Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o_hciygopwAXifAJD-2yii2OnP8.roa
File: o_hciygopwAXifAJD-2yii2OnP8.roa (raw, json)
Hash identifier: rLxx3eBHDVqYJ5ZzEE2PYjKMDClQarX3CTkRGqQ0f0E=
Subject key identifier: A3:F8:5C:8B:28:28:A7:00:17:89:F0:09:0F:ED:B2:8A:2D:8E:9C:FF
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 018571B0ED28DDBEE9AA98559919FBA4C9D4
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o_hciygopwAXifAJD-2yii2OnP8.roa
Signing time: Mon 02 Jan 2023 08:54:58 +0000
ROA not before: Mon 02 Jan 2023 08:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204601
IP address blocks: 45.12.215.0/24 maxlen: 24
45.12.214.0/24 maxlen: 24
45.87.0.0/22 maxlen: 22
45.147.197.0/24 maxlen: 24
45.147.196.0/24 maxlen: 24
45.147.198.0/24 maxlen: 24
45.147.199.0/24 maxlen: 24
91.228.56.0/24 maxlen: 24
45.12.212.0/24 maxlen: 24
45.12.213.0/24 maxlen: 24
185.235.128.0/24 maxlen: 24
185.235.131.0/24 maxlen: 24
185.235.129.0/24 maxlen: 24
185.235.130.0/24 maxlen: 24
77.220.215.0/24 maxlen: 24
77.220.214.0/24 maxlen: 24
45.66.8.0/24 maxlen: 24
45.66.11.0/24 maxlen: 24
45.66.9.0/24 maxlen: 24
45.66.10.0/24 maxlen: 24
185.241.52.0/24 maxlen: 24
185.241.55.0/24 maxlen: 24
185.241.53.0/24 maxlen: 24
185.241.54.0/24 maxlen: 24
77.220.212.0/24 maxlen: 24
77.220.213.0/24 maxlen: 24
77.220.212.0/22 maxlen: 22
91.201.25.0/24 maxlen: 24
185.154.12.0/24 maxlen: 24
185.154.14.0/24 maxlen: 24
185.154.15.0/24 maxlen: 24
185.154.13.0/24 maxlen: 24
212.86.101.0/24 maxlen: 24
212.86.102.0/24 maxlen: 24
212.86.108.0/24 maxlen: 24
212.86.109.0/24 maxlen: 24
212.86.114.0/24 maxlen: 24
212.86.115.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
45.132.106.0/24 maxlen: 24
213.166.68.0/24 maxlen: 24
213.166.69.0/24 maxlen: 24
213.166.70.0/24 maxlen: 24
213.166.71.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
178.159.39.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
178.159.42.0/24 maxlen: 24
178.159.43.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.91.203.0/24 maxlen: 24
45.132.104.0/24 maxlen: 24
45.132.105.0/24 maxlen: 24
92.119.112.0/24 maxlen: 24
92.119.115.0/24 maxlen: 24
92.119.113.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
185.213.210.0/24 maxlen: 24
185.213.208.0/22 maxlen: 22
185.213.208.0/24 maxlen: 24
185.213.209.0/24 maxlen: 24
185.213.211.0/24 maxlen: 24
80.85.136.0/21 maxlen: 21
185.206.213.0/24 maxlen: 24
185.206.212.0/24 maxlen: 24
185.206.214.0/24 maxlen: 24
185.206.215.0/24 maxlen: 24
185.51.246.0/24 maxlen: 24
185.51.247.0/24 maxlen: 24
185.219.82.0/24 maxlen: 24
185.219.80.0/22 maxlen: 22
185.219.83.0/24 maxlen: 24
185.219.80.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
176.57.69.0/24 maxlen: 24
176.57.70.0/24 maxlen: 24
176.57.68.0/24 maxlen: 24
176.57.71.0/24 maxlen: 24
103.246.144.0/22 maxlen: 22
81.91.176.0/22 maxlen: 22
81.91.178.0/24 maxlen: 24
178.159.38.0/24 maxlen: 24
77.83.172.0/24 maxlen: 24
77.83.173.0/24 maxlen: 24
