Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vtFklNO7KWrbvzmmrIVWSIJ_L1c.roa
File: vtFklNO7KWrbvzmmrIVWSIJ_L1c.roa (raw, json)
Hash identifier: Qugmz/kPhYOSEikZt3fkwMXwE28h9ZHCA2y9bmfB08k=
Subject key identifier: BE:D1:64:94:D3:BB:29:6A:DB:BF:39:A6:AC:85:56:48:82:7F:2F:57
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0183E67D91E71A2521FD4BB8811906D217C5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vtFklNO7KWrbvzmmrIVWSIJ_L1c.roa
Signing time: Mon 17 Oct 2022 15:08:52 +0000
ROA not before: Mon 17 Oct 2022 15:08:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
92.249.50.0/24 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
185.218.136.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
193.42.34.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
94.156.168.0/23 maxlen: 24
193.42.33.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
194.180.37.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
193.35.18.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.237.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.160.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
193.222.98.0/23 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.103.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:7d:91:e7:1a:25:21:fd:4b:b8:81:19:06:d2:17:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 17 15:08:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bed16494d3bb296adbbf39a6ac855648827f2f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2d:44:29:b2:02:e9:9a:b2:f5:93:73:c1:77:
e4:c9:c0:cf:b1:42:46:79:38:0f:9c:a0:8a:6f:df:
42:9f:ed:c4:67:b7:2f:c1:5e:1a:ca:cf:05:9a:68:
d2:2e:fa:58:dd:26:b4:bf:63:c4:f6:39:a1:55:85:
c7:02:5a:44:4b:80:30:17:b7:69:4a:3a:01:61:99:
d3:05:ea:c0:7b:7d:80:4a:00:07:a8:a6:76:c8:7c:
47:f6:77:5c:03:c5:1d:7f:68:6b:80:04:fa:52:30:
31:5f:b3:a3:f6:4b:8f:23:1a:7a:80:b2:78:79:41:
24:56:5a:b5:6a:af:71:11:67:fa:78:05:c4:6e:cd:
4a:7e:3b:84:43:5d:93:48:f6:84:26:73:8f:a6:57:
3a:2a:3f:1b:80:db:5f:90:4b:cf:27:70:a9:9f:30:
b9:fd:b6:5c:85:7e:39:ff:3d:35:00:93:06:b5:56:
01:08:86:9b:69:38:0a:8c:8c:e8:d0:71:e5:8c:21:
d8:fa:82:1f:d4:19:86:34:52:be:e2:bc:31:79:35:
95:0f:1b:d3:93:be:e2:a2:1e:5b:1a:62:3b:c0:de:
b9:47:5f:fa:ad:9e:5a:7c:0b:24:31:b4:51:b7:48:
8e:57:22:dc:41:28:1e:1f:b2:93:46:4e:22:27:49:
db:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D1:64:94:D3:BB:29:6A:DB:BF:39:A6:AC:85:56:48:82:7F:2F:57
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vtFklNO7KWrbvzmmrIVWSIJ_L1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
79.110.48.0/24
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0/24
87.121.114.0/23
87.121.146.0/23
87.121.160.0/24
87.121.162.0/23
87.121.220.0/23
91.92.6.0/24
91.92.16.0/24
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
92.249.50.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.87.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.103.126.0/24
94.154.160.0/23
94.154.163.0/24
94.154.173.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.236.0-178.215.238.255
