Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gHqbIam-2LFprGY_jBZe9G2x0Ps.roa
File: gHqbIam-2LFprGY_jBZe9G2x0Ps.roa (raw, json)
Hash identifier: a9vnolpvSSXUb98ggwLSKZNKKSZ3aWdDVmQiW2yQpe0=
Subject key identifier: 80:7A:9B:21:A9:BE:D8:B1:69:AC:66:3F:8C:16:5E:F4:6D:B1:D0:FB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881AE5D35F631C60AB5ADBCE9BC796FC51
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gHqbIam-2LFprGY_jBZe9G2x0Ps.roa
Signing time: Sun 14 May 2023 15:34:09 +0000
ROA not before: Sun 14 May 2023 15:34:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34224
IP address blocks: 212.73.131.0/24 maxlen: 24
212.73.128.0/23 maxlen: 24
212.73.132.0/24 maxlen: 24
212.73.130.0/23 maxlen: 24
212.73.136.0/24 maxlen: 24
87.120.176.0/24 maxlen: 24
212.73.133.0/24 maxlen: 24
212.73.138.0/23 maxlen: 24
212.73.138.0/24 maxlen: 24
212.73.134.0/24 maxlen: 24
212.73.143.0/24 maxlen: 24
212.73.140.0/24 maxlen: 24
212.73.144.0/24 maxlen: 24
212.73.141.0/24 maxlen: 24
212.73.145.0/24 maxlen: 24
212.73.142.0/24 maxlen: 24
212.73.147.0/24 maxlen: 24
212.73.148.0/24 maxlen: 24
212.73.146.0/24 maxlen: 24
212.73.155.0/24 maxlen: 24
212.73.157.0/24 maxlen: 24
87.120.195.0/24 maxlen: 24
87.120.199.0/24 maxlen: 24
87.120.206.0/24 maxlen: 24
87.120.206.0/23 maxlen: 24
87.120.201.0/24 maxlen: 24
87.120.200.0/24 maxlen: 24
87.120.207.0/24 maxlen: 24
87.120.109.0/24 maxlen: 24
87.120.128.0/23 maxlen: 24
87.120.132.0/24 maxlen: 24
87.120.134.0/24 maxlen: 24
87.120.133.0/24 maxlen: 24
87.120.135.0/24 maxlen: 24
37.60.138.0/24 maxlen: 24
87.121.42.0/24 maxlen: 24
37.60.139.0/24 maxlen: 24
92.249.49.0/24 maxlen: 24
87.121.52.0/24 maxlen: 24
87.121.64.0/24 maxlen: 24
87.120.217.0/24 maxlen: 24
87.120.223.0/24 maxlen: 24
87.120.36.100/32 maxlen: 32
87.120.253.0/24 maxlen: 24
87.120.255.0/24 maxlen: 24
87.121.0.0/23 maxlen: 24
87.121.0.0/24 maxlen: 24
87.121.1.0/24 maxlen: 24
87.121.2.0/24 maxlen: 24
87.120.254.0/24 maxlen: 24
87.121.6.0/23 maxlen: 24
91.92.219.0/24 maxlen: 24
91.92.230.0/24 maxlen: 24
91.92.198.0/23 maxlen: 24
91.92.197.0/24 maxlen: 24
87.120.61.0/24 maxlen: 24
87.120.104.0/24 maxlen: 24
87.120.6.0/23 maxlen: 24
87.120.6.0/24 maxlen: 24
87.120.8.0/24 maxlen: 24
87.120.13.0/24 maxlen: 24
87.120.37.0/24 maxlen: 24
87.120.43.0/24 maxlen: 24
87.120.39.0/24 maxlen: 24
91.92.0.0/24 maxlen: 24
91.92.2.0/24 maxlen: 24
91.92.1.0/24 maxlen: 24
91.92.109.0/24 maxlen: 24
91.92.139.0/24 maxlen: 24
