA19E89F3E9F4E65E2A9F4085018D9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XdfuUlHqmy1m9jqS1-JN60erCGY.roa
Signing time: Tue 17 Jan 2023 13:10:19 +0000
ROA not before: Tue 17 Jan 2023 13:10:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.136.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.54.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.2.0/24 maxlen: 24
87.121.0.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
93.123.37.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:da:19:e8:9f:3e:9f:4e:65:e2:a9:f4:08:50:18:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 17 13:10:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd7ee5251ea9b2d66f63a92d7e24deb47ab0866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:f2:85:69:18:f6:d6:e2:b2:ec:64:29:bc:
62:00:e7:cf:af:22:0f:8e:c1:c9:65:9f:4a:7f:7a:
1f:7b:90:af:0f:15:9d:65:48:b4:a2:ef:08:7e:ef:
c9:69:1f:be:d4:4a:09:bf:c1:4c:fd:b0:aa:db:52:
44:05:cc:f5:81:74:a4:33:b2:57:ef:22:21:66:88:
9c:bc:f8:70:2d:5a:0a:4a:6a:a5:d8:97:52:b2:c0:
93:94:81:4c:38:04:3b:7b:c1:37:9c:40:64:3e:7d:
9c:67:5a:ba:ad:ee:31:21:0e:80:23:80:86:0a:d3:
85:68:d0:c1:7f:7d:69:2d:99:d4:d5:c1:4a:cf:27:
06:e2:4e:ef:40:15:ff:cf:e4:bb:58:48:5b:23:c1:
3d:99:53:b3:01:d2:a5:fa:e9:07:94:4e:53:f1:8d:
69:99:a3:a5:9f:82:06:2d:ef:8e:1c:83:fa:20:86:
36:2a:5d:d6:06:14:cf:dc:cd:5f:cc:63:f4:2d:6e:
52:d3:69:99:c4:77:d7:ac:86:d1:09:2f:11:1b:36:
97:4d:24:a5:59:73:37:c9:a7:45:d0:1a:55:5b:65:
7d:3e:85:06:9d:68:c6:fb:ea:7f:91:b8:0b:a1:4b:
4a:ce:a5:6e:2d:7d:26:07:3e:2c:1e:0d:2d:fc:6b:
e9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D7:EE:52:51:EA:9B:2D:66:F6:3A:92:D7:E2:4D:EB:47:AB:08:66
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XdfuUlHqmy1m9jqS1-JN60erCGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.54.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.10.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0/24
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
38:eb:f3:18:68:2d:60:a1:66:57:5b:d5:8f:f2:41:a5:fc:b0:
b8:28:a7:f2:9d:37:2c:96:e1:71:9e:f9:50:a0:f7:e2:ab:ce:
5e:7c:d6:4c:e3:0c:00:82:f8:c2:a6:67:1f:dc:06:8b:51:ed:
ae:c2:88:ba:fc:57:bf:78:14:66:84:a1:e7:72:ba:48:d8:08:
16:a9:dc:5f:d0:ff:e7:13:37:cf:85:be:56:ad:88:94:d1:b0:
7f:12:8e:9a:93:25:02:d4:e2:82:f2:db:b0:46:f3:fc:7c:67:
2a:34:e7:49:58:4c:eb:43:6f:b0:34:d4:17:45:61:0c:e0:e6:
dc:81:90:28:40:0e:e9:58:20:2a:92:23:34:c9:eb:f2:f7:b7:
c9:6a:ca:5d:3e:a7:be:4c:66:2b:32:28:51:22:18:39:5b:57:
14:af:6b:d7:86:c8:00:a8:f3:72:60:3b:86:59:b8:51:2c:5d:
34:d7:cd:49:fa:e4:4a:7e:df:65:01:5e:55:51:d4:e4:e6:7e:
49:b1:b4:b7:6e:d9:08:da:c0:0b:f8:f5:0c:60:e3:8d:0f:28:
a4:06:49:d6:50:83:52:4a:42:15:f3:83:7e:87:32:ea:9c:90:
f9:ec:fa:07:d5:e0:2b:40:24:e7:92:c7:58:8d:cf:fa:e3:2c:
a6:b8:8e:55
-----BEGIN CERTIFICATE-----
MIIHTjCCBjagAwIBAgISAYW/2hnonz6fTmXiqfQIUBjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTE3MTMxMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ3ZWU1MjUxZWE5YjJkNjZmNjNhOTJkN2UyNGRlYjQ3YWIwODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvHyhWkY9tbisuxkKbxiAOfPryIP
jsHJZZ9Kf3ofe5CvDxWdZUi0ou8Ifu/JaR++1EoJv8FM/bCq21JEBcz1gXSkM7JX
7yIhZoicvPhwLVoKSmql2JdSssCTlIFMOAQ7e8E3nEBkPn2cZ1q6re4xIQ6AI4CG
CtOFaNDBf31pLZnU1cFKzycG4k7vQBX/z+S7WEhbI8E9mVOzAdKl+ukHlE5T8Y1p
maOln4IGLe+OHIP6IIY2Kl3WBhTP3M1fzGP0LW5S02mZxHfXrIbRCS8RGzaXTSSl
WXM3yadF0BpVW2V9PoUGnWjG++p/kbgLoUtKzqVuLX0mBz4sHg0t/Gvp/wIDAQAB
o4IEWjCCBFYwHQYDVR0OBBYEFF3X7lJR6pstZvY6ktfiTetHqwhmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGRmdVVsSHFteTFtOWpxUzEtSk42MGVyQ0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICbgYIKwYBBQUHAQcBAf8EggJdMIICWTCCAkYEAgABMIIC
PgMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeTYDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwME
AVd5cAMEAFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtc
QgMEAVtcRAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQA
W1zmAwQAXPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQD
BABde0ADBABenAoDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4D
BABenGIDBABenGQDBABenGoDBABenIEDBABenJkDBAFenJ4DBAFenKwDBABenLkD
BABenLwDBABenL4DBANenNgDBABenOMDBAJenOgDBAFenPgwDAMEAF6c+wMEAF6c
/DAMAwQH1EmAAwQA1EmGAwQA1EmIMAwDBAHUSYoDBADUSZQDBADUSZsDBADUSZ0w
DQQCAAIwBwMFACoAFygwDQYJKoZIhvcNAQELBQADggEBADjr8xhoLWChZldb1Y/y
QaX8sLgop/KdNyyW4XGe+VCg9+Krzl581kzjDACC+MKmZx/cBotR7a7CiLr8V794
FGaEoedyukjYCBap3F/Q/+cTN8+FvlatiJTRsH8SjpqTJQLU4oLy27BG8/x8Zyo0
50lYTOtDb7A01BdFYQzg5tyBkChADulYICqSIzTJ6/L3t8lqyl0+p75MZisyKFEi
GDlbVxSva9eGyACo83JgO4ZZuFEsXTTXzUn65Ep+32UBXlVR1OTmfkmxtLdu2Qja
wAv49Qxg440PKKQGSdZQg1JKQhXzg36HMuqckPns+gfV4CtAJOeSx1iNz/rjLKa4
jlU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org