Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3wjSG_uGgifp-meqz85uzi6qc4A.roa
File: 3wjSG_uGgifp-meqz85uzi6qc4A.roa (raw, json)
Hash identifier: cf4thAr5wfPcetd6CxaoA5js+f6fcR1e/0w9HFVyTIw=
Subject key identifier: DF:08:D2:1B:FB:86:82:27:E9:FA:67:AA:CF:CE:6E:CE:2E:AA:73:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881F43AF3CFF71204138B7BCF4AC7243D5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3wjSG_uGgifp-meqz85uzi6qc4A.roa
Signing time: Mon 15 May 2023 11:55:09 +0000
ROA not before: Mon 15 May 2023 11:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 87.120.192.0/23 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.36.0/23 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.60.0/22 maxlen: 24
87.120.219.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
45.9.208.0/22 maxlen: 24
94.154.173.0/24 maxlen: 24
45.143.100.0/22 maxlen: 24
94.156.237.0/24 maxlen: 24
193.8.184.0/23 maxlen: 24
193.8.186.0/23 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.68.0/22 maxlen: 24
93.123.76.0/22 maxlen: 24
93.123.80.0/24 maxlen: 24
94.156.176.0/22 maxlen: 24
94.156.180.0/23 maxlen: 24
194.48.249.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.30.0/23 maxlen: 24
93.123.26.0/23 maxlen: 24
87.120.96.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.116.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
193.25.219.0/24 maxlen: 24
87.120.46.0/23 maxlen: 24
94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.26.0/23 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.207.14.0/23 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
37.139.130.0/23 maxlen: 24
212.87.205.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
178.215.238.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
87.121.104.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
45.95.2.0/23 maxlen: 24
45.95.0.0/23 maxlen: 24
5.253.58.0/23 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:43:af:3c:ff:71:20:41:38:b7:bc:f4:ac:72:43:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 15 11:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df08d21bfb868227e9fa67aacfce6ece2eaa7380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:92:a8:85:5d:fb:61:57:24:5e:4a:3a:67:82:
fa:b1:5a:e0:87:a3:03:3b:68:26:a6:21:04:cf:04:
de:77:73:37:42:3d:a1:0c:88:ec:e3:e7:95:27:13:
11:47:a2:96:89:3f:fc:c9:e8:61:bc:79:3a:c6:15:
c1:a2:53:6f:35:89:b1:8f:6c:a2:2b:45:a8:cf:ce:
22:21:fd:f2:9e:44:ba:44:bc:21:24:63:1c:0f:05:
af:49:26:36:74:d2:a3:a6:46:03:d1:39:24:77:71:
5b:48:b1:c2:29:7a:34:56:9b:81:0d:4c:ec:e5:57:
cb:db:53:42:7a:f9:7e:b2:20:50:82:78:ba:e7:94:
b2:1f:b1:88:48:70:7f:0e:f4:8c:f5:48:8b:07:7b:
f7:5b:ea:f0:d0:75:df:c7:91:ab:ab:4b:b7:ac:95:
f7:d7:77:cb:81:8f:73:8f:db:e8:0a:6d:ff:34:3f:
8d:51:78:40:a4:95:56:f8:8c:d9:12:c9:db:99:73:
25:5c:6f:32:ec:1f:d2:be:57:d9:24:0f:d0:69:a4:
c2:f6:de:8c:a2:15:92:92:ae:7e:2c:2d:e4:f3:e0:
16:78:57:e1:1b:7d:44:e8:2c:f9:ec:79:3e:ed:9e:
87:91:0e:f3:b2:31:0b:f9:98:d1:90:35:7a:c1:7e:
b9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:08:D2:1B:FB:86:82:27:E9:FA:67:AA:CF:CE:6E:CE:2E:AA:73:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3wjSG_uGgifp-meqz85uzi6qc4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
