Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tOtBTcUc9g0HPew2PigEHgw_sNQ.roa
File: tOtBTcUc9g0HPew2PigEHgw_sNQ.roa (raw, json)
Hash identifier: eB44VDffiNs6VCG86CP3gN7g82izm1yNFfVtSBStWV4=
Subject key identifier: B4:EB:41:4D:C5:1C:F6:0D:07:3D:EC:36:3E:28:04:1E:0C:3F:B0:D4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184E621DB5125A4B144FB30FDC16D522BA2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tOtBTcUc9g0HPew2PigEHgw_sNQ.roa
Signing time: Tue 06 Dec 2022 06:31:29 +0000
ROA not before: Tue 06 Dec 2022 06:31:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
193.42.32.0/24 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
194.55.187.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
94.103.126.0/24 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.103.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:21:db:51:25:a4:b1:44:fb:30:fd:c1:6d:52:2b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 6 06:31:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4eb414dc51cf60d073dec363e28041e0c3fb0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:82:9c:21:8e:fe:96:c4:2f:bf:fd:10:41:
fc:04:a8:fc:d7:d8:a2:e2:44:d5:5c:2a:5f:40:d8:
c2:2d:7c:e2:36:ce:3e:bb:65:b0:7b:95:22:5a:7e:
1a:41:f6:1f:2e:90:aa:18:78:a3:67:60:51:d3:cb:
11:d6:60:48:58:c9:a2:66:9d:40:7c:a1:73:27:0a:
4f:c4:7f:31:f9:fc:ae:c1:ed:41:ee:49:f7:2a:87:
de:a8:08:d6:66:42:c1:d5:99:b2:24:bc:4c:c7:0c:
80:45:9f:e9:d1:6d:d3:d1:95:3c:c0:c3:32:28:79:
49:e5:6a:c6:99:66:d8:fc:68:9e:7a:69:dd:4c:10:
5c:ee:fb:fb:77:9e:c0:fc:cc:49:4f:90:59:fa:2d:
77:b1:9b:56:6b:3d:ec:a8:e6:88:77:12:cb:c6:e1:
d1:53:29:0c:ca:b6:86:46:72:a4:0c:d9:cd:99:a6:
38:6a:2c:4c:63:92:6f:58:20:8e:65:f4:92:28:19:
ad:b9:81:0b:7b:06:1c:e4:85:1d:c5:4b:f7:73:10:
f4:04:fa:42:64:5f:5f:f3:d3:76:cd:90:f4:a9:24:
78:62:8b:22:e4:fb:e0:e7:c8:39:14:7a:32:be:66:
5e:fb:98:58:2d:28:db:b9:39:e8:db:79:e6:e3:3b:
3c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EB:41:4D:C5:1C:F6:0D:07:3D:EC:36:3E:28:04:1E:0C:3F:B0:D4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tOtBTcUc9g0HPew2PigEHgw_sNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0/24
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
87.121.221.0/24
91.92.16.0/24
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.87.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.103.126.0/24
94.154.160.0/23
94.154.163.0/24
94.154.173.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.236.0/24
178.215.238.0/24
185.246.223.0/24
185.252.177.0/24
193.25.219.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
193.222.97.0/24
194.48.249.0/24
194.55.187.0/24
194.55.226.0/24
194.169.172.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a8:2a:55:2b:d3:bb:08:50:81:f9:59:af:14:92:4e:2b:65:
