Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zjITuTAEDQwP1yGNowKJivRBAYI.roa
File: zjITuTAEDQwP1yGNowKJivRBAYI.roa (raw, json)
Hash identifier: evCSaKakAHJFF4B2DHLZbOOaqIP2KyPqyjtt1v076fg=
Subject key identifier: CE:32:13:B9:30:04:0D:0C:0F:D7:21:8D:A3:02:89:8A:F4:41:01:82
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018732681628E5EFAAF74B798462EE2A0260
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zjITuTAEDQwP1yGNowKJivRBAYI.roa
Signing time: Thu 30 Mar 2023 12:04:54 +0000
ROA not before: Thu 30 Mar 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:68:16:28:e5:ef:aa:f7:4b:79:84:62:ee:2a:02:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 30 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce3213b930040d0c0fd7218da302898af4410182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7a:9f:23:42:00:1f:cf:48:60:14:7d:4b:a7:
d0:13:53:1b:68:3b:f6:66:08:75:16:83:19:e5:78:
ee:fa:19:91:7c:0e:0b:dd:fc:0c:e8:05:97:b9:74:
ff:80:45:8f:3c:8f:95:1f:df:b8:9d:d4:e7:73:61:
a9:df:6c:06:a9:4e:d0:30:c5:08:b0:fa:7e:b4:91:
f0:1e:82:d3:86:8d:bf:9b:7d:21:4e:25:6d:b7:e1:
71:e4:ad:17:a2:4b:ab:80:ee:f1:01:9f:aa:d7:28:
12:04:d7:60:b5:33:b0:1f:26:3a:61:65:46:eb:2b:
cf:a4:a8:06:8a:cd:e4:7c:d0:f2:d9:13:7f:99:79:
0d:47:dd:0a:9f:87:73:af:ab:05:25:5c:43:21:ee:
34:87:4a:c2:3d:0d:5a:7e:cf:ea:f5:ef:79:cc:fe:
9b:3a:08:af:3d:e0:59:f4:0e:41:55:84:35:85:7b:
f4:1b:67:c1:60:84:f6:b2:4d:a9:51:86:ae:38:4a:
41:b1:6d:40:30:01:4e:6b:1d:a8:57:4b:dc:37:67:
90:5e:4e:46:0f:ed:c5:9f:d7:05:77:be:8a:91:12:
16:38:6d:6d:b1:61:0d:dc:c4:40:e0:35:5d:0e:9e:
97:52:ba:2d:5a:e8:1a:94:71:0b:f6:0a:28:6f:cc:
29:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:32:13:B9:30:04:0D:0C:0F:D7:21:8D:A3:02:89:8A:F4:41:01:82
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zjITuTAEDQwP1yGNowKJivRBAYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
45.9.208.0/22
45.143.100.0/22
87.120.46.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.86.0/23
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
40:7c:30:c5:a1:63:ac:95:16:45:e4:71:cb:34:95:9b:5c:e8:
f9:cb:fa:d2:27:5e:bc:ef:18:3a:71:48:cd:09:d8:6e:03:93:
41:a5:0e:1d:75:ec:f6:83:9f:a9:bb:83:0e:78:1d:7c:47:f9:
62:84:39:d1:61:31:bd:5c:0d:b5:66:0a:d2:13:76:da:93:92:
4f:04:1e:78:c5:75:d2:eb:3c:b4:e5:d3:8a:ef:74:ae:d8:82:
6f:c9:73:50:fe:e4:da:9a:ff:1d:69:03:21:74:bd:19:9e:d5:
61:d5:dc:0c:b0:79:27:60:28:61:c7:44:47:ae:4d:24:bb:dd:
38:e0:9e:70:3d:d9:a5:b8:fd:2f:28:3d:08:4a:33:65:52:df:
16:50:c4:01:62:a6:ba:b7:b9:73:04:a8:15:d4:65:83:33:ab:
96:5e:3a:47:41:00:6d:af:ad:8a:3a:de:3a:3b:c0:fa:80:f3:
9f:e8:e9:af:8f:81:ba:5b:a1:31:4e:0f:3c:20:50:c5:fe:6d:
65:61:9e:a1:3d:a1:8c:b1:81:74:8b:eb:84:98:bf:be:24:f8:
f3:c1:c2:df:49:e4:b1:f5:03:9c:66:82:97:69:1e:4a:b4:d5:
ab:17:a8:0e:6b:90:26:99:63:6f:d1:fd:33:32:20:20:a6:75:
65:8c:4b:ed
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYcyaBYo5e+q90t5hGLuKgJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzMwMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTMyMTNiOTMwMDQwZDBjMGZkNzIxOGRhMzAyODk4YWY0NDEwMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnqfI0IAH89IYBR9S6fQE1MbaDv2
Zgh1FoMZ5Xju+hmRfA4L3fwM6AWXuXT/gEWPPI+VH9+4ndTnc2Gp32wGqU7QMMUI
sPp+tJHwHoLTho2/m30hTiVtt+Fx5K0XokurgO7xAZ+q1ygSBNdgtTOwHyY6YWVG
6yvPpKgGis3kfNDy2RN/mXkNR90Kn4dzr6sFJVxDIe40h0rCPQ1afs/q9e95zP6b
OgivPeBZ9A5BVYQ1hXv0G2fBYIT2sk2pUYauOEpBsW1AMAFOax2oV0vcN2eQXk5G
D+3Fn9cFd76KkRIWOG1tsWEN3MRA4DVdDp6XUrotWugalHEL9goob8wpTwIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFM4yE7kwBA0MD9chjaMCiYr0QQGCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvempJVHVUQUVEUXdQMXlHTm93S0ppdlJCQVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAh8N/AMEASWLggMEAi0J0AMEAi2PZAMEAVd4LgMEAVd4YAMEAVd4wAMEAFd4
2zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgDBAFXeXIDBAFXeZID
BABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMDBABdexgDBAFdexoDBAFdex4D
BAJde0QwDAMEAl17TAMEAF17UAMEAV17VjAMAwQEXXtwAwQBXXt0AwQAXXt3AwQB
XpqgAwQAXpqtAwQAXpwCAwQAXpyDAwQAXpyYAwQBXpyaAwQBXpyoMAwDBARenLAD
BAFenLQwDAMEAF6c7QMEAF6c7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAMEZ
2wMEAMEvPgMEAME6eQMEAME6ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0B
AQsFAAOCAQEAQHwwxaFjrJUWReRxyzSVm1zo+cv60idevO8YOnFIzQnYbgOTQaUO
HXXs9oOfqbuDDngdfEf5YoQ50WExvVwNtWYK0hN22pOSTwQeeMV10us8tOXTiu90
rtiCb8lzUP7k2pr/HWkDIXS9GZ7VYdXcDLB5J2AoYcdER65NJLvdOOCecD3Zpbj9
Lyg9CEozZVLfFlDEAWKmure5cwSoFdRlgzOrll46R0EAba+tijreOjvA+oDzn+jp
r4+BuluhMU4PPCBQxf5tZWGeoT2hjLGBdIvrhJi/viT488HC30nksfUDnGaCl2ke
SrTVqxeoDmuQJpljb9H9MzIgIKZ1ZYxL7Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-ams.rpki-client.org