Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zwXID4ubuwdvM4fQk44EgEkjuB8.roa
File: zwXID4ubuwdvM4fQk44EgEkjuB8.roa (raw, json)
Hash identifier: +vL5Tq+ngAo3a/PPAWNFVtObck8QDp76CguR4+i217o=
Subject key identifier: CF:05:C8:0F:8B:9B:BB:07:6F:33:87:D0:93:8E:04:80:49:23:B8:1F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186C7B5EF759D3FC3114C644DF8D29F5DFD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zwXID4ubuwdvM4fQk44EgEkjuB8.roa
Signing time: Thu 09 Mar 2023 18:50:34 +0000
ROA not before: Thu 09 Mar 2023 18:50:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
93.123.86.0/23 maxlen: 24
94.156.168.0/23 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
93.123.24.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
87.120.32.0/22 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
94.156.131.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.95.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
94.156.78.0/23 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
31.13.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:b5:ef:75:9d:3f:c3:11:4c:64:4d:f8:d2:9f:5d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 9 18:50:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf05c80f8b9bbb076f3387d0938e04804923b81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:ac:d6:3c:7d:36:97:ce:08:7b:64:2f:91:
a6:69:8a:a8:ac:ca:28:bb:cb:79:8b:4a:77:66:f1:
ec:a1:58:98:67:93:b5:14:24:ad:dc:4c:b8:20:62:
38:fa:f0:25:4d:dd:d4:b8:75:01:89:dc:84:03:bc:
74:6f:1d:91:3c:70:4c:15:4b:5c:fc:c4:1f:c7:49:
40:85:60:09:f7:0a:0f:89:e4:1f:09:e4:ac:f6:f1:
5a:30:e3:16:67:bb:73:d5:72:94:ee:3b:d9:a4:d7:
a3:11:58:87:24:b3:e9:1e:b5:d9:ff:f3:66:fe:0d:
14:f6:72:e5:45:e2:a8:33:55:10:d2:85:1c:65:e5:
bb:4a:3e:e5:91:c0:ea:b6:80:58:e5:78:1b:6d:36:
36:a3:4e:40:e9:fb:b2:9a:e8:e7:8a:24:df:0d:53:
df:62:51:b1:2c:24:92:12:0b:12:f8:38:e7:1d:61:
c5:09:d8:be:36:79:dc:1e:b9:c5:3d:09:49:a8:b0:
6d:01:75:c2:2f:43:83:fc:2a:d0:6c:cf:1f:69:55:
c3:06:f5:c3:37:d5:d8:50:7f:93:5f:84:f3:62:16:
37:0f:45:bd:f5:1b:f1:73:39:4b:1b:c9:bb:63:ab:
98:00:4b:08:80:58:be:cb:b7:37:9d:39:ee:28:9c:
63:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:05:C8:0F:8B:9B:BB:07:6F:33:87:D0:93:8E:04:80:49:23:B8:1F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zwXID4ubuwdvM4fQk44EgEkjuB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.252.0/22
37.139.130.0/23
45.8.95.0/24
45.9.208.0/22
45.143.100.0/22
87.120.32.0/22
87.120.46.0/23
87.120.64.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.21.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.39.0/24
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.86.0/23
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.8.0/24
94.156.78.0/23
94.156.131.0/24
94.156.152.0/24