77.83.174.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.250.0/24 maxlen: 24
91.211.251.0/24 maxlen: 24
193.163.113.0/24 maxlen: 24
46.21.250.0/24 maxlen: 24
185.203.240.0/22 maxlen: 22
185.203.240.0/24 maxlen: 24
185.203.242.0/24 maxlen: 24
185.203.243.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
45.82.176.0/22 maxlen: 22
185.244.216.0/24 maxlen: 24
185.244.216.0/22 maxlen: 22
185.244.219.0/24 maxlen: 24
185.204.109.0/24 maxlen: 24
185.244.217.0/24 maxlen: 24
185.244.218.0/24 maxlen: 24
45.137.64.0/22 maxlen: 22
185.224.132.0/22 maxlen: 22
185.224.132.0/24 maxlen: 24
185.231.70.0/24 maxlen: 24
185.224.134.0/24 maxlen: 24
185.224.133.0/24 maxlen: 24
185.231.68.0/22 maxlen: 22
212.8.246.0/24 maxlen: 24
185.224.135.0/24 maxlen: 24
185.231.68.0/24 maxlen: 24
185.231.71.0/24 maxlen: 24
212.8.244.0/24 maxlen: 24
185.231.69.0/24 maxlen: 24
45.88.106.0/24 maxlen: 24
45.88.107.0/24 maxlen: 24
212.162.152.0/22 maxlen: 24
45.81.224.0/22 maxlen: 22
185.250.206.0/24 maxlen: 24
185.250.204.0/24 maxlen: 24
185.250.205.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
45.136.85.0/24 maxlen: 24
45.136.84.0/24 maxlen: 24
45.136.86.0/24 maxlen: 24
45.136.87.0/24 maxlen: 24
45.82.68.0/22 maxlen: 22
95.215.204.0/22 maxlen: 22
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.209.20.0/22 maxlen: 22
185.209.22.0/24 maxlen: 24
185.209.23.0/24 maxlen: 24
185.107.237.0/24 maxlen: 24
45.88.78.0/24 maxlen: 24
45.88.76.0/24 maxlen: 24
45.88.77.0/24 maxlen: 24
45.88.79.0/24 maxlen: 24
45.88.104.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
85.209.90.0/24 maxlen: 24
85.209.88.0/24 maxlen: 24
85.209.89.0/24 maxlen: 24
85.209.91.0/24 maxlen: 24
2a07:5980::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ed:28:dd:be:e9:aa:98:55:99:19:fb:a4:c9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Jan 2 08:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f85c8b2828a7001789f0090fedb28a2d8e9cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7b:cf:cf:8d:8b:ae:da:dc:3b:3d:1d:6e:5d:
40:64:bb:f3:40:2c:89:1d:0f:c9:52:57:55:52:88:
3c:7b:5e:25:d6:ae:4a:85:c8:3d:2a:20:1c:7f:53:
2d:f3:45:02:be:06:82:2d:96:98:6c:cf:18:5b:6b:
2a:f3:04:ba:61:44:ca:ec:66:4e:c9:cd:3e:17:d1:
62:06:51:4f:15:c7:1d:71:7e:8d:07:da:88:0e:e5:
02:be:54:1a:66:51:89:42:b5:86:7d:48:fb:e6:66:
97:dc:9b:8f:b5:0f:1e:b5:f4:6f:40:e5:7d:c8:a3:
bf:f1:bc:d4:82:5e:44:c4:06:65:50:62:87:6c:81:
1e:8d:30:ed:2a:c3:dd:a5:0e:1e:35:85:7f:b7:61:
b0:01:2d:d7:80:f9:08:71:05:f4:59:94:6c:9f:8a:
78:59:79:7b:3d:f5:66:1b:f0:62:27:f2:ed:88:de:
20:6d:bf:5f:f0:f6:35:9d:39:d0:b4:38:1d:f1:4f:
1e:56:4f:16:bd:94:54:2b:b1:e2:2b:89:f1:53:04:
2f:a4:6c:03:d1:65:85:4a:51:02:49:e8:65:e4:b7:
06:0e:ee:17:7e:01:ec:14:9a:58:4b:61:1e:92:0e:
00:6b:4c:dc:0d:a8:51:ef:bf:65:f9:cf:c3:0e:96:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F8:5C:8B:28:28:A7:00:17:89:F0:09:0F:ED:B2:8A:2D:8E:9C:FF
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/o_hciygopwAXifAJD-2yii2OnP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.212.0/22
