Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xc1pzoj366uEjwBUdr459KUxIRw.roa
File: xc1pzoj366uEjwBUdr459KUxIRw.roa (raw, json)
Hash identifier: xMeElD26Fqd+cThEBh7I0e1uI7LkqawzLz/8BVucRt4=
Subject key identifier: C5:CD:69:CE:88:F7:EB:AB:84:8F:00:54:76:BE:39:F4:A5:31:21:1C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018438471455DE5D1ED38B9023BA6489DA17
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xc1pzoj366uEjwBUdr459KUxIRw.roa
Signing time: Wed 02 Nov 2022 12:18:13 +0000
ROA not before: Wed 02 Nov 2022 12:18:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.44.0/22 maxlen: 24
87.121.56.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.218.0/23 maxlen: 24
87.120.220.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.88.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
87.120.100.0/22 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.6.0/24 maxlen: 24
94.156.6.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.24.0/22 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.162.0/23 maxlen: 24
87.121.69.0/24 maxlen: 24
87.121.100.0/23 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:47:14:55:de:5d:1e:d3:8b:90:23:ba:64:89:da:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 2 12:18:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5cd69ce88f7ebab848f005476be39f4a531211c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:73:e0:0d:4c:a7:7a:30:42:59:65:f5:50:de:
cd:8e:de:60:61:77:03:d3:00:af:e9:67:18:42:c3:
c8:aa:08:0d:b6:21:33:73:6b:fd:c6:4d:1a:18:df:
85:3f:8f:16:d3:70:84:be:07:15:d7:65:7c:fc:fb:
ba:f8:4f:67:5e:45:68:1f:42:cd:31:fd:af:ed:31:
ca:08:e1:50:09:6b:65:21:b1:49:0c:1f:dd:1c:da:
64:eb:e4:53:04:61:b8:64:33:98:6c:86:c4:4e:e1:
b9:68:40:d8:fc:44:87:30:ca:6d:b8:78:68:36:08:
56:1c:6f:c0:4d:42:13:26:5a:df:b0:f8:ba:1d:17:
e4:4b:b0:f0:b3:ac:ac:fc:26:b0:66:ab:43:21:3c:
a7:94:7c:69:77:0c:65:71:b7:52:de:50:3b:ef:2b:
ec:f6:b4:40:9d:1f:20:b9:c9:f5:dc:56:5e:18:d5:
ca:96:d1:25:56:0f:c4:5d:6d:70:de:f8:f3:94:2b:
fe:e2:79:f7:f6:57:3b:a6:fc:9e:48:39:44:38:31:
6a:c9:90:9d:10:ec:ee:64:ab:99:e0:b1:d8:b6:2f:
c9:86:d4:bf:cd:0a:f2:82:04:90:d8:17:cd:a0:4a:
7e:d3:a4:1d:59:c1:74:91:65:a7:ef:72:48:54:cb:
e7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CD:69:CE:88:F7:EB:AB:84:8F:00:54:76:BE:39:F4:A5:31:21:1C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xc1pzoj366uEjwBUdr459KUxIRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.68.0/23
87.120.88.0/23
87.120.96.0/23
87.120.100.0/22
87.120.192.0/23
87.120.218.0-87.120.221.255
87.121.36.0-87.121.38.255
87.121.44.0/22
87.121.56.0/23
87.121.60.0/22
87.121.69.0/24
87.121.100.0/23
87.121.103.0/24
87.121.114.0/23
87.121.146.0/23
87.121.162.0/23
91.92.6.0/24
91.92.16.0/24
91.92.21.0/24
91.92.24.0/22
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.85.0-93.123.87.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.156.2.0/24
94.156.6.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0-94.156.157.255
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
193.25.219.0/24
193.58.121.0/24
193.58.123.0/24
194.180.38.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:dc:b4:36:51:48:45:75:5e:88:49:55:9a:6d:b6:e8:df:f8:
4a:fa:21:77:e0:c1:04:c9:dd:34:bd:a5:a8:e4:6a:72:af:47:
82:16:e4:23:76:f2:bb:1b:81:87:c9:76:7d:b8:8d:fb:40:08:
9e:27:12:1a:69:7a:34:09:1a:57:22:f1:42:10:16:bf:75:51:
31:3e:fb:55:ac:28:50:ad:eb:47:9e:62:3f:7b:b7:66:4a:68:
7e:dd:1c:52:76:d5:d4:0c:c6:da:ef:bb:5a:0e:7c:18:90:f7:
73:32:f5:c0:21:d7:46:57:d5:64:c9:c9:5a:17:34:4b:48:6f:
8e:52:d7:93:1a:ee:b5:98:73:79:31:88:91:62:f0:c5:ba:db:
f2:e5:9e:88:bb:ae:57:c7:91:76:7e:e8:86:e0:42:5d:91:27:
4d:74:a6:ea:28:84:06:dd:44:ea:05:65:7e:e8:52:bd:b5:64:
db:fd:e5:bc:39:55:66:cb:34:ac:6a:63:2c:b8:0d:64:8e:e2:
ed:9d:b8:e2:70:4e:ce:ea:f0:33:41:df:ec:a1:99:84:4e:8c:
ad:3d:59:29:fa:88:92:24:03:e7:dd:53:d2:9d:e6:d2:df:63:
63:78:83:bb:0f:42:ad:52:27:bc:70:f4:2b:20:27:d5:e1:87:
fa:23:9a:e3
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgISAYQ4RxRV3l0e04uQI7pkidoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTAyMTIxODEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNkNjljZTg4ZjdlYmFiODQ4ZjAwNTQ3NmJlMzlmNGE1MzEyMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXPgDUynejBCWWX1UN7Njt5gYXcD
0wCv6WcYQsPIqggNtiEzc2v9xk0aGN+FP48W03CEvgcV12V8/Pu6+E9nXkVoH0LN
Mf2v7THKCOFQCWtlIbFJDB/dHNpk6+RTBGG4ZDOYbIbETuG5aEDY/ESHMMptuHho
NghWHG/ATUITJlrfsPi6HRfkS7Dws6ys/CawZqtDITynlHxpdwxlcbdS3lA77yvs
9rRAnR8gucn13FZeGNXKltElVg/EXW1w3vjzlCv+4nn39lc7pvyeSDlEODFqyZCd
EOzuZKuZ4LHYti/JhtS/zQryggSQ2BfNoEp+06QdWcF0kWWn73JIVMvndQIDAQAB
o4IDczCCA28wHQYDVR0OBBYEFMXNac6I9+urhI8AVHa+OfSlMSEcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveGMxcHpvajM2NnVFandCVWRyNDU5S1V4SVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhwYIKwYBBQUHAQcBAf8EggF2MIIBcjCCAW4EAgABMIIB
ZgMEAh8N/AMEAld4IAMEAVd4LgMEAVd4QAMEAVd4RAMEAVd4WAMEAVd4YAMEAld4
ZAMEAVd4wDAMAwQBV3jaAwQBV3jcMAwDBAJXeSQDBABXeSYDBAJXeSwDBAFXeTgD
BAJXeTwDBABXeUUDBAFXeWQDBABXeWcDBAFXeXIDBAFXeZIDBAFXeaIDBABbXAYD
BABbXBADBABbXBUDBAJbXBgDBABbXEMDBABdexgDBAFdexoDBAFdex4DBABdeycD
BAJde0QwDAMEAl17TAMEAF17UDAMAwQAXXtVAwQDXXtQMAwDBARde3ADBAFde3QD
BABde3cDBABenAIDBABenAYDBABenAgDBAFenE4DBABenIMDBABenJgwDAMEAV6c
mgMEAV6cnAMEAV6cqDAMAwQEXpywAwQBXpy0MAwDBABenO0DBABenO4DBACy1+4D
BADBGdsDBADBOnkDBADBOnsDBAHCtCYwDQYJKoZIhvcNAQELBQADggEBAG3ctDZR
SEV1XohJVZpttujf+Er6IXfgwQTJ3TS9pajkanKvR4IW5CN28rsbgYfJdn24jftA
CJ4nEhppejQJGlci8UIQFr91UTE++1WsKFCt60eeYj97t2ZKaH7dHFJ21dQMxtrv
u1oOfBiQ93My9cAh10ZX1WTJyVoXNEtIb45S15Ma7rWYc3kxiJFi8MW62/Llnoi7
rlfHkXZ+6IbgQl2RJ010puoohAbdROoFZX7oUr21ZNv95bw5VWbLNKxqYyy4DWSO
4u2duOJwTs7q8DNB3+yhmYROjK09WSn6iJIkA+fdU9Kd5tLfY2N4g7sPQq1SJ7xw
9CsgJ9Xhh/ojmuM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org