Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_-mPoZocGp2u2mSanP26btbmB00.roa
File: _-mPoZocGp2u2mSanP26btbmB00.roa (raw, json)
Hash identifier: tqoQbISV4Df4CZo41YoxfwIJP2OpEL3m2ZMuIYctcLY=
Subject key identifier: FF:E9:8F:A1:9A:1C:1A:9D:AE:DA:64:9A:9C:FD:BA:6E:D6:E6:07:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01939B35709BE6CC4EC92CED98E3BCF2AE75
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_-mPoZocGp2u2mSanP26btbmB00.roa
Signing time: Fri 06 Dec 2024 09:03:10 +0000
ROA not before: Fri 06 Dec 2024 09:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34224
IP address blocks: 31.13.195.0/24 maxlen: 32
31.13.197.0/24 maxlen: 32
31.13.216.0/21 maxlen: 32
31.13.217.0/24 maxlen: 32
31.13.221.0/24 maxlen: 32
31.13.223.0/24 maxlen: 32
31.13.230.0/23 maxlen: 32
31.13.236.0/22 maxlen: 32
31.13.241.0/24 maxlen: 32
31.13.245.0/24 maxlen: 32
37.60.138.0/24 maxlen: 32
37.60.139.0/24 maxlen: 32
45.81.38.0/24 maxlen: 32
45.84.90.0/24 maxlen: 24
82.115.210.0/24 maxlen: 32
83.143.115.0/24 maxlen: 32
85.217.140.0/24 maxlen: 32
87.120.6.0/23 maxlen: 32
87.120.6.0/24 maxlen: 32
87.120.8.0/24 maxlen: 32
87.120.13.0/24 maxlen: 32
87.120.37.0/24 maxlen: 32
87.120.39.0/24 maxlen: 32
87.120.43.0/24 maxlen: 32
87.120.61.0/24 maxlen: 32
87.120.98.0/24 maxlen: 32
87.120.104.0/24 maxlen: 32
87.120.109.0/24 maxlen: 32
87.120.128.0/23 maxlen: 32
87.120.132.0/24 maxlen: 32
87.120.133.0/24 maxlen: 32
87.120.134.0/24 maxlen: 32
87.120.135.0/24 maxlen: 32
87.120.176.0/24 maxlen: 32
87.120.195.0/24 maxlen: 32
87.120.199.0/24 maxlen: 32
87.120.200.0/24 maxlen: 32
87.120.201.0/24 maxlen: 32
87.120.206.0/23 maxlen: 32
87.120.206.0/24 maxlen: 32
87.120.207.0/24 maxlen: 32
87.120.217.0/24 maxlen: 32
87.120.223.0/24 maxlen: 32
87.120.253.0/24 maxlen: 32
87.120.254.0/24 maxlen: 32
87.120.255.0/24 maxlen: 32
87.121.0.0/23 maxlen: 32
87.121.0.0/24 maxlen: 32
87.121.1.0/24 maxlen: 32
87.121.2.0/24 maxlen: 24
87.121.6.0/23 maxlen: 32
87.121.42.0/24 maxlen: 32
87.121.52.0/24 maxlen: 32
87.121.64.0/24 maxlen: 32
87.121.82.0/24 maxlen: 32
87.121.83.0/24 maxlen: 32
87.121.90.0/23 maxlen: 32
87.121.110.0/24 maxlen: 32
87.121.111.0/24 maxlen: 32
87.121.112.0/24 maxlen: 32
87.121.113.0/24 maxlen: 32
87.121.118.0/24 maxlen: 32
87.121.150.0/23 maxlen: 32
87.121.150.0/24 maxlen: 32
87.121.151.0/24 maxlen: 32
87.121.161.0/24 maxlen: 32
91.92.0.0/24 maxlen: 32
91.92.1.0/24 maxlen: 32
