Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xFE8k0I8W88lkyoQIdOv2qkPYFw.roa
File: xFE8k0I8W88lkyoQIdOv2qkPYFw.roa (raw, json)
Hash identifier: OwDNu8jLyMWO0BHV8Y/zGHNyzzzuiFJoDdWT5QV74xI=
Subject key identifier: C4:51:3C:93:42:3C:5B:CF:25:93:2A:10:21:D3:AF:DA:A9:0F:60:5C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01835A62D97E434A9869038B6FBD1E1F3677
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xFE8k0I8W88lkyoQIdOv2qkPYFw.roa
Signing time: Tue 20 Sep 2022 10:12:51 +0000
ROA not before: Tue 20 Sep 2022 10:12:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 87.120.192.0/23 maxlen: 23
87.120.192.0/24 maxlen: 24
87.120.193.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.36.0/24 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.37.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.60.0/24 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
87.120.64.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.69.0/24 maxlen: 24
87.120.65.0/24 maxlen: 24
87.120.72.0/21 maxlen: 21
87.120.77.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.88.0/24 maxlen: 24
87.120.97.0/24 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.96.0/24 maxlen: 24
87.120.100.0/22 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
87.120.46.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
87.120.47.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
91.92.10.0/23 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.14.0/23 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.232.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.69.0/24 maxlen: 24
93.123.68.0/24 maxlen: 24
93.123.71.0/24 maxlen: 24
93.123.68.0/22 maxlen: 22
93.123.70.0/24 maxlen: 24
93.123.77.0/24 maxlen: 24
93.123.76.0/24 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.78.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.79.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
93.123.88.0/21 maxlen: 24
94.156.160.0/23 maxlen: 24
94.156.169.0/24 maxlen: 24
94.156.168.0/24 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.22.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
93.123.27.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
93.123.26.0/24 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
94.156.136.0/21 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
94.156.157.0/24 maxlen: 24
94.156.156.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.78.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
94.156.79.0/24 maxlen: 24
87.121.147.0/24 maxlen: 24
87.121.146.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.104.0/23 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/24 maxlen: 24
31.13.253.0/24 maxlen: 24
31.13.252.0/22 maxlen: 22
31.13.254.0/24 maxlen: 24
31.13.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:62:d9:7e:43:4a:98:69:03:8b:6f:bd:1e:1f:36:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 20 10:12:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4513c93423c5bcf25932a1021d3afdaa90f605c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:96:71:a6:9d:0e:ad:6f:0b:bf:67:b0:38:6f:
ae:34:9a:8c:fb:c5:b0:11:41:0d:15:b5:08:68:e4:
c9:8d:43:ca:7d:94:2a:a8:58:14:25:50:ce:85:c9:
4a:9a:f4:22:64:3b:b9:23:cd:78:17:22:68:cd:66:
e3:d6:29:24:f1:11:1c:7d:56:ef:6a:79:5a:c9:06:
08:26:12:73:44:c8:8b:f0:17:1e:99:b1:bf:3e:2d:
cd:7a:f4:db:da:4e:07:c2:fb:bb:59:8f:5a:91:d3:
cb:9e:f3:b6:c6:fd:76:11:8b:e3:0d:10:86:c2:bd:
e5:ac:76:85:e6:a2:18:53:5e:a6:1b:ca:3e:01:4f:
50:20:35:9f:3a:b3:bf:af:eb:c7:34:b9:cc:a7:41:
21:91:36:8d:a1:fd:08:c2:61:5a:74:32:72:3c:0a:
b3:a9:de:15:48:34:c4:34:1a:37:38:07:b3:4c:30:
45:04:74:39:20:50:df:fb:22:e4:00:90:84:bd:4c:
e8:b3:2b:1c:91:ef:0a:fe:bf:56:fb:68:70:2f:80:
32:d6:c6:a9:84:31:b7:11:70:a3:20:df:c4:ae:19:
a2:ce:7f:c4:b5:4b:7d:69:66:0f:c7:21:6a:16:c2:
1d:19:df:71:bb:88:5b:3c:4b:6e:02:8c:9d:44:6c:
eb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:51:3C:93:42:3C:5B:CF:25:93:2A:10:21:D3:AF:DA:A9:0F:60:5C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xFE8k0I8W88lkyoQIdOv2qkPYFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.72.0/21
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0-87.121.105.255
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.8.0/24
91.92.10.0/23
91.92.13.0-91.92.16.255
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.22.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.95.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.136.0/21
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.160.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.232.0/22
94.156.237.0-94.156.238.255
Signature Algorithm: sha256WithRSAEncryption
4d:d2:12:31:19:f5:bd:ef:e8:63:5e:74:0f:ce:e3:8a:96:a6:
22:41:ef:b4:7d:9b:5c:70:a3:11:d2:e2:a2:68:f8:37:08:4d:
2d:69:fc:1b:19:16:95:83:41:c3:df:df:70:5f:4e:b7:db:74:
c4:0a:69:36:b2:bb:d7:ea:7a:41:a1:97:d2:75:a3:7b:a7:b3:
22:77:e3:96:47:65:1f:95:95:a7:9c:22:44:f3:26:a4:fd:7c:
f4:b1:03:46:d0:61:02:a6:7a:e8:21:bf:77:88:1e:f7:eb:f3:
2a:c6:5d:ea:1b:0f:de:5a:a5:39:54:71:18:c2:f5:27:f8:8b:
84:5c:86:b2:8a:58:b3:06:80:cd:67:1d:7e:b0:cf:bb:9b:e1:
35:99:7b:db:c2:d0:0a:dd:3c:45:08:3e:f3:35:e5:ab:a9:d8:
46:44:56:4f:03:ac:01:d5:45:05:36:06:d8:83:d1:cf:1d:9b:
42:40:41:a4:26:d7:d9:00:e6:4d:3f:5a:cd:a1:3b:af:53:67:
08:2f:d4:e2:b3:5a:45:4d:c2:cc:c0:ea:da:6d:3b:0a:f9:6a:
b9:f7:d1:bd:3b:e8:68:ef:50:54:af:52:40:c2:c2:7f:96:b4:
31:08:b8:96:3e:66:23:ea:d3:7c:cc:6f:eb:d2:82:ba:66:5d:
3a:86:ea:9a
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAYNaYtl+Q0qYaQOLb70eHzZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTIwMTAxMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDUxM2M5MzQyM2M1YmNmMjU5MzJhMTAyMWQzYWZkYWE5MGY2MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJZxpp0OrW8Lv2ewOG+uNJqM+8Ww
EUENFbUIaOTJjUPKfZQqqFgUJVDOhclKmvQiZDu5I814FyJozWbj1ikk8REcfVbv
anlayQYIJhJzRMiL8BcembG/Pi3NevTb2k4Hwvu7WY9akdPLnvO2xv12EYvjDRCG
wr3lrHaF5qIYU16mG8o+AU9QIDWfOrO/r+vHNLnMp0EhkTaNof0IwmFadDJyPAqz
qd4VSDTENBo3OAezTDBFBHQ5IFDf+yLkAJCEvUzosyscke8K/r9W+2hwL4Ay1sap
hDG3EXCjIN/Erhmizn/EtUt9aWYPxyFqFsIdGd9xu4hbPEtuAoydRGzrawIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFMRRPJNCPFvPJZMqECHTr9qpD2BcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveEZFOGswSThXODhsa3lvUUlkT3YycWtQWUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
ggMEAh8N/AMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEA1d4SAMEAVd4WAMEAVd4
YAMEAld4ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwD
BAFXeTgDBAJXeTwDBABXeUUDBAFXeWQwDAMEAFd5ZwMEAVd5aAMEAVd5cgMEAVd5
kgMEAVd5ogMEAFtcBgMEAFtcCAMEAVtcCjAMAwQAW1wNAwQAW1wQAwQAW1wVAwQC
W1wYAwQAW1xDAwQAXXsWAwQAXXsYAwQBXXsaAwQBXXseAwQAXXsnAwQCXXtEMAwD
BAJde0wDBABde1AwDAMEAF17VQMEBV17QDAMAwQEXXtwAwQBXXt0AwQAXXt3AwQA
XpwCAwQAXpwGAwQAXpwIAwQBXpxOAwQAXpyDAwQDXpyIAwQAXpyYMAwDBAFenJoD
BAFenJwDBAFenKADBAFenKgwDAMEBF6csAMEAV6ctAMEAl6c6DAMAwQAXpztAwQA
XpzuMA0GCSqGSIb3DQEBCwUAA4IBAQBN0hIxGfW97+hjXnQPzuOKlqYiQe+0fZtc
cKMR0uKiaPg3CE0tafwbGRaVg0HD399wX06323TECmk2srvX6npBoZfSdaN7p7Mi
d+OWR2UflZWnnCJE8yak/Xz0sQNG0GECpnroIb93iB736/Mqxl3qGw/eWqU5VHEY
wvUn+IuEXIayilizBoDNZx1+sM+7m+E1mXvbwtAK3TxFCD7zNeWrqdhGRFZPA6wB
1UUFNgbYg9HPHZtCQEGkJtfZAOZNP1rNoTuvU2cIL9Tis1pFTcLMwOrabTsK+Wq5
99G9O+ho71BUr1JAwsJ/lrQxCLiWPmYj6tN8zG/r0oK6Zl06huqa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org