Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AE8g35eFioJ5HYBs_N2yS6acaxU.roa
File: AE8g35eFioJ5HYBs_N2yS6acaxU.roa (raw, json)
Hash identifier: 67JpmrqZvC2qCx3mCM41MY9TPnj9B0aCpPmKIuRJgrk=
Subject key identifier: 00:4F:20:DF:97:85:8A:82:79:1D:80:6C:FC:DD:B2:4B:A6:9C:6B:15
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0187BDE08AACA8FB15CA2ACBB74832801F63
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AE8g35eFioJ5HYBs_N2yS6acaxU.roa
Signing time: Wed 26 Apr 2023 14:03:41 +0000
ROA not before: Wed 26 Apr 2023 14:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8866
IP address blocks: 90.154.128.0/17 maxlen: 24
62.73.64.0/18 maxlen: 24
83.228.61.0/24 maxlen: 24
84.40.64.0/18 maxlen: 18
46.249.64.0/19 maxlen: 19
89.25.124.0/22 maxlen: 22
85.187.46.0/23 maxlen: 24
85.187.64.0/18 maxlen: 18
212.72.199.0/24 maxlen: 24
212.72.198.0/24 maxlen: 24
212.72.202.0/23 maxlen: 24
212.72.212.0/24 maxlen: 24
89.25.72.0/22 maxlen: 22
85.187.22.0/23 maxlen: 24
85.187.24.0/21 maxlen: 24
89.25.100.0/22 maxlen: 22
85.187.32.0/21 maxlen: 24
83.228.0.0/17 maxlen: 24
79.100.0.0/16 maxlen: 24
78.154.0.0/19 maxlen: 24
212.72.214.0/24 maxlen: 24
212.72.221.0/24 maxlen: 24
212.5.128.0/19 maxlen: 24
212.39.64.0/19 maxlen: 24
82.146.0.0/22 maxlen: 22
82.146.6.0/23 maxlen: 24
82.146.11.0/24 maxlen: 24
82.146.24.0/23 maxlen: 24
77.85.176.0/20 maxlen: 24
77.85.174.0/24 maxlen: 24
77.85.198.0/24 maxlen: 24
89.25.40.0/21 maxlen: 21
89.25.52.0/22 maxlen: 22
89.25.56.0/21 maxlen: 21
89.25.64.0/21 maxlen: 21
82.146.28.0/23 maxlen: 24
82.146.31.0/24 maxlen: 24
77.85.128.0/19 maxlen: 24
87.126.0.0/16 maxlen: 24
77.85.160.0/21 maxlen: 24
77.85.168.0/22 maxlen: 24
77.85.172.0/23 maxlen: 24
95.43.206.0/24 maxlen: 24
95.43.220.0/22 maxlen: 22
87.118.144.0/22 maxlen: 22
87.118.144.0/23 maxlen: 23
213.91.154.0/24 maxlen: 24
46.10.193.0/24 maxlen: 24
87.118.147.0/24 maxlen: 24
87.118.164.0/22 maxlen: 22
77.85.0.0/16 maxlen: 24
213.91.128.0/17 maxlen: 24
46.10.166.0/23 maxlen: 23
84.238.136.0/22 maxlen: 22
84.238.134.0/23 maxlen: 24
84.238.140.0/23 maxlen: 23
84.238.142.0/23 maxlen: 23
84.238.144.0/21 maxlen: 21
84.238.152.0/22 maxlen: 24
84.238.156.0/22 maxlen: 22
84.238.165.0/24 maxlen: 24
84.238.168.0/21 maxlen: 21
84.238.167.0/24 maxlen: 24
84.238.178.0/23 maxlen: 24
84.238.180.0/22 maxlen: 22
82.137.64.0/18 maxlen: 24
95.43.0.0/17 maxlen: 24
37.157.136.0/21 maxlen: 21
213.16.32.0/19 maxlen: 24
37.157.160.0/19 maxlen: 19
84.238.128.0/22 maxlen: 22