37.139.130.0/23
45.8.92.0/24
45.9.208.0/22
45.95.0.0/22
45.139.123.0/24
45.143.100.0/22
87.120.46.0/23
87.120.96.0/23
87.120.192.0/23
87.120.219.0/24
87.121.36.0-87.121.38.255
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.30.0/23
93.123.68.0/22
93.123.76.0-93.123.80.255
93.123.112.0-93.123.117.255
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.176.0-94.156.181.255
94.156.237.0-94.156.238.255
178.215.238.0/24
185.147.100.0/22
185.207.14.0/23
185.252.177.0/24
193.8.184.0/22
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.48.249.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:d8:39:dd:fb:c6:98:b6:88:d1:c2:b8:32:22:ed:62:e4:c3:
29:65:8b:ed:5d:44:fb:28:61:99:e0:ac:d6:d7:74:7e:8e:41:
b8:72:4c:d4:a1:4c:8b:66:34:34:b2:eb:ca:29:09:fa:33:97:
f8:e1:a4:fd:83:5b:07:6c:ff:3c:bf:99:90:93:f8:4c:6d:19:
f0:e4:21:fb:37:27:26:20:99:ed:8a:4f:b1:74:c7:b4:27:23:
e3:6b:a1:3b:e4:78:a4:24:f7:18:04:23:44:0d:40:b4:1a:aa:
d2:8e:9c:09:42:d7:7e:e7:d9:c4:5e:bb:a7:5d:e2:22:06:10:
12:eb:87:96:2b:2c:52:70:52:61:59:fd:43:14:44:c1:da:73:
bd:6b:d1:5d:b6:1c:6d:3f:ed:26:5c:58:6f:06:ff:ee:77:de:
34:82:7e:f7:77:37:ec:94:95:97:18:9e:4c:d5:17:db:c1:0c:
d8:f7:2b:c7:10:e4:5f:d5:ca:f8:d5:5a:0f:68:1c:5f:dd:14:
6b:f1:8d:e6:49:76:0b:9e:60:a9:38:40:4f:0b:a5:b2:a7:8f:
c7:19:e7:49:cc:31:1f:33:9a:60:e4:f1:b1:53:0b:6f:b1:51:
43:e5:5e:43:dc:d2:84:e8:de:cc:04:d8:9a:4c:b7:f7:73:9d:
48:f0:01:b3
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAYgfQ688/3EgQTi3vPSsckPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE1MTE1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjA4ZDIxYmZiODY4MjI3ZTlmYTY3YWFjZmNlNmVjZTJlYWE3MzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZKohV37YVckXko6Z4L6sVrgh6MD
O2gmpiEEzwTed3M3Qj2hDIjs4+eVJxMRR6KWiT/8yehhvHk6xhXBolNvNYmxj2yi
K0Woz84iIf3ynkS6RLwhJGMcDwWvSSY2dNKjpkYD0Tkkd3FbSLHCKXo0VpuBDUzs
5VfL21NCevl+siBQgni655SyH7GISHB/DvSM9UiLB3v3W+rw0HXfx5Grq0u3rJX3
13fLgY9zj9voCm3/ND+NUXhApJVW+IzZEsnbmXMlXG8y7B/SvlfZJA/QaaTC9t6M
ohWSkq5+LC3k8+AWeFfhG31E6Cz57Hk+7Z6HkQ7zsjEL+ZjRkDV6wX65rwIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFN8I0hv7hoIn6fpnqs/Obs4uqnOAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM3dqU0dfdUdnaWZwLW1lcXo4NXV6aTZxYzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCCAUwEAgABMIIB
RAMEAgX9OAMEASWLggMEAC0IXAMEAi0J0AMEAi1fAAMEAC2LewMEAi2PZAMEAVd4
LgMEAVd4YAMEAVd4wAMEAFd42zAMAwQCV3kkAwQAV3kmAwQCV3k8MAwDBABXeWcD
BABXeWgDBAFXeXIDBAFXeZIDBABXeaMDBABbXBADBAFbXBoDBABbXEMDBABdexgD
BAFdexoDBAFdex4DBAJde0QwDAMEAl17TAMEAF17UDAMAwQEXXtwAwQBXXt0AwQA
XXt3AwQBXpqgAwQAXpqtAwQAXpwCAwQAXpyYAwQBXpyaMAwDBARenLADBAFenLQw
DAMEAF6c7QMEAF6c7gMEALLX7gMEArmTZAMEAbnPDgMEALn8sQMEAsEIuAMEAMEZ
2wMEAMEvPgMEAME6eQMEAME6ewMEAMIw+QMEAMI34gMEANRXzTANBgkqhkiG9w0B
AQsFAAOCAQEAP9g53fvGmLaI0cK4MiLtYuTDKWWL7V1E+yhhmeCs1td0fo5BuHJM
1KFMi2Y0NLLryikJ+jOX+OGk/YNbB2z/PL+ZkJP4TG0Z8OQh+zcnJiCZ7YpPsXTH
tCcj42uhO+R4pCT3GAQjRA1AtBqq0o6cCULXfufZxF67p13iIgYQEuuHlissUnBS
YVn9QxREwdpzvWvRXbYcbT/tJlxYbwb/7nfeNIJ+93c37JSVlxieTNUX28EM2Pcr
xxDkX9XK+NVaD2gcX90Ua/GN5kl2C55gqThATwulsqePxxnnScwxHzOaYOTxsVML
b7FRQ+VeQ9zShOjezATYmky393OdSPABsw==
-----END CERTIFICATE-----
Generated at Tue May 13 18:12:37 2025 by rpki-client