Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icdY2w1aOnC_6jFv4hntVG-xdZI.roa
File: icdY2w1aOnC_6jFv4hntVG-xdZI.roa (raw, json)
Hash identifier: yzLXrHBsX6jB3U/pZCGpxZT9umJRywJufaXVMiRDcPQ=
Subject key identifier: 89:C7:58:DB:0D:5A:3A:70:BF:EA:31:6F:E2:19:ED:54:6F:B1:75:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E6CF29E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icdY2w1aOnC_6jFv4hntVG-xdZI.roa
Signing time: Fri 13 May 2022 07:10:42 +0000
ROA not before: Fri 13 May 2022 07:10:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 87.120.192.0/23 maxlen: 23
87.120.192.0/24 maxlen: 24
87.120.193.0/24 maxlen: 24
87.121.36.0/24 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.37.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.60.0/24 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
87.120.64.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.69.0/24 maxlen: 24
87.120.65.0/24 maxlen: 24
87.120.72.0/21 maxlen: 21
87.120.77.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.97.0/24 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.96.0/24 maxlen: 24
87.120.100.0/22 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
87.120.46.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
87.120.47.0/24 maxlen: 24
91.92.8.0/21 maxlen: 24
91.92.6.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.67.0/24 maxlen: 24
93.123.81.5/32 maxlen: 32
93.123.39.0/24 maxlen: 24
94.156.232.0/21 maxlen: 24
93.123.71.0/24 maxlen: 24
93.123.69.0/24 maxlen: 24
93.123.68.0/22 maxlen: 22
93.123.70.0/24 maxlen: 24
93.123.68.0/24 maxlen: 24
93.123.77.0/24 maxlen: 24
93.123.78.0/24 maxlen: 24
93.123.76.0/24 maxlen: 24
93.123.79.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/23 maxlen: 23
93.123.86.0/24 maxlen: 24
93.123.88.0/21 maxlen: 24
93.123.87.0/24 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.169.0/24 maxlen: 24
94.156.168.0/24 maxlen: 24
94.156.176.0/21 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
93.123.27.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
93.123.26.0/24 maxlen: 24
93.123.112.0/24 maxlen: 24
93.123.118.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
93.123.114.0/24 maxlen: 24
93.123.112.0/21 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.115.0/24 maxlen: 24
93.123.113.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.136.0/21 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.157.0/24 maxlen: 24
94.156.156.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
94.156.78.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
87.121.147.0/24 maxlen: 24
87.121.146.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/24 maxlen: 24
31.13.252.0/22 maxlen: 22
31.13.253.0/24 maxlen: 24
31.13.254.0/24 maxlen: 24
31.13.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 510456478 (0x1e6cf29e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 13 07:10:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89c758db0d5a3a70bfea316fe219ed546fb17592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:99:df:1e:90:8c:09:47:cf:99:21:ea:03:
6d:bf:bf:91:a9:b3:95:07:b0:07:f4:17:7a:b2:17:
b7:d5:75:88:d2:5c:89:ad:81:d9:d9:83:3b:2b:14:
35:7b:c3:c6:8d:c6:0c:a4:34:7d:fd:d3:82:d6:08:
4e:46:c4:ff:78:b3:ed:dc:c4:89:d0:74:0a:50:a3:
6f:35:30:31:34:e0:30:ae:7a:28:09:f3:5a:7f:1d:
cc:b9:1d:65:a5:65:18:23:ba:ab:ed:04:24:92:29:
0b:8f:93:3e:54:5a:1b:29:c9:61:c3:08:7a:a7:4b:
0a:5a:4d:92:17:fe:b2:b1:1d:ca:6e:1c:26:c8:b4:
14:8c:cc:d0:34:22:8d:d4:c5:de:2b:1a:fa:8f:32:
b6:30:ad:87:28:2f:4d:7e:bb:88:a4:eb:5b:89:8f:
31:01:8f:7a:48:92:bd:4c:9f:da:17:f4:d5:21:7d:
c5:39:d5:66:74:83:ad:8b:4d:cb:06:39:e9:8f:89:
c7:a0:3e:5c:c2:80:60:f1:71:44:a5:64:68:b0:42:
e0:ad:e2:8e:81:7a:60:6e:ce:fb:c4:4d:19:fe:e9:
05:ac:dd:63:a8:ef:d6:f8:14:b5:3b:12:e0:f6:fb:
39:b6:5e:e7:62:6d:52:e1:d4:f9:65:f1:3d:b2:ba:
76:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C7:58:DB:0D:5A:3A:70:BF:EA:31:6F:E2:19:ED:54:6F:B1:75:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icdY2w1aOnC_6jFv4hntVG-xdZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0-87.121.105.255
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.8.0-91.92.16.255
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.81.255
93.123.84.0-93.123.95.255
93.123.112.0/21
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.136.0/21
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0/21
94.156.232.0/21
Signature Algorithm: sha256WithRSAEncryption
54:10:51:14:c8:6f:c4:33:6a:bd:3a:72:72:55:a0:4c:25:2c:
71:a3:58:0a:08:fb:d6:84:4b:3a:3b:fb:75:fd:c1:6d:a0:76:
93:ca:9c:34:1f:1c:49:f1:7e:6e:34:7b:c1:ab:3f:d7:dc:60:
3c:a6:29:8c:c9:47:a0:fc:ab:70:6a:85:97:6a:ec:09:4d:90:
c6:b3:5f:be:f6:09:8d:1f:fe:09:9b:31:44:b7:48:c6:f5:34:
46:31:d9:c0:f5:7f:bd:c2:54:74:3a:4d:f3:ef:20:87:ea:b0:
55:7e:f0:02:41:42:49:42:6e:dc:60:84:ef:d4:56:4f:b1:7f:
78:86:63:75:2a:73:86:b6:bb:5a:22:77:5c:6f:33:ee:b6:4f:
74:35:6a:40:f1:1d:b0:b7:de:63:78:59:ac:46:e9:36:2d:bb:
eb:65:31:d7:2e:71:19:c3:fe:28:6d:cf:45:39:45:bb:7d:ac:
bf:63:19:8e:36:8d:f1:84:36:54:2e:e5:db:9a:ee:1a:96:fa:
8a:61:21:9c:8c:30:9f:41:00:e6:39:68:48:0c:ec:e0:9b:72:
8a:4f:7b:41:9b:67:a5:aa:48:19:63:4d:0b:9c:34:eb:bb:20:
19:52:d6:ce:af:dd:1b:4a:d7:ff:e9:e9:a4:22:49:7e:4d:f7:
4a:79:3d:c7
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgIEHmzynjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUx
MzA3MTA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODljNzU4ZGIwZDVh
M2E3MGJmZWEzMTZmZTIxOWVkNTQ2ZmIxNzU5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3cmd8ekIwJR8+ZIeoDbb+/kamzlQewB/QXerIXt9V1iNJc
ia2B2dmDOysUNXvDxo3GDKQ0ff3TgtYITkbE/3iz7dzEidB0ClCjbzUwMTTgMK56
KAnzWn8dzLkdZaVlGCO6q+0EJJIpC4+TPlRaGynJYcMIeqdLClpNkhf+srEdym4c
Jsi0FIzM0DQijdTF3isa+o8ytjCthygvTX67iKTrW4mPMQGPekiSvUyf2hf01SF9
xTnVZnSDrYtNywY56Y+Jx6A+XMKAYPFxRKVkaLBC4K3ijoF6YG7O+8RNGf7pBazd
Y6jv1vgUtTsS4Pb7ObZe52JtUuHU+WXxPbK6djECAwEAAaOCA18wggNbMB0GA1Ud
DgQWBBSJx1jbDVo6cL/qMW/iGe1Ub7F1kjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2ljZFkydzFhT25DXzZqRnY0aG50VkcteGRaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AXMGCCsGAQUFBwEHAQH/BIIBYjCCAV4wggFaBAIAATCCAVIDBAIfDfwDBAJXeCAD
BAFXeC4DBAFXeEADBAFXeEQDBANXeEgDBAFXeFgDBAFXeGADBAJXeGQDBAFXeMAw
DAMEAVd42gMEAVd43DAMAwQCV3kkAwQAV3kmAwQCV3ksAwQBV3k4AwQCV3k8AwQA
V3lFAwQBV3lkMAwDBABXeWcDBAFXeWgDBAFXeXIDBAFXeZIDBAFXeaIDBABbXAYw
DAMEA1tcCAMEAFtcEAMEAFtcFQMEAltcGAMEAFtcQwMEAF17FgMEAF17GAMEAV17
GgMEAV17HgMEAF17JwMEAl17RDAMAwQCXXtMAwQBXXtQMAwDBAJde1QDBAVde0AD
BANde3ADBABenAIDBABenAYDBABenAgDBAFenE4DBABenIMDBANenIgDBABenJgw
DAMEAV6cmgMEAV6cnAMEAV6coAMEAV6cqAMEA16csAMEA16c6DANBgkqhkiG9w0B
AQsFAAOCAQEAVBBRFMhvxDNqvTpyclWgTCUscaNYCgj71oRLOjv7df3BbaB2k8qc
NB8cSfF+bjR7was/19xgPKYpjMlHoPyrcGqFl2rsCU2QxrNfvvYJjR/+CZsxRLdI
xvU0RjHZwPV/vcJUdDpN8+8gh+qwVX7wAkFCSUJu3GCE79RWT7F/eIZjdSpzhra7
WiJ3XG8z7rZPdDVqQPEdsLfeY3hZrEbpNi2762Ux1y5xGcP+KG3PRTlFu32sv2MZ
jjaN8YQ2VC7l25ruGpb6imEhnIwwn0EA5jloSAzs4Jtyik97QZtnpapIGWNNC5w0
67sgGVLWzq/dG0rX/+nppCJJfk33Snk9xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org