45.66.8.0/22
45.81.224.0/22
45.82.68.0/22
45.82.176.0/22
45.87.0.0/22
45.88.76.0/22
45.88.104.0/22
45.91.200.0/22
45.132.104.0/22
45.136.84.0/22
45.137.64.0/22
45.147.196.0/22
46.21.250.0/24
77.83.172.0/22
77.220.212.0/22
80.85.136.0/21
81.91.176.0/22
85.209.88.0/22
91.201.25.0/24
91.211.248.0/22
91.228.56.0/24
92.119.112.0/22
95.215.204.0/22
103.246.144.0/22
176.57.68.0/22
178.159.38.0/23
178.159.42.0/23
185.51.246.0/23
185.107.237.0/24
185.154.12.0/22
185.203.240.0/22
185.204.109.0/24
185.206.212.0/22
185.209.20.0/22
185.213.208.0/22
185.219.80.0/22
185.224.132.0/22
185.231.68.0/22
185.235.128.0/22
185.241.52.0/22
185.244.216.0/22
185.250.204.0/22
193.163.113.0/24
212.8.244.0/24
212.8.246.0/24
212.86.101.0-212.86.102.255
212.86.108.0/23
212.86.114.0/23
212.162.152.0/22
213.166.68.0/22
IPv6:
2a07:5980::/29
Signature Algorithm: sha256WithRSAEncryption
32:8a:f1:96:54:40:3a:83:2f:38:be:0d:02:9e:ce:ac:52:3d:
fe:fd:60:0b:6a:08:65:94:8d:2c:1d:28:65:1b:ad:54:bf:d5:
6f:97:55:f4:ec:58:75:20:9e:e6:cf:62:ec:bd:d6:d0:9f:4c:
f4:82:5a:c9:01:14:3e:c1:d4:63:fc:98:a1:e9:94:cd:70:e0:
23:98:c5:ef:be:53:87:ce:1c:89:f7:7c:db:1c:7a:35:de:e1:
f3:0e:2e:d2:30:ad:fd:bc:cf:ce:3e:81:96:c3:ad:52:81:30:
90:ae:b6:46:a9:30:3e:71:c3:a4:9d:f6:dd:56:38:cb:76:65:
19:ea:31:65:17:6e:1d:1b:97:0b:5c:c7:10:81:fc:ca:81:da:
b4:d2:ab:e5:09:4c:06:6b:6f:4f:1f:16:48:dc:0b:d8:4c:88:
29:34:7e:24:60:2f:1b:f8:30:c7:0f:27:e2:f5:d4:7b:4c:d6:
be:3a:ef:9a:75:53:b6:c4:a6:76:94:1b:80:b2:81:cd:ab:5a:
76:df:27:42:3a:f3:8f:29:04:c1:4d:75:30:da:7f:9b:fa:ef:
c6:f7:e9:e5:c1:bf:7b:0a:d7:e9:d4:0b:fa:ac:39:0e:d5:5f:
08:3f:9f:6f:5b:0b:8c:8c:08:bf:c7:e8:fd:6c:f6:99:86:e0:
38:87:57:8e
-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgISAYVxsO0o3b7pqphVmRn7pMnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjMwMTAyMDg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y4NWM4YjI4MjhhNzAwMTc4OWYwMDkwZmVkYjI4YTJkOGU5Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3vPz42LrtrcOz0dbl1AZLvzQCyJ
HQ/JUldVUog8e14l1q5Khcg9KiAcf1Mt80UCvgaCLZaYbM8YW2sq8wS6YUTK7GZO
yc0+F9FiBlFPFccdcX6NB9qIDuUCvlQaZlGJQrWGfUj75maX3JuPtQ8etfRvQOV9
yKO/8bzUgl5ExAZlUGKHbIEejTDtKsPdpQ4eNYV/t2GwAS3XgPkIcQX0WZRsn4p4
WXl7PfVmG/BiJ/LtiN4gbb9f8PY1nTnQtDgd8U8eVk8WvZRUK7HiK4nxUwQvpGwD
0WWFSlECSehl5LcGDu4XfgHsFJpYS2Eekg4Aa0zcDahR779l+c/DDpaRsQIDAQAB
o4IDVjCCA1IwHQYDVR0OBBYEFKP4XIsoKKcAF4nwCQ/tsootjpz/MB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvb19oY2l5Z29wd0FYaWZBSkQtMnlpaTJPblA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBagYIKwYBBQUHAQcBAf8EggFZMIIBVTCCAUIEAgABMIIB
OgMEAi0M1AMEAi1CCAMEAi1R4AMEAi1SRAMEAi1SsAMEAi1XAAMEAi1YTAMEAi1Y
aAMEAi1byAMEAi2EaAMEAi2IVAMEAi2JQAMEAi2TxAMEAC4V+gMEAk1TrAMEAk3c
1AMEA1BViAMEAlFbsAMEAlXRWAMEAFvJGQMEAlvT+AMEAFvkOAMEAlx3cAMEAl/X
zAMEAmf2kAMEArA5RAMEAbKfJgMEAbKfKgMEAbkz9gMEALlr7QMEArmaDAMEArnL
8AMEALnMbQMEArnO1AMEArnRFAMEArnV0AMEArnbUAMEArnghAMEArnnRAMEArnr
gAMEArnxNAMEArn02AMEArn6zