Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bqRsvZQKXRyuBEoY0266DObdBu0.roa
File: bqRsvZQKXRyuBEoY0266DObdBu0.roa (raw, json)
Hash identifier: /VpTL52TfbvsWJCViSslNVSEUQdgvuIy7GSUe7oaGx4=
Subject key identifier: 6E:A4:6C:BD:94:0A:5D:1C:AE:04:4A:18:D3:6E:BA:0C:E6:DD:06:ED
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01860C679CA22507ECDE5760B32319CE8567
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bqRsvZQKXRyuBEoY0266DObdBu0.roa
Signing time: Wed 01 Feb 2023 09:56:02 +0000
ROA not before: Wed 01 Feb 2023 09:56:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8866
IP address blocks: 90.154.128.0/17 maxlen: 24
62.73.64.0/18 maxlen: 24
83.228.61.0/24 maxlen: 24
84.40.64.0/18 maxlen: 18
46.249.64.0/19 maxlen: 19
89.25.124.0/22 maxlen: 22
85.187.46.0/23 maxlen: 24
85.187.64.0/18 maxlen: 18
212.72.199.0/24 maxlen: 24
212.72.198.0/24 maxlen: 24
212.72.202.0/23 maxlen: 24
212.72.212.0/24 maxlen: 24
89.25.72.0/22 maxlen: 22
85.187.22.0/23 maxlen: 24
85.187.24.0/21 maxlen: 24
89.25.100.0/22 maxlen: 22
85.187.32.0/21 maxlen: 24
83.228.0.0/17 maxlen: 24
79.100.0.0/16 maxlen: 24
78.154.0.0/19 maxlen: 24
212.72.214.0/24 maxlen: 24
212.72.221.0/24 maxlen: 24
212.5.128.0/19 maxlen: 24
212.39.64.0/19 maxlen: 24
82.146.0.0/22 maxlen: 22
82.146.6.0/23 maxlen: 24
82.146.11.0/24 maxlen: 24
82.146.24.0/23 maxlen: 24
77.85.176.0/20 maxlen: 24
77.85.174.0/24 maxlen: 24
77.85.198.0/24 maxlen: 24
89.25.40.0/21 maxlen: 21
89.25.52.0/22 maxlen: 22
89.25.56.0/21 maxlen: 21
89.25.64.0/21 maxlen: 21
82.146.28.0/23 maxlen: 24
82.146.31.0/24 maxlen: 24
77.85.128.0/19 maxlen: 24
87.126.0.0/16 maxlen: 24
77.85.160.0/21 maxlen: 24
77.85.168.0/22 maxlen: 24
77.85.172.0/23 maxlen: 24
95.43.206.0/24 maxlen: 24
95.43.220.0/22 maxlen: 22
87.118.144.0/22 maxlen: 22
87.118.144.0/23 maxlen: 23
213.91.154.0/24 maxlen: 24
46.10.193.0/24 maxlen: 24
87.118.164.0/22 maxlen: 22
77.85.0.0/16 maxlen: 24
213.91.128.0/17 maxlen: 24
46.10.166.0/23 maxlen: 23
84.238.136.0/22 maxlen: 22
84.238.134.0/23 maxlen: 24
84.238.140.0/23 maxlen: 23
84.238.142.0/23 maxlen: 23
84.238.144.0/21 maxlen: 21
84.238.152.0/22 maxlen: 24
84.238.156.0/22 maxlen: 22
84.238.165.0/24 maxlen: 24
84.238.168.0/21 maxlen: 21
84.238.167.0/24 maxlen: 24
84.238.178.0/23 maxlen: 24
84.238.180.0/22 maxlen: 22
82.137.64.0/18 maxlen: 24
95.43.0.0/17 maxlen: 24
37.157.136.0/21 maxlen: 21
213.16.32.0/19 maxlen: 24
37.157.160.0/19 maxlen: 19
84.238.128.0/22 maxlen: 22
46.10.0.0/16 maxlen: 24
84.238.192.0/22 maxlen: 24
84.238.204.0/22 maxlen: 22
87.116.64.0/22 maxlen: 22
87.116.68.0/22 maxlen: 22
87.116.72.0/21 maxlen: 21
151.237.140.0/23 maxlen: 24
87.116.84.0/22 maxlen: 22
213.130.92.0/23 maxlen: 24
213.130.95.0/24 maxlen: 24
213.130.64.0/22 maxlen: 22
213.130.78.0/23 maxlen: 23
213.130.76.0/23 maxlen: 24
213.130.77.0/24 maxlen: 24
62.176.64.0/19 maxlen: 24
94.236.229.0/24 maxlen: 24
94.236.231.0/24 maxlen: 24
94.236.228.0/24 maxlen: 24
94.236.234.0/24 maxlen: 24
94.236.235.0/24 maxlen: 24
94.236.238.0/24 maxlen: 24
94.236.240.0/20 maxlen: 20
62.176.96.0/19 maxlen: 24
94.236.163.0/24 maxlen: 24
94.236.164.0/24 maxlen: 24
94.236.160.0/24 maxlen: 24
87.243.96.0/21 maxlen: 21
94.236.161.0/24 maxlen: 24
94.155.204.0/22 maxlen: 24
94.236.160.0/19 maxlen: 24
94.236.172.0/24 maxlen: 24
87.243.104.0/21 maxlen: 21
94.236.170.0/23 maxlen: 23
94.236.179.0/24 maxlen: 24
87.243.112.0/22 maxlen: 22
94.236.173.0/24 maxlen: 24
94.236.174.0/24 maxlen: 24
94.236.175.0/24 maxlen: 24
94.236.176.0/23 maxlen: 23
87.243.116.0/22 maxlen: 22
94.236.180.0/22 maxlen: 22
94.236.184.0/21 maxlen: 21
87.243.120.0/21 maxlen: 21
94.236.204.0/24 maxlen: 24
94.236.205.0/24 maxlen: 24
217.75.152.0/21 maxlen: 21
84.21.192.0/22 maxlen: 22
95.42.0.0/15 maxlen: 24
84.21.216.0/21 maxlen: 21
62.176.117.0/24 maxlen: 24
94.155.64.0/20 maxlen: 24
94.155.80.0/22 maxlen: 24
185.20.156.0/22 maxlen: 22
83.148.64.0/18 maxlen: 24
95.87.192.0/18 maxlen: 18
94.236.144.0/24 maxlen: 24
94.236.144.0/21 maxlen: 24
87.243.80.0/20 maxlen: 20
94.236.149.0/24 maxlen: 24
94.236.151.0/24 maxlen: 24
94.236.146.0/24 maxlen: 24
94.236.152.0/24 maxlen: 24
94.236.152.0/21 maxlen: 24
94.236.153.0/24 maxlen: 24
94.236.154.0/24 maxlen: 24
94.155.104.0/21 maxlen: 24
94.155.112.0/21 maxlen: 24
94.155.120.0/22 maxlen: 24
2a01:5a8:2:5::/64 maxlen: 64
2a01:5a8:1:ffff::/64 maxlen: 64
2a01:5a8:2:4::/64 maxlen: 64
2a01:5a8::/32 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:67:9c:a2:25:07:ec:de:57:60:b3:23:19:ce:85:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Feb 1 09:56:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ea46cbd940a5d1cae044a18d36eba0ce6dd06ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ad:67:1f:36:d6:bb:cb:08:5a:af:7f:18:6e:
0c:f1:df:fc:bb:97:84:14:77:22:6d:e7:e2:1b:3e:
54:3a:67:f9:85:c6:14:c3:ec:c1:1a:dd:36:af:6f:
8e:56:c8:db:83:f5:d3:2f:7d:ba:1a:62:82:78:f0:
0e:27:64:fe:24:13:f6:ae:6c:70:8a:55:7d:57:f5:
af:b1:c1:9b:25:64:d2:66:10:18:9d:eb:64:f3:ed:
75:79:58:a5:b1:7c:91:4c:0d:11:f4:d0:bc:d2:81:
22:8b:62:70:5e:68:2e:c1:d7:9f:1f:5c:98:e0:0e:
4d:5c:b6:b2:8d:4c:61:98:2d:04:49:ef:df:75:08:
20:02:43:33:e2:a0:6d:09:f6:5c:84:32:3c:c8:e7:
db:60:26:43:66:98:81:16:2f:ac:8b:c6:6a:01:7c:
c8:98:57:88:95:f5:09:cd:ec:95:f4:14:91:8a:2e:
f8:f9:f9:ed:08:0a:38:04:9d:a6:d0:87:a1:c1:c7:
48:b7:11:f6:fc:4b:29:49:55:03:93:75:5a:87:e2:
ba:c0:c7:0e:f9:14:bb:62:2f:19:de:79:2f:e2:ae:
8a:35:87:8c:76:f6:03:ed:21:80:76:df:d2:22:17:
a9:3f:dd:37:3e:85:b3:ec:fe:ec:7c:b0:17:86:f0:
37:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A4:6C:BD:94:0A:5D:1C:AE:04:4A:18:D3:6E:BA:0C:E6:DD:06:ED
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bqRsvZQKXRyuBEoY0266DObdBu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.136.0/21
37.157.160.0/19
46.10.0.0/16
46.249.64.0/19
62.73.64.0/18
62.176.64.0/18
77.85.0.0/16
78.154.0.0/19
79.100.0.0/16
82.137.64.0/18
82.146.0.0/22
82.146.6.0/23
82.146.11.0/24
82.146.24.0/23
82.146.28.0/23
82.146.31.0/24
83.148.64.0/18
83.228.0.0/17
84.21.192.0/22
84.21.216.0/21
84.40.64.0/18
84.238.128.0/22
84.238.134.0-84.238.159.255
84.238.165.0/24
84.238.167.0-84.238.175.255
84.238.178.0-84.238.183.255
84.238.192.0/22
84.238.204.0/22
85.187.22.0-85.187.39.255
85.187.46.0/23
85.187.64.0/18
87.116.64.0/20
87.116.84.0/22
87.118.144.0/22
87.118.164.0/22
87.126.0.0/16
87.243.80.0-87.243.127.255
89.25.40.0/21
89.25.52.0-89.25.75.255
89.25.100.0/22
89.25.124.0/22
90.154.128.0/17
94.155.64.0-94.155.83.255
94.155.104.0-94.155.123.255
94.155.204.0/22
94.236.144.0-94.236.191.255
94.236.204.0/23
94.236.228.0/23
94.236.231.0/24
94.236.234.0/23
94.236.238.0/24
94.236.240.0/20
95.42.0.0/15
95.87.192.0/18
151.237.140.0/23
185.20.156.0/22
212.5.128.0/19
212.39.64.0/19
212.72.198.0/23
212.72.202.0/23
212.72.212.0/24
212.72.214.0/24
212.72.221.0/24
213.16.32.0/19
213.91.128.0/17
213.130.64.0/22
213.130.76.0/22
213.130.92.0/23
213.130.95.0/24
217.75.152.0/21
IPv6:
2a01:5a8::/32
Signature Algorithm: sha256WithRSAEncryption
34:81:f8:e6:87:a4:7d:43:58:ba:69:77:48:7c:95:65:e5:ab:
d3:c4:23:d6:7a:15:ed:0e:22:93:2c:12:3e:2c:5f:07:95:62:
1a:df:f8:e5:08:b0:57:8b:0f:c1:8f:b3:3a:0f:e9:2b:d6:53:
d8:47:bb:0e:24:e4:87:9e:08:de:d9:06:b4:d1:ca:6f:82:b3:
9e:ed:f0:6c:40:02:61:83:df:91:76:26:29:5b:58:0e:38:48:
eb:bc:8d:71:63:85:f5:46:4c:7c:1d:45:d6:5e:51:e8:20:97:
b9:d1:f1:31:9d:16:c6:26:34:3e:b1:c0:5f:b9:c5:ce:22:eb:
85:4a:55:ad:70:2d:42:be:f9:5a:ff:98:76:7a:e4:23:a9:af:
3f:f6:ff:11:fe:b6:13:78:51:10:af:f9:39:54:16:16:99:e9:
b8:54:2a:3e:24:27:6d:61:cb:ec:0b:8e:e1:cf:2d:14:67:03:
e1:bf:34:c8:83:5e:13:8c:28:ac:4b:70:6d:83:d3:7e:da:ba:
75:00:a1:96:37:a2:d9:fa:9c:85:32:72:42:fc:07:9e:f6:7c:
d0:18:2a:38:30:7b:c3:e0:a8:94:a6:08:c4:90:aa:e9:1b:03:
e2:08:f5:d1:cb:d7:58:c7:b5:0d:96:e7:69:cf:18:37:90:f3:
b4:a9:63:37
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgISAYYMZ5yiJQfs3ldgsyMZzoVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMjAxMDk1NjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWE0NmNiZDk0MGE1ZDFjYWUwNDRhMThkMzZlYmEwY2U2ZGQwNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg61nHzbWu8sIWq9/GG4M8d/8u5eE
FHcibefiGz5UOmf5hcYUw+zBGt02r2+OVsjbg/XTL326GmKCePAOJ2T+JBP2rmxw
ilV9V/WvscGbJWTSZhAYnetk8+11eVilsXyRTA0R9NC80oEii2JwXmguwdefH1yY
4A5NXLayjUxhmC0ESe/fdQggAkMz4qBtCfZchDI8yOfbYCZDZpiBFi+si8ZqAXzI
mFeIlfUJzeyV9BSRii74+fntCAo4BJ2m0IehwcdItxH2/EspSVUDk3Vah+K6wMcO
+RS7Yi8Z3nkv4q6KNYeMdvYD7SGAdt/SIhepP903PoWz7P7sfLAXhvA3eQIDAQAB
o4IEAzCCA/8wHQYDVR0OBBYEFG6kbL2UCl0crgRKGNNuugzm3QbtMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYnFSc3ZaUUtYUnl1QkVvWTAyNjZET2JkQnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFwYIKwYBBQUHAQcBAf8EggIGMIICAjCCAe8EAgABMIIB
5wMEAyWdiAMEBSWdoAMDAC4KAwQFLvlAAwQGPklAAwQGPrBAAwMATVUDBAVOmgAD
AwBPZAMEBlKJQAMEAlKSAAMEAVKSBgMEAFKSCwMEAVKSGAMEAVKSHAMEAFKSHwME
BlOUQAMEB1PkAAMEAlQVwAMEA1QV2AMEBlQoQAMEAlTugDAMAwQBVO6GAwQFVO6A
AwQAVO6lMAwDBABU7qcDBARU7qAwDAMEAVTusgMEA1TusAMEAlTuwAMEAlTuzDAM
AwQBVbsWAwQDVbsgAwQBVbsuAwQGVbtAAwQEV3RAAwQCV3RUAwQCV3aQAwQCV3ak
AwMAV34wDAMEBFfzUAMEB1fzAAMEA1kZKDAMAwQCWRk0AwQCWRlIAwQCWRlkAwQC
WRl8AwQHWpqAMAwDBAZem0ADBAJem1AwDAMEA16baAMEAl6beAMEAl6bzDAMAwQE
XuyQAwQGXuyAAwQBXuzMAwQBXuzkAwQAXuznAwQBXuzqAwQAXuzuAwQEXuzwAwMB
XyoDBAZfV8ADBAGX7YwDBAK5FJwDBAXUBYADBAXUJ0ADBAHUSMYDBAHUSMoDBADU
SNQDBADUSNYDBADUSN0DBAXVECADBAfVW4ADBALVgkADBALVgkwDBAHVglwDBADV
gl8DBAPZS5gwDQQCAAIwBwMFACoBBagwDQYJKoZIhvcNAQELBQADggEBADSB+OaH
pH1DWLppd0h8lWXlq9PEI9Z6Fe0OIpMsEj4sXweVYhrf+OUIsFeLD8GPszoP6SvW
U9hHuw4k5IeeCN7ZBrTRym+Cs57t8GxAAmGD35F2JilbWA44SOu8jXFjhfVGTHwd
RdZeUeggl7nR8TGdFsYmND6xwF+5xc4i64VKVa1wLUK++Vr/mHZ65COprz/2/xH+
thN4URCv+TlUFhaZ6bhUKj4kJ21hy+wLjuHPLRRnA+G/NMiDXhOMKKxLcG2D037a
unUAoZY3otn6nIUyckL8B572fNAYKjgwe8PgqJSmCMSQqukbA+II9dHL11jHtQ2W
52nPGDeQ87SpYzc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org