185.218.136.0/23
185.246.223.0/24
185.252.177.0/24
193.25.219.0/24
193.35.18.0/24
193.37.42.0/24
193.37.47.0/24
193.42.32.0/22
193.47.62.0/24
193.58.120.0/22
193.222.98.0/23
194.180.37.0-194.180.39.255
Signature Algorithm: sha256WithRSAEncryption
49:72:69:f1:ec:54:7e:96:b4:b9:78:1c:7b:d6:81:49:02:46:
76:d7:21:fc:75:0d:28:e8:4e:10:8c:4e:bb:17:1a:65:d1:cb:
45:96:a7:3b:0c:79:7e:0e:98:4c:09:fb:90:b4:3f:a1:db:05:
9c:a3:94:76:cb:65:8b:92:0d:3c:d3:e0:d7:42:ac:db:78:43:
ef:fe:44:b2:45:3c:2f:55:3f:6a:55:48:41:93:8e:e9:df:17:
77:72:27:b4:d3:96:9a:66:cf:b2:b5:a8:96:98:28:5c:18:c2:
36:c3:67:52:86:a0:59:f2:3c:dc:68:64:58:5c:69:f6:46:94:
93:71:59:05:6e:25:c8:ab:9b:6e:da:9a:3a:76:fb:4e:7d:bc:
76:60:7e:5d:ca:e8:25:ae:b6:dd:03:a7:74:b8:19:cd:e7:e2:
66:88:68:d4:8b:4d:76:ab:c7:4a:1c:7d:1b:4c:25:e3:77:76:
81:07:76:4f:32:d7:3d:87:d1:45:51:e5:01:14:f8:96:08:8b:
59:ee:44:df:a3:eb:4e:cb:d4:30:d5:06:08:b3:6e:0c:29:c9:
42:8b:6b:36:e3:88:b9:84:72:a2:22:c4:eb:bb:ac:40:50:18:
e2:38:ec:db:e7:de:45:0c:00:77:66:a9:a0:50:a7:93:bc:90:
46:57:0d:86
-----BEGIN CERTIFICATE-----
MIIG3TCCBcWgAwIBAgISAYPmfZHnGiUh/Uu4gRkG0hfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDE3MTUwODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQxNjQ5NGQzYmIyOTZhZGJiZjM5YTZhYzg1NTY0ODgyN2YyZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny1EKbIC6Zqy9ZNzwXfkycDPsUJG
eTgPnKCKb99Cn+3EZ7cvwV4ays8FmmjSLvpY3Sa0v2PE9jmhVYXHAlpES4AwF7dp
SjoBYZnTBerAe32ASgAHqKZ2yHxH9ndcA8Udf2hrgAT6UjAxX7Oj9kuPIxp6gLJ4
eUEkVlq1aq9xEWf6eAXEbs1KfjuEQ12TSPaEJnOPplc6Kj8bgNtfkEvPJ3CpnzC5
/bZchX45/z01AJMGtVYBCIabaTgKjIzo0HHljCHY+oIf1BmGNFK+4rwxeTWVDxvT
k77ioh5bGmI7wN65R1/6rZ5afAskMbRRt0iOVyLcQSgeH7KTRk4iJ0nbmwIDAQAB
o4ID6TCCA+UwHQYDVR0OBBYEFL7RZJTTuylq2785pqyFVkiCfy9XMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdnRGa2xOTzdLV3JidnptbXJJVldTSUpfTDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/QYIKwYBBQUHAQcBAf8EggHsMIIB6DCCAeQEAgABMIIB
3AMEAh8N/AMEAE9uMAMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEAVd4WAMEAVd4
YAMEAld4ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwD
BAFXeTgDBAJXeTwDBABXeUUDBAFXeWQDBABXeWcDBAFXeXIDBAFXeZIDBABXeaAD
BAFXeaIDBAFXedwDBABbXAYDBABbXBADBABbXBUDBAJbXBgDBABbXEMDBABc+TID
BABdexYDBABdexgDBAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17
UDAMAwQAXXtVAwQDXXtQMAwDBARde3ADBAFde3QDBABde3cDBABeZ34DBAFemqAD
BABemqMDBABemq0DBABenAIDBABenAYDBABenAgDBAFenE4DBABenIMDBABenJgw
DAMEAV6cmgMEAV6cnAMEAV6cqDAMAwQEXpywAwQBXpy0MAwDBABenO0DBABenO4w
DAMEArLX7AMEALLX7gMEAbnaiAMEALn23wMEALn8sQMEAMEZ2wMEAMEjEgMEAMEl
KgMEAMElLwMEAsEqIAMEAMEvPgMEAsE6eAMEAcHeYjAMAwQAwrQlAwQDwrQgMA0G
CSqGSIb3DQEBCwUAA4IBAQBJcmnx7FR+lrS5eBx71oFJAkZ21yH8dQ0o6E4QjE67
Fxpl0ctFlqc7DHl+DphMCfuQtD+h2wWco5R2y2WLkg080+DXQqzbeEPv/kSyRTwv
VT9qVUhBk47p3xd3cie005aaZs+ytaiWmChcGMI2w2dShqBZ8jzcaGRYXGn2RpST
cVkFbiXIq5tu2po6dvtOfbx2YH5dyuglrrbdA6d0uBnN5+JmiGjUi012q8dKHH0b
TCXjd3aBB3ZPMtc9h9FFUeUBFPiWCItZ7kTfo+tOy9Qw1QYIs24MKclCi2s244i5
hHKiIsTru6xAUBjiOOzb595FDAB3ZqmgUKeTvJBGVw2G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org