94.156.154.0/23
94.156.168.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
88:f4:a2:a3:8e:a3:5c:80:7d:1c:86:67:2a:19:80:5e:98:39:
d6:71:61:1f:d3:e0:b9:5e:94:a6:4f:5e:02:cf:db:0a:b5:fb:
c0:22:b5:db:cc:bd:ee:9b:b8:74:31:b3:ac:03:48:c4:a4:3f:
01:17:5e:ab:b9:54:fe:53:ca:8f:dc:b8:ee:5d:14:62:77:cf:
fa:87:f1:f2:c4:ab:c5:22:7f:87:de:70:14:4c:a8:18:90:b0:
0e:e9:40:63:50:87:43:44:30:b9:86:61:44:d0:ba:0f:5a:e3:
b9:9c:0b:5c:ff:8e:65:a7:45:52:1a:60:af:25:ed:11:9d:a0:
22:39:54:68:cd:09:67:bd:20:4d:db:4b:d8:20:0f:ad:4e:c4:
a9:69:3a:87:2f:18:63:d2:5d:fd:33:46:ca:b6:5b:ea:15:68:
1b:38:25:00:64:63:d8:0b:36:62:69:26:7d:68:cb:cd:9a:4e:
40:3a:0d:0f:c9:9a:fe:7f:ba:1c:52:b8:f4:03:a0:26:72:3b:
68:4e:36:2f:90:47:74:9c:74:ec:0a:02:a8:ce:79:b6:28:53:
95:fb:b8:ce:91:62:fa:ba:ae:b1:fa:9a:02:f9:64:b8:19:9f:
62:4a:25:e2:91:7c:a0:75:34:22:c6:2c:50:8d:84:45:32:71:
b8:fa:30:03
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgISAYbHte91nT/DEUxkTfjSn139MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzA5MTg1MDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA1YzgwZjhiOWJiYjA3NmYzMzg3ZDA5MzhlMDQ4MDQ5MjNiODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgus1jx9NpfOCHtkL5GmaYqorMoo
u8t5i0p3ZvHsoViYZ5O1FCSt3Ey4IGI4+vAlTd3UuHUBidyEA7x0bx2RPHBMFUtc
/MQfx0lAhWAJ9woPieQfCeSs9vFaMOMWZ7tz1XKU7jvZpNejEViHJLPpHrXZ//Nm
/g0U9nLlReKoM1UQ0oUcZeW7Sj7lkcDqtoBY5XgbbTY2o05A6fuymujniiTfDVPf
YlGxLCSSEgsS+DjnHWHFCdi+NnncHrnFPQlJqLBtAXXCL0OD/CrQbM8faVXDBvXD
N9XYUH+TX4TzYhY3D0W99RvxczlLG8m7Y6uYAEsIgFi+y7c3nTnuKJxjWQIDAQAB
o4IDdTCCA3EwHQYDVR0OBBYEFM8FyA+Lm7sHbzOH0JOOBIBJI7gfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvendYSUQ0dWJ1d2R2TTRmUWs0NEVnRWtqdUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiQYIKwYBBQUHAQcBAf8EggF4MIIBdDCCAXAEAgABMIIB
aAMEAh8N/AMEASWLggMEAC0IXwMEAi0J0AMEAi2PZAMEAld4IAMEAVd4LgMEAVd4
QAMEAVd4YAMEAVd4wAMEAFd42zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcD
BABXeWgDBAFXeXIDBAFXeZIDBABXeaMDBABbXBADBABbXBUDBAFbXBoDBABbXEMD
BABdexgDBAFdexoDBAFdex4DBABdeycDBAJde0QwDAMEAl17TAMEAF17UAMEAV17
VjAMAwQEXXtwAwQBXXt0AwQAXXt3AwQBXpqgAwQAXpqtAwQAXpwCAwQAXpwIAwQB
XpxOAwQAXpyDAwQAXpyYAwQBXpyaAwQBXpyoMAwDBARenLADBAFenLQwDAMEAF6c
7QMEAF6c7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAMEZ2wMEAMEvPgMEAME6
eQMEAME6ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEAiPSi
o46jXIB9HIZnKhmAXpg51nFhH9PguV6Upk9eAs/bCrX7wCK128y97pu4dDGzrANI
xKQ/ARdeq7lU/lPKj9y47l0UYnfP+ofx8sSrxSJ/h95wFEyoGJCwDulAY1CHQ0Qw
uYZhRNC6D1rjuZwLXP+OZadFUhpgryXtEZ2gIjlUaM0JZ70gTdtL2CAPrU7EqWk6
hy8YY9Jd/TNGyrZb6hVoGzglAGRj2As2YmkmfWjLzZpOQDoND8ma/n+6HFK49AOg
JnI7aE42L5BHdJx07AoCqM55tihTlfu4zpFi+rqusfqaAvlkuBmfYkol4pF8oHU0
IsYsUI2ERTJxuPowAw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-ams.rpki-client.org