55:0b:20:52:bb:9e:49:46:53:6a:2a:8d:e5:59:4d:5f:32:9f:
f1:05:7d:7d:23:c8:56:66:a9:62:c6:8a:4b:1d:38:a3:4b:78:
35:52:68:47:34:e4:a6:e0:b5:ee:1a:e9:48:42:1a:15:a4:a0:
c3:0f:98:30:67:bc:2b:6e:fb:78:dd:13:8a:7e:96:13:cb:40:
39:69:36:41:a9:e5:f8:1f:ae:78:58:a1:d4:ca:a3:4f:9f:62:
c6:6b:5f:59:2d:d8:4b:d4:21:be:56:c7:95:8e:4c:12:a0:2d:
08:9b:a2:1e:21:52:eb:17:22:a1:83:cb:dd:9a:df:8e:97:78:
56:25:bd:cc:25:78:b2:54:99:bd:8e:bd:40:6f:42:b2:40:b8:
62:43:f4:6e:4c:a1:22:c9:58:6c:97:80:42:31:78:72:1f:ac:
b8:39:17:77:2c:07:73:b8:35:fb:5f:bf:05:f4:42:39:54:94:
55:8a:29:83:12:1b:10:ab:ab:ee:fc:7d:19:ac:f0:6c:ad:65:
86:95:73:ea:a1:64:ee:14:27:0b:5c:6e:68:d5:11:1f:f3:6e:
2a:b3:2b:3e:ab:8d:8f:be:18:1f:23:39:09:1f:aa:ac:8f:ea:
39:4d:f1:cb
-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgISAYTmIdtRJaSxRPsw/cFtUiuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjA2MDYzMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGViNDE0ZGM1MWNmNjBkMDczZGVjMzYzZTI4MDQxZTBjM2ZiMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfyCnCGO/pbEL7/9EEH8BKj819ii
4kTVXCpfQNjCLXziNs4+u2Wwe5UiWn4aQfYfLpCqGHijZ2BR08sR1mBIWMmiZp1A
fKFzJwpPxH8x+fyuwe1B7kn3KofeqAjWZkLB1ZmyJLxMxwyARZ/p0W3T0ZU8wMMy
KHlJ5WrGmWbY/GieemndTBBc7vv7d57A/MxJT5BZ+i13sZtWaz3sqOaIdxLLxuHR
UykMyraGRnKkDNnNmaY4aixMY5JvWCCOZfSSKBmtuYELewYc5IUdxUv3cxD0BPpC
ZF9f89N2zZD0qSR4Yosi5Pvg58g5FHoyvmZe+5hYLSjbuTno23nm4zs8twIDAQAB
o4ID2TCCA9UwHQYDVR0OBBYEFLTrQU3FHPYNBz3sNj4oBB4MP7DUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdE90QlRjVWM5ZzBIUGV3MlBpZ0VIZ3dfc05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB7QYIKwYBBQUHAQcBAf8EggHcMIIB2DCCAdQEAgABMIIB
zAMEAh8N/AMEASWLggMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEAVd4WAMEAVd4
YAMEAld4ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwD
BAFXeTgDBAJXeTwDBABXeUUDBAFXeWQDBABXeWcDBAFXeXIDBAFXeZIDBAFXeaID
BABXed0DBABbXBADBABbXBUDBAJbXBgDBABbXEMDBABdexgDBAFdexoDBAFdex4D
BABdeycDBAJde0QwDAMEAl17TAMEAF17UDAMAwQAXXtVAwQDXXtQMAwDBARde3AD
BAFde3QDBABde3cDBABeZ34DBAFemqADBABemqMDBABemq0DBABenAIDBABenAYD
BABenAgDBAFenE4DBABenIMDBABenJgwDAMEAV6cmgMEAV6cnAMEAV6cqDAMAwQE
XpywAwQBXpy0MAwDBABenO0DBABenO4DBACy1+wDBACy1+4DBAC59t8DBAC5/LED
BADBGdsDBADBJSoDBADBJS8DBADBKiADBADBLz4DBADBOnkDBADBOnsDBADB3mED
BADCMPkDBADCN7sDBADCN+IDBADCqawDBADUV80wDQYJKoZIhvcNAQELBQADggEB
AAWoKlUr07sIUIH5Wa8Ukk4rZVULIFK7nklGU2oqjeVZTV8yn/EFfX0jyFZmqWLG
iksdOKNLeDVSaEc05Kbgte4a6UhCGhWkoMMPmDBnvCtu+3jdE4p+lhPLQDlpNkGp
5fgfrnhYodTKo0+fYsZrX1kt2EvUIb5Wx5WOTBKgLQiboh4hUusXIqGDy92a346X
eFYlvcwleLJUmb2OvUBvQrJAuGJD9G5MoSLJWGyXgEIxeHIfrLg5F3csB3O4Nftf
vwX0QjlUlFWKKYMSGxCrq+78fRms8GytZYaVc+qhZO4UJwtcbmjVER/zbiqzKz6r
jY++GB8jOQkfqqyP6jlN8cs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org