Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZUN2rYD259UE7exJkfS6lZlN_f0.roa
File: ZUN2rYD259UE7exJkfS6lZlN_f0.roa (raw, json)
Hash identifier: p2IRJ11oPNBY8xHTZuYjmPIpeACx5OcVsZIAhWgHr7c=
Subject key identifier: 65:43:76:AD:80:F6:E7:D5:04:ED:EC:49:91:F4:BA:95:99:4D:FD:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01855D86EE6DAA136CC8A0BF621BCC3A3646
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZUN2rYD259UE7exJkfS6lZlN_f0.roa
Signing time: Thu 29 Dec 2022 10:56:41 +0000
ROA not before: Thu 29 Dec 2022 10:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.136.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.54.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.2.0/24 maxlen: 24
87.121.0.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
94.156.186.0/24 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
93.123.37.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:86:ee:6d:aa:13:6c:c8:a0:bf:62:1b:cc:3a:36:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 29 10:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=654376ad80f6e7d504edec4991f4ba95994dfdfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:5e:48:1f:11:77:b6:db:b5:d2:06:99:f7:
f8:b8:85:c7:2e:0a:fe:bd:10:9f:96:19:e6:c7:40:
f1:c3:76:6a:f9:47:8d:8f:28:2f:87:7b:65:30:98:
07:ad:2a:e8:0b:f5:13:3e:1d:69:6a:a7:43:84:54:
da:2a:59:9f:39:1f:3a:16:1c:9d:26:aa:5c:d6:ce:
16:85:e7:72:8d:cc:dd:f6:aa:f2:0b:56:63:9f:3f:
19:78:d8:58:15:15:61:ec:f9:a0:3b:91:4b:09:02:
8a:cd:48:6f:1e:7d:18:18:66:2a:26:00:aa:c2:03:
5c:f0:a8:18:c1:8b:f7:a3:04:52:1f:8e:60:4a:bd:
f1:36:f0:15:1f:31:a6:db:8c:78:8a:98:63:16:a8:
dd:5d:81:8a:78:f5:10:26:b2:63:ea:a6:f7:ef:37:
f8:c5:29:47:e7:ac:cb:67:95:e8:c0:fc:b9:e8:26:
39:7b:c3:06:ed:6f:69:aa:0e:3b:57:19:66:f3:3a:
16:be:fb:7c:90:b6:3b:5a:36:48:60:ea:69:35:28:
54:85:35:f8:7c:71:15:56:74:90:8e:db:13:05:75:
1c:7d:df:a0:e0:55:fe:b0:6e:bc:92:ff:01:77:43:
71:2a:87:4b:6c:70:e7:07:d2:4b:ef:1b:e4:67:b1:
98:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:43:76:AD:80:F6:E7:D5:04:ED:EC:49:91:F4:BA:95:99:4D:FD:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZUN2rYD259UE7exJkfS6lZlN_f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.54.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.10.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0/24
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0-94.156.186.255
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
37:d4:59:69:ae:60:b5:b1:74:e6:bf:d8:96:92:fb:18:20:b7:
fd:cb:5b:cf:6a:14:2e:b5:7e:69:20:56:1c:98:2f:5f:fb:3b:
a2:01:f9:ae:8b:04:74:1b:dc:4f:ba:13:1f:dd:60:5f:ef:f1:
73:23:e3:76:7b:0f:a0:d2:a7:d3:ef:27:0e:e8:8a:e7:b1:5f:
24:a7:53:d3:57:f0:2d:95:5f:46:bf:6b:89:e6:93:c5:9e:2d:
50:b1:e1:9e:a3:e0:fc:b7:14:83:3d:a7:b2:8c:38:7a:84:88:
8f:3a:37:f1:f8:f9:25:b9:c2:25:1c:4f:93:58:96:76:c0:c2:
3d:4b:f7:8d:87:94:2d:23:61:7a:c4:ed:8f:1c:1f:21:e4:24:
82:80:ce:10:02:84:e9:66:83:1f:11:0e:6c:d5:14:94:9a:08:
7a:ab:f0:6f:3c:a1:a3:c0:e7:2c:32:87:4d:7c:a7:9d:21:c0:
cf:22:dc:f5:bf:e8:8c:2e:7e:d1:5b:fe:88:4d:05:fe:dd:31:
67:2b:28:21:86:00:41:4c:0c:71:23:87:c5:b0:98:27:df:ec:
68:b7:19:2a:07:19:8a:2c:40:bc:d1:8f:2a:a4:98:0b:01:00:
fe:d2:0b:58:9f:40:f3:9e:23:79:6e:d4:fc:ba:c0:a0:bb:44:
61:9f:35:ca
-----BEGIN CERTIFICATE-----
MIIHVjCCBj6gAwIBAgISAYVdhu5tqhNsyKC/YhvMOjZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjI5MTA1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQzNzZhZDgwZjZlN2Q1MDRlZGVjNDk5MWY0YmE5NTk5NGRmZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbReSB8Rd7bbtdIGmff4uIXHLgr+
vRCflhnmx0Dxw3Zq+UeNjygvh3tlMJgHrSroC/UTPh1paqdDhFTaKlmfOR86Fhyd
Jqpc1s4Whedyjczd9qryC1Zjnz8ZeNhYFRVh7PmgO5FLCQKKzUhvHn0YGGYqJgCq
wgNc8KgYwYv3owRSH45gSr3xNvAVHzGm24x4iphjFqjdXYGKePUQJrJj6qb37zf4
xSlH56zLZ5XowPy56CY5e8MG7W9pqg47Vxlm8zoWvvt8kLY7WjZIYOppNShUhTX4
fHEVVnSQjtsTBXUcfd+g4FX+sG68kv8Bd0NxKodLbHDnB9JL7xvkZ7GYxQIDAQAB
o4IEYjCCBF4wHQYDVR0OBBYEFGVDdq2A9ufVBO3sSZH0upWZTf39MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlVOMnJZRDI1OVVFN2V4SmtmUzZsWmxOX2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICdgYIKwYBBQUHAQcBAf8EggJlMIICYTCCAk4EAgABMIIC
RgMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeTYDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwME
AVd5cAMEAFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtc
QgMEAVtcRAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQA
W1zmAwQAXPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQD
BABde0ADBABenAoDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4D
BABenGIDBABenGQDBABenGoDBABenIEDBABenJkDBAFenJ4DBAFenKwwDAMEAF6c
uQMEAF6cugMEAF6cvAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAV6c+DAMAwQA
Xpz7AwQAXpz8MAwDBAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJ
mwMEANRJnTANBAIAAjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAN9RZaa5g
tbF05r/YlpL7GCC3/ctbz2oULrV+aSBWHJgvX/s7ogH5rosEdBvcT7oTH91gX+/x
cyPjdnsPoNKn0+8nDuiK57FfJKdT01fwLZVfRr9rieaTxZ4tULHhnqPg/LcUgz2n
sow4eoSIjzo38fj5JbnCJRxPk1iWdsDCPUv3jYeULSNhesTtjxwfIeQkgoDOEAKE
6WaDHxEObNUUlJoIeqvwbzyho8DnLDKHTXynnSHAzyLc9b/ojC5+0Vv+iE0F/t0x
ZysoIYYAQUwMcSOHxbCYJ9/saLcZKgcZiixAvNGPKqSYCwEA/tILWJ9A854jeW7U
/LrAoLtEYZ81yg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org