46.10.0.0/16 maxlen: 24
84.238.192.0/22 maxlen: 24
84.238.204.0/22 maxlen: 22
87.116.64.0/22 maxlen: 22
87.116.68.0/22 maxlen: 22
87.116.72.0/21 maxlen: 21
151.237.140.0/23 maxlen: 24
87.116.82.0/24 maxlen: 24
87.116.84.0/22 maxlen: 22
213.130.92.0/23 maxlen: 24
213.130.95.0/24 maxlen: 24
213.130.64.0/22 maxlen: 22
213.130.78.0/23 maxlen: 23
213.130.76.0/23 maxlen: 24
213.130.77.0/24 maxlen: 24
62.176.64.0/19 maxlen: 24
94.236.229.0/24 maxlen: 24
94.236.231.0/24 maxlen: 24
94.236.228.0/24 maxlen: 24
94.236.234.0/24 maxlen: 24
94.236.235.0/24 maxlen: 24
94.236.238.0/24 maxlen: 24
94.236.240.0/20 maxlen: 20
62.176.96.0/19 maxlen: 24
94.236.163.0/24 maxlen: 24
94.236.164.0/24 maxlen: 24
94.236.160.0/24 maxlen: 24
87.243.96.0/21 maxlen: 21
94.236.161.0/24 maxlen: 24
94.155.204.0/22 maxlen: 24
94.236.160.0/19 maxlen: 24
94.236.172.0/24 maxlen: 24
87.243.104.0/21 maxlen: 21
94.236.170.0/23 maxlen: 23
94.236.179.0/24 maxlen: 24
87.243.112.0/22 maxlen: 22
94.236.173.0/24 maxlen: 24
94.236.174.0/24 maxlen: 24
94.236.175.0/24 maxlen: 24
94.236.176.0/23 maxlen: 23
87.243.116.0/22 maxlen: 22
94.236.180.0/22 maxlen: 22
94.236.184.0/21 maxlen: 21
87.243.120.0/21 maxlen: 21
94.236.204.0/24 maxlen: 24
94.236.205.0/24 maxlen: 24
217.75.152.0/21 maxlen: 21
84.21.192.0/22 maxlen: 22
95.42.0.0/15 maxlen: 24
84.21.216.0/21 maxlen: 21
62.176.117.0/24 maxlen: 24
217.75.139.0/24 maxlen: 24
217.75.143.0/24 maxlen: 24
94.155.64.0/20 maxlen: 24
94.155.80.0/22 maxlen: 24
185.20.156.0/22 maxlen: 22
83.148.64.0/18 maxlen: 24
95.87.192.0/18 maxlen: 18
94.236.144.0/24 maxlen: 24
94.236.144.0/21 maxlen: 24
87.243.80.0/20 maxlen: 20
94.236.149.0/24 maxlen: 24
94.236.151.0/24 maxlen: 24
94.236.146.0/24 maxlen: 24
94.236.152.0/24 maxlen: 24
94.236.152.0/21 maxlen: 24
94.236.153.0/24 maxlen: 24
94.236.154.0/24 maxlen: 24
94.155.104.0/21 maxlen: 24
94.155.112.0/21 maxlen: 24
94.155.120.0/22 maxlen: 24
2a01:5a8:2:5::/64 maxlen: 64
2a01:5a8:1:ffff::/64 maxlen: 64
2a01:5a8:2:4::/64 maxlen: 64
2a01:5a8::/32 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:e0:8a:ac:a8:fb:15:ca:2a:cb:b7:48:32:80:1f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Apr 26 14:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=004f20df97858a82791d806cfcddb24ba69c6b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:06:64:0b:04:87:86:34:f4:08:f9:d8:ea:0b:
db:10:ad:ed:5b:59:4f:f2:72:85:c2:15:7c:29:06:
9b:f7:e4:4f:54:c1:58:f7:16:17:9e:49:37:e9:c2:
dc:b8:cd:0c:25:b7:72:a1:31:5f:c3:9e:e0:a9:6d:
10:0c:e3:d0:14:b9:b0:a1:83:5c:f8:9a:8e:62:b2:
2e:42:49:c5:4d:90:25:4a:66:29:7a:93:50:08:89:
b2:96:59:22:a5:7f:c2:28:3c:db:8b:37:0d:84:5f:
60:ba:8d:f1:64:f7:9c:7c:99:d2:04:80:01:e9:75:
29:d1:bc:e9:ba:c8:56:3c:d0:ab:a8:8e:6a:06:8e:
12:1a:23:66:c8:97:b2:0b:33:42:91:44:2d:50:39:
cc:89:8b:32:89:e8:ae:5f:a9:bf:e3:5e:90:9f:df:
2e:87:ab:33:7a:a2:ac:29:1b:81:f3:2b:01:02:f3:
bb:f1:0a:79:08:03:82:fc:09:24:82:fd:43:23:3c:
d6:22:be:83:77:68:4f:15:4e:3b:8b:85:e9:12:5c:
0e:23:ee:0c:7c:fc:c9:6b:eb:e0:37:ed:31:ac:c8:
d6:9c:bc:6b:ea:ee:a5:df:ed:6a:06:52:10:23:9c:
e0:52:27:dd:11:49:24:45:f6:3f:bb:75:b8:2f:28:
f9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4F:20:DF:97:85:8A:82:79:1D:80:6C:FC:DD:B2:4B:A6:9C:6B:15
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/AE8g35eFioJ5HYBs_N2yS6acaxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.136.0/21
37.157.160.0/19
46.10.0.0/16
46.249.64.0/19
62.73.64.0/18
62.176.64.0/18
77.85.0.0/16
78.154.0.0/19
79.100.0.0/16
82.137.64.0/18
82.146.0.0/22
82.146.6.0/23
82.146.11.0/24
82.146.24.0/23
82.146.28.0/23
82.146.31.0/24
83.148.64.0/18
83.228.0.0/17
84.21.192.0/22
84.21.216.0/21
84.40.64.0/18
84.238.128.0/22
84.238.134.0-84.238.159.255
84.238.165.0/24
84.238.167.0-84.238.175.255
84.238.178.0-84.238.183.255
84.238.192.0/22
84.238.204.0/22
85.187.22.0-85.187.39.255
85.187.46.0/23
85.187.64.0/18
87.116.64.0/20
87.116.82.0/24
87.116.84.0/22
87.118.144.0/22
87.118.164.0/22
87.126.0.0/16
87.243.80.0-87.243.127.255
89.25.40.0/21
89.25.52.0-89.25.75.255
89.25.100.0/22
89.25.124.0/22
90.154.128.0/17
94.155.64.0-94.155.83.255
94.155.104.0-94.155.123.255
94.155.204.0/22
94.236.144.0-94.236.191.255
94.236.204.0/23
94.236.228.0/23
94.236.231.0/24
94.236.234.0/23
94.236.238.0/24
94.236.240.0/20
95.42.0.0/15
95.87.192.0/18
151.237.140.0/23
185.20.156.0/22
212.5.128.0/19
212.39.64.0/19
212.72.198.0/23
212.72.202.0/23
212.72.212.0/24
212.72.214.0/24
212.72.221.0/24
213.16.32.0/19
213.91.128.0/17
213.130.64.0/22
213.130.76.0/22
213.130.92.0/23
213.130.95.0/24
217.75.139.0/24
217.75.143.0/24
217.75.152.0/21
IPv6:
2a01:5a8::/32
Signature Algorithm: sha256WithRSAEncryption
b2:b5:08:74:2d:39:6c:87:d3:4c:4d:52:c4:b7:70:c3:23:3a:
88:68:06:19:ef:74:74:23:19:be:cf:0d:c0:b5:89:21:b6:43:
0e:ba:ef:29:a7:49:fd:35:49:ef:1f:4a:da:e1:3f:47:94:f7:
78:87:aa:ba:6b:04:00:a0:33:32:95:6e:70:71:b0:08:b3:95:
37:bc:dd:36:0d:0d:1a:3e:10:de:cd:19:5d:51:cc:6d:ca:76:
59:fd:c9:05:b5:b2:9a:5d:eb:c6:f1:cb:2e:3d:0a:8c:2d:19:
de:1f:5a:f9:90:05:b6:e2:6c:21:52:d3:47:d2:a4:29:22:30:
80:fc:03:a1:bd:60:f4:d1:d5:42:fc:c1:e6:12:67:f7:4b:68:
10:86:79:27:cd:95:b9:b1:aa:5b:ad:cc:73:d9:50:5a:64:78:
46:98:7d:0d:a4:63:bb:19:93:c0:5a:34:82:62:4a:af:8b:12:
bf:be:3c:4d:62:bb:b7:e5:63:96:3f:6f:2a:d2:ac:0d:3b:3a:
e7:81:fb:af:e1:fb:f3:52:af:8c:43:b1:df:ad:6d:44:e8:b5:
8d:cb:d2:57:ad:ee:d4:1e:27:02:28:cd:f1:09:ac:05:75:b1:
d0:e4:54:42:e0:7e:75:54:29:56:60:f9:31:0d:48:0c:ba:a3:
d8:79:2f:69
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgISAYe94IqsqPsVyirLt0gygB9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwNDI2MTQwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRmMjBkZjk3ODU4YTgyNzkxZDgwNmNmY2RkYjI0YmE2OWM2YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwZkCwSHhjT0CPnY6gvbEK3tW1lP
8nKFwhV8KQab9+RPVMFY9xYXnkk36cLcuM0MJbdyoTFfw57gqW0QDOPQFLmwoYNc
+JqOYrIuQknFTZAlSmYpepNQCImyllkipX/CKDzbizcNhF9guo3xZPecfJnSBIAB
6XUp0bzpushWPNCrqI5qBo4SGiNmyJeyCzNCkUQtUDnMiYsyieiuX6m/416Qn98u
h6szeqKsKRuB8ysBAvO78Qp5CAOC/Akkgv1DIzzWIr6Dd2hPFU47i4XpElwOI+4M
fPzJa+vgN+0xrMjWnLxr6u6l3+1qBlIQI5zgUifdEUkkRfY/u3W4Lyj54QIDAQAB
o4IEFTCCBBEwHQYDVR0OBBYEFABPIN+XhYqCeR2AbPzdskumnGsVMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvQUU4ZzM1ZUZpb0o1SFlCc19OMnlTNmFjYXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICKQYIKwYBBQUHAQcBAf8EggIYMIICFDCCAgEEAgABMIIB
+QMEAyWdiAMEBSWdoAMDAC4KAwQFLvlAAwQGPklAAwQGPrBAAwMATVUDBAVOmgAD
AwBPZAMEBlKJQAMEAlKSAAMEAVKSBgMEAFKSCwMEAVKSGAMEAVKSHAMEAFKSHwME
BlOUQAMEB1PkAAMEAlQVwAMEA1QV2AMEBlQoQAMEAlTugDAMAwQBVO6GAwQFVO6A
AwQAVO6lMAwDBABU7qcDBARU7qAwDAMEAVTusgMEA1TusAMEAlTuwAMEAlTuzDAM
AwQBVbsWAwQDVbsgAwQBVbsuAwQGVbtAAwQEV3RAAwQAV3RSAwQCV3RUAwQCV3aQ
AwQCV3akAwMAV34wDAMEBFfzUAMEB1fzAAMEA1kZKDAMAwQCWRk0AwQCWRlIAwQC
WRlkAwQCWRl8AwQHWpqAMAwDBAZem0ADBAJem1AwDAMEA16baAMEAl6beAMEAl6b
zDAMAwQEXuyQAwQGXuyAAwQBXuzMAwQBXuzkAwQAXuznAwQBXuzqAwQAXuzuAwQE
XuzwAwMBXyoDBAZfV8ADBAGX7YwDBAK5FJwDBAXUBYADBAXUJ0ADBAHUSMYDBAHU
SMoDBADUSNQDBADUSNYDBADUSN0DBAXVECADBAfVW4ADBALVgkADBALVgkwDBAHV
glwDBADVgl8DBADZS4sDBADZS48DBAPZS5gwDQQCAAIwBwMFACoBBagwDQYJKoZI
hvcNAQELBQADggEBALK1CHQtOWyH00xNUsS3cMMjOohoBhnvdHQjGb7PDcC1iSG2
Qw667ymnSf01Se8fStrhP0eU93iHqrprBACgMzKVbnBxsAizlTe83TYNDRo+EN7N
GV1RzG3Kdln9yQW1sppd68bxyy49CowtGd4fWvmQBbbibCFS00fSpCkiMID8A6G9
YPTR1UL8weYSZ/dLaBCGeSfNlbmxqlutzHPZUFpkeEaYfQ2kY7sZk8BaNIJiSq+L
Er++PE1iu7flY5Y/byrSrA07OueB+6/h+/NSr4xDsd+tbUTotY3L0let7tQeJwIo
zfEJrAV1sdDkVELgfnVUKVZg+TENSAy6o9h5L2k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org