91.92.69.0/24 maxlen: 24
91.92.65.0/24 maxlen: 24
91.92.66.0/24 maxlen: 24
91.92.68.0/24 maxlen: 24
91.92.105.0/24 maxlen: 24
94.156.216.0/21 maxlen: 24
94.156.233.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
94.156.232.0/22 maxlen: 22
94.156.232.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
94.156.249.0/24 maxlen: 24
94.156.251.0/24 maxlen: 24
94.156.252.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
94.156.172.0/23 maxlen: 24
93.123.8.0/24 maxlen: 24
94.156.185.0/24 maxlen: 24
94.156.188.0/24 maxlen: 24
94.156.190.0/24 maxlen: 24
93.123.12.0/24 maxlen: 24
93.123.18.0/24 maxlen: 24
93.123.28.0/23 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.36.0/24 maxlen: 24
93.123.32.0/22 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.15.0/24 maxlen: 24
94.156.12.0/24 maxlen: 24
94.156.44.0/24 maxlen: 24
94.156.42.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.130.0/24 maxlen: 24
94.156.129.0/24 maxlen: 24
94.156.159.0/24 maxlen: 24
94.156.158.0/24 maxlen: 24
94.156.153.0/24 maxlen: 24
94.156.77.0/24 maxlen: 24
94.156.98.0/24 maxlen: 24
94.156.94.0/24 maxlen: 24
94.156.100.0/24 maxlen: 24
31.13.195.0/24 maxlen: 24
31.13.197.0/24 maxlen: 24
87.121.150.0/23 maxlen: 24
31.13.217.0/24 maxlen: 24
87.121.161.0/24 maxlen: 24
31.13.216.0/21 maxlen: 24
31.13.223.0/24 maxlen: 24
31.13.221.0/24 maxlen: 24
87.121.79.0/24 maxlen: 24
87.121.83.0/24 maxlen: 24
87.121.82.0/24 maxlen: 24
87.121.90.0/23 maxlen: 24
87.121.112.0/24 maxlen: 24
87.121.111.0/24 maxlen: 24
87.121.118.0/24 maxlen: 24
87.121.113.0/24 maxlen: 24
31.13.230.0/23 maxlen: 24
31.13.236.0/22 maxlen: 24
31.13.245.0/24 maxlen: 24
31.13.241.0/24 maxlen: 24
2a00:1728:35::/48 maxlen: 48
2a00:1728:27::/48 maxlen: 48
2a00:1728:21::/48 maxlen: 48
2a00:1728:0:d::/64 maxlen: 64
2a00:1728:1b::/48 maxlen: 48
2a00:1728:34::/48 maxlen: 48
2a00:1728:23::/48 maxlen: 48
2a00:1728:31::/48 maxlen: 48
2a00:1728:25::/48 maxlen: 48
2a00:1728:3::/48 maxlen: 48
2a00:1728:1f::/48 maxlen: 48
2a00:1728::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:e5:d3:5f:63:1c:60:ab:5a:db:ce:9b:c7:96:fc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 14 15:34:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=807a9b21a9bed8b169ac663f8c165ef46db1d0fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:7e:92:eb:96:43:51:77:c4:5a:73:a2:39:
d6:10:4b:36:0f:91:73:5b:9e:0d:f1:5d:51:39:82:
9f:0a:a9:e3:f0:a4:b5:c1:73:93:64:68:2b:86:91:
88:f7:82:66:4a:31:f5:9a:a0:f6:b4:4a:e8:55:b1:
45:aa:f3:86:f9:93:11:93:4b:18:b5:11:f2:1e:c2:
42:0d:f9:68:2f:bb:38:c8:f4:7a:19:e5:38:ff:6b:
2d:f4:83:de:bd:03:5e:1b:51:0c:07:98:11:40:c0:
07:4d:d7:e7:62:15:bc:77:17:d4:9e:9f:da:ab:d8:
bd:a3:b5:36:d9:b4:b8:25:8d:66:0e:74:4f:15:ef:
6a:12:08:61:71:e4:3f:bb:33:71:60:66:c4:4e:b8:
ed:23:fa:50:e7:cd:5d:ba:92:ba:52:aa:4f:db:9f:
59:cb:1d:b6:07:e8:64:8b:3f:0c:9e:32:7f:7a:bc:
94:58:de:68:ce:6b:89:be:45:44:41:8c:81:1f:fc:
4c:a4:1c:6f:5c:d4:55:4d:d4:26:af:eb:a3:6e:2f:
9f:db:fb:c0:97:0d:ef:c9:71:69:69:38:46:d3:55:
42:f6:41:e7:af:5d:19:40:0f:a0:1a:a3:95:2f:2d:
45:d0:12:37:86:da:d1:d6:c8:8a:5d:5d:48:08:7a:
ad:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7A:9B:21:A9:BE:D8:B1:69:AC:66:3F:8C:16:5E:F4:6D:B1:D0:FB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gHqbIam-2LFprGY_jBZe9G2x0Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.195.0/24
31.13.197.0/24
31.13.216.0/21
31.13.230.0/23
31.13.236.0/22
31.13.241.0/24
31.13.245.0/24
37.60.138.0/23
87.120.6.0-87.120.8.255
87.120.13.0/24
87.120.36.100/32
87.120.37.0/24
87.120.39.0/24
87.120.43.0/24
87.120.61.0/24
87.120.104.0/24
87.120.109.0/24
87.120.128.0/23
87.120.132.0/22
87.120.176.0/24
87.120.195.0/24
87.120.199.0-87.120.201.255
87.120.206.0/23
87.120.217.0/24
87.120.223.0/24
87.120.253.0-87.121.2.255
87.121.6.0/23
87.121.42.0/24
87.121.52.0/24
87.121.64.0/24
87.121.79.0/24
87.121.82.0/23
87.121.90.0/23
87.121.111.0-87.121.113.255
87.121.118.0/24
87.121.150.0/23
87.121.161.0/24
91.92.0.0-91.92.2.255
91.92.65.0-91.92.66.255
91.92.68.0/23
91.92.105.0/24
91.92.109.0/24
91.92.139.0/24
91.92.197.0-91.92.199.255
91.92.219.0/24
91.92.230.0/24
92.249.49.0/24
93.123.8.0/24
93.123.12.0/24
93.123.18.0/24
93.123.28.0/23
93.123.32.0-93.123.37.255
93.123.64.0/24
94.156.8.0/24
94.156.12.0/24
94.156.15.0/24
94.156.42.0/24
94.156.44.0/24
94.156.77.0/24
94.156.94.0/24
94.156.98.0/24
94.156.100.0/24
94.156.106.0/24
94.156.129.0-94.156.130.255
94.156.153.0/24
94.156.158.0/23
94.156.172.0/23
94.156.185.0/24
94.156.188.0/24
94.156.190.0/24
94.156.216.0/21
94.156.227.0/24
94.156.232.0/22
94.156.248.0/23
94.156.251.0-94.156.252.255
212.73.128.0-212.73.134.255
212.73.136.0/24
212.73.138.0-212.73.148.255
212.73.155.0/24
212.73.157.0/24
IPv6:
2a00:1728::/32
Signature Algorithm: sha256WithRSAEncryption
8e:c9:fc:cb:6e:ac:eb:64:64:d9:f6:8b:9c:6a:f1:9b:5b:4b:
66:a4:81:2e:5f:bf:13:e8:22:8e:85:c4:77:19:7d:0f:0d:d9:
06:97:0a:80:8d:5a:79:37:bc:1f:ab:68:95:b1:46:e4:49:7b:
f1:ac:46:29:65:4c:71:6f:e5:21:08:2e:8a:60:45:e8:60:e8:
9b:08:67:21:e4:ec:6d:e2:35:06:2c:8d:b0:a5:a8:54:e2:f9:
69:32:b8:7c:52:fa:5b:9d:de:4a:dd:c6:79:64:ea:a2:4a:ba:
ba:4b:c4:a8:82:4f:f1:c2:ba:8a:f9:59:4b:3f:1e:e3:ce:08:
60:30:ca:6d:04:85:9e:e3:86:43:71:d4:f3:f1:d8:ac:32:ee:
6f:a1:53:ec:4b:84:93:31:5a:bf:1d:3e:07:07:3b:b4:bd:e2:
d0:fd:17:e4:5e:23:f2:f5:95:f8:26:ea:13:2b:23:e1:f1:24:
5f:78:6a:00:62:0a:de:35:2a:32:cc:b8:46:ab:81:1b:ad:9d:
42:c5:73:cd:98:13:bf:51:ea:15:a9:c7:ba:66:ed:5a:19:c1:
da:83:ff:71:12:37:f9:17:f2:dd:6f:4f:af:1c:c1:06:7f:21:
4a:e0:42:53:7a:06:cf:52:aa:d2:95:32:d7:61:c7:db:7c:50:
eb:64:c6:d1
-----BEGIN CERTIFICATE-----
MIIHUDCCBjigAwIBAgISAYga5dNfYxxgq1rbzpvHlvxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE0MTUzNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdhOWIyMWE5YmVkOGIxNjlhYzY2M2Y4YzE2NWVmNDZkYjFkMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9t+kuuWQ1F3xFpzojnWEEs2D5Fz
W54N8V1ROYKfCqnj8KS1wXOTZGgrhpGI94JmSjH1mqD2tEroVbFFqvOG+ZMRk0sY
tRHyHsJCDfloL7s4yPR6GeU4/2st9IPevQNeG1EMB5gRQMAHTdfnYhW8dxfUnp/a
q9i9o7U22bS4JY1mDnRPFe9qEghhceQ/uzNxYGbETrjtI/pQ581dupK6UqpP259Z
yx22B+hkiz8MnjJ/eryUWN5ozmuJvkVEQYyBH/xMpBxvXNRVTdQmr+ujbi+f2/vA
lw3vyXFpaThG01VC9kHnr10ZQA+gGqOVLy1F0BI3htrR1siKXV1ICHqtYQIDAQAB
o4IEXDCCBFgwHQYDVR0OBBYEFIB6myGpvtixaaxmP4wWXvRtsdD7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ0hxYklhbS0yTEZwckdZX2pCWmU5RzJ4MFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICcAYIKwYBBQUHAQcBAf8EggJfMIICWzCCAkgEAgABMIIC
QAMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
XPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQDBABde0AD
BABenAgDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4DBABenGID
BABenGQDBABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6crAMEAF6c
uQMEAF6cvAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAV6c+DAMAwQAXpz7AwQA
Xpz8MAwDBAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJmwMEANRJ
nTANBAIAAjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAjsn8y26s62Rk2faL
nGrxm1tLZqSBLl+/E+gijoXEdxl9Dw3ZBpcKgI1aeTe8H6tolbFG5El78axGKWVM
cW/lIQguimBF6GDomwhnIeTsbeI1BiyNsKWoVOL5aTK4fFL6W53eSt3GeWTqokq6
ukvEqIJP8cK6ivlZSz8e484IYDDKbQSFnuOGQ3HU8/HYrDLub6FT7EuEkzFavx0+
Bwc7tL3i0P0X5F4j8vWV+CbqEysj4fEkX3hqAGIK3jUqMsy4RquBG62dQsVzzZgT
v1HqFanHumbtWhnB2oP/cRI3+Rfy3W9PrxzBBn8hSuBCU3oGz1Kq0pUy12HH23xQ
62TG0Q==
-----END CERTIFICATE-----
Generated at Tue May 13 17:15:05 2025 by rpki-client