91.92.2.0/24 maxlen: 32
91.92.65.0/24 maxlen: 32
91.92.66.0/24 maxlen: 32
91.92.105.0/24 maxlen: 32
91.92.109.0/24 maxlen: 32
91.92.139.0/24 maxlen: 32
91.92.197.0/24 maxlen: 32
91.92.198.0/23 maxlen: 32
91.92.219.0/24 maxlen: 32
91.92.230.0/24 maxlen: 32
91.212.233.0/24 maxlen: 32
92.249.49.0/24 maxlen: 32
93.123.8.0/24 maxlen: 32
93.123.12.0/24 maxlen: 32
93.123.18.0/24 maxlen: 32
93.123.28.0/23 maxlen: 32
93.123.32.0/22 maxlen: 32
93.123.36.0/24 maxlen: 32
93.123.37.0/24 maxlen: 32
93.123.64.0/24 maxlen: 32
93.123.80.0/24 maxlen: 24
93.123.117.0/24 maxlen: 32
94.156.6.0/24 maxlen: 24
94.156.12.0/24 maxlen: 32
94.156.15.0/24 maxlen: 32
94.156.24.0/24 maxlen: 32
94.156.25.0/24 maxlen: 32
94.156.42.0/24 maxlen: 32
94.156.44.0/24 maxlen: 32
94.156.77.0/24 maxlen: 32
94.156.94.0/24 maxlen: 32
94.156.98.0/24 maxlen: 32
94.156.100.0/24 maxlen: 32
94.156.129.0/24 maxlen: 32
94.156.130.0/24 maxlen: 32
94.156.153.0/24 maxlen: 32
94.156.158.0/24 maxlen: 32
94.156.159.0/24 maxlen: 32
94.156.172.0/23 maxlen: 32
94.156.185.0/24 maxlen: 32
94.156.188.0/24 maxlen: 32
94.156.190.0/24 maxlen: 32
94.156.216.0/21 maxlen: 32
94.156.227.0/24 maxlen: 32
94.156.232.0/24 maxlen: 32
94.156.233.0/24 maxlen: 32
94.156.249.0/24 maxlen: 32
94.156.251.0/24 maxlen: 32
94.156.252.0/24 maxlen: 32
185.226.174.0/24 maxlen: 24
185.254.36.0/24 maxlen: 32
194.55.184.0/23 maxlen: 32
194.169.173.0/24 maxlen: 32
212.73.128.0/23 maxlen: 32
212.73.130.0/23 maxlen: 32
212.73.131.0/24 maxlen: 32
212.73.132.0/24 maxlen: 32
212.73.133.0/24 maxlen: 32
212.73.134.0/24 maxlen: 32
212.73.136.0/24 maxlen: 32
212.73.138.0/23 maxlen: 32
212.73.138.0/24 maxlen: 32
212.73.140.0/24 maxlen: 32
212.73.141.0/24 maxlen: 32
212.73.142.0/24 maxlen: 32
212.73.143.0/24 maxlen: 32
212.73.144.0/24 maxlen: 32
212.73.145.0/24 maxlen: 32
212.73.146.0/24 maxlen: 32
212.73.147.0/24 maxlen: 32
212.73.148.0/24 maxlen: 32
212.73.155.0/24 maxlen: 32
212.73.157.0/24 maxlen: 32
212.87.207.0/24 maxlen: 32
2a00:1728::/32 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:3::/48 maxlen: 48
2a00:1728:1b::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:2f::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:35::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:35:70:9b:e6:cc:4e:c9:2c:ed:98:e3:bc:f2:ae:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 6 09:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffe98fa19a1c1a9daeda649a9cfdba6ed6e6074d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:74:30:5e:51:8e:c3:f0:2d:50:a8:d0:32:8c:
0c:fc:95:8f:26:63:bc:3b:d9:37:db:2b:93:66:22:
a4:2e:c0:96:5e:dd:93:0b:86:48:7f:6f:d8:02:f5:
a7:8e:8f:ee:f9:aa:02:02:33:ef:fd:6b:56:55:bf:
80:7b:0d:b9:92:fc:e2:82:66:b8:37:5a:d3:0d:1d:
76:66:39:fc:46:f3:6d:65:fc:c8:bf:45:c0:17:b5:
ba:5f:6b:36:cd:65:46:b3:9f:c6:cc:fd:f6:2f:25:
8e:b5:e0:d5:2a:7c:dc:47:fc:2b:63:be:db:08:2e:
0d:57:63:3c:e6:44:06:6e:55:64:cd:70:a1:60:f4:
96:eb:65:30:a5:52:85:22:98:a1:8c:9c:8e:94:a2:
00:b6:f1:e8:cb:0b:9d:a8:67:65:94:e7:9b:37:ba:
1e:9f:dc:79:db:6e:ff:2c:00:98:29:48:95:d3:ee:
39:ba:8e:f2:dc:ec:7c:6b:f0:11:97:2d:4a:e6:e2:
6d:61:e9:0f:af:95:6b:d8:d8:91:88:ec:4f:cf:ae:
f2:a4:12:f6:c4:c6:34:05:01:c3:bd:0f:b4:74:26:
c8:f3:d2:16:75:79:dc:dc:bb:c7:df:22:9c:b8:79:
71:a7:f0:6e:b3:74:bb:1c:d7:27:39:7a:6c:81:4d:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E9:8F:A1:9A:1C:1A:9D:AE:DA:64:9A:9C:FD:BA:6E:D6:E6:07:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_-mPoZocGp2u2mSanP26btbmB00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
45.81.38.0/24
45.84.90.0/24
82.115.210.0/24
83.143.115.0/24
85.217.140.0/24
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.98.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.82.0/23
87.121.90.0/23
87.121.110.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
91.212.233.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
93.123.80.0/24
93.123.117.0/24
94.156.6.0/24
94.156.12.0/24
94.156.15.0/24
94.156.24.0/23
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/23
94.156.249.0/24
94.156.251.0-94.156.252.255
185.226.174.0/24
185.254.36.0/24
194.55.184.0/23
194.169.173.0/24
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
212.87.207.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
7d:64:ef:b3:9e:88:fa:82:b1:85:27:d9:eb:7d:26:41:54:5d:
09:38:68:06:29:5e:8a:39:9e:e2:a6:62:e5:78:50:03:47:6a:
22:77:58:28:47:71:db:d1:84:61:3a:0d:f9:75:33:41:3c:65:
08:f0:9e:16:de:20:9f:e7:dd:4e:d2:14:46:b6:bf:11:59:46:
3f:4a:cf:38:c4:ef:2b:1c:eb:87:a5:ad:5f:6a:13:5f:6d:77:
40:cc:b3:ee:6f:89:c3:b9:58:89:bd:40:d2:38:d9:bb:74:8f:
83:60:c5:9f:ee:51:8b:80:5d:76:66:b6:f7:54:66:49:eb:2c:
90:4a:43:27:f6:7f:a6:00:98:25:f9:90:0e:ba:82:4f:58:12:
ec:13:52:cc:30:44:68:a0:be:75:25:92:b8:b9:23:77:e1:0c:
e8:bd:d4:e9:6b:3e:c7:ed:0e:76:02:68:a0:86:37:de:3a:96:
47:0b:78:b8:f7:84:b9:73:76:63:13:d8:d3:68:cc:87:0c:4b:
a2:5a:ba:bc:66:6c:0f:68:b3:fb:c0:4b:19:d9:f1:12:60:44:
82:fe:47:0a:f2:61:64:56:c9:55:0d:7b:09:cb:ac:9a:5c:c9:
9f:c4:24:a0:b0:20:48:84:54:8a:bb:28:ba:b6:fc:44:4f:94:
4b:74:f8:3c
-----BEGIN CERTIFICATE-----
MIIHkTCCBnmgAwIBAgISAZObNXCb5sxOySztmOO88q51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjA2MDkwMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmU5OGZhMTlhMWMxYTlkYWVkYTY0OWE5Y2ZkYmE2ZWQ2ZTYwNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHQwXlGOw/AtUKjQMowM/JWPJmO8
O9k32yuTZiKkLsCWXt2TC4ZIf2/YAvWnjo/u+aoCAjPv/WtWVb+Aew25kvzigma4
N1rTDR12Zjn8RvNtZfzIv0XAF7W6X2s2zWVGs5/GzP32LyWOteDVKnzcR/wrY77b
CC4NV2M85kQGblVkzXChYPSW62UwpVKFIpihjJyOlKIAtvHoywudqGdllOebN7oe
n9x5227/LACYKUiV0+45uo7y3Ox8a/ARly1K5uJtYekPr5Vr2NiRiOxPz67ypBL2
xMY0BQHDvQ+0dCbI89IWdXnc3LvH3yKcuHlxp/Bus3S7HNcnOXpsgU3YrwIDAQAB
o4IEnTCCBJkwHQYDVR0OBBYEFP/pj6GaHBqdrtpkmpz9um7W5gdNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvXy1tUG9ab2NHcDJ1Mm1TYW5QMjZidGJtQjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICsQYIKwYBBQUHAQcBAf8EggKgMIICnDCCAokEAgABMIIC
gQMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
igMEAC1RJgMEAC1UWgMEAFJz0gMEAFOPcwMEAFXZjDAMAwQBV3gGAwQAV3gIAwQA
V3gNAwQAV3glAwQAV3gnAwQAV3grAwQAV3g9AwQAV3hiAwQAV3hoAwQAV3htAwQB
V3iAAwQCV3iEAwQAV3iwAwQAV3jDMAwDBABXeMcDBAFXeMgDBAFXeM4DBABXeNkD
BABXeN8wDAMEAFd4/QMEAFd5AgMEAVd5BgMEAFd5KgMEAFd5NAMEAFd5QAMEAVd5
UgMEAVd5WjAMAwQBV3luAwQBV3lwAwQAV3l2AwQBV3mWAwQAV3mhMAsDAwJbXAME
AFtcAjAMAwQAW1xBAwQAW1xCAwQAW1xpAwQAW1xtAwQAW1yLMAwDBABbXMUDBANb
XMADBABbXNsDBABbXOYDBABb1OkDBABc+TEDBABdewgDBABdewwDBABdexIDBAFd
exwwDAMEBV17IAMEAV17JAMEAF17QAMEAF17UAMEAF17dQMEAF6cBgMEAF6cDAME
AF6cDwMEAV6cGAMEAF6cKgMEAF6cLAMEAF6cTQMEAF6cXgMEAF6cYgMEAF6cZDAM
AwQAXpyBAwQAXpyCAwQAXpyZAwQBXpyeAwQBXpysAwQAXpy5AwQAXpy8AwQAXpy+
AwQDXpzYAwQAXpzjAwQBXpzoAwQAXpz5MAwDBABenPsDBABenPwDBAC54q4DBAC5
/iQDBAHCN7gDBADCqa0wDAMEB9RJgAMEANRJhgMEANRJiDAMAwQB1EmKAwQA1EmU
AwQA1EmbAwQA1EmdAwQA1FfPMA0EAgACMAcDBQAqABcoMA0GCSqGSIb3DQEBCwUA
A4IBAQB9ZO+znoj6grGFJ9nrfSZBVF0JOGgGKV6KOZ7ipmLleFADR2oid1goR3Hb
0YRhOg35dTNBPGUI8J4W3iCf591O0hRGtr8RWUY/Ss84xO8rHOuHpa1fahNfbXdA
zLPub4nDuViJvUDSONm7dI+DYMWf7lGLgF12Zrb3VGZJ6yyQSkMn9n+mAJgl+ZAO
uoJPWBLsE1LMMERooL51JZK4uSN34QzovdTpaz7H7Q52AmighjfeOpZHC3i494S5
c3ZjE9jTaMyHDEuiWrq8ZmwPaLP7wEsZ2fESYESC/kcK8mFkVslVDXsJy6yaXMmf
xCSgsCBIhFSKuyi6tvxET5RLdPg8
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:41:04 2025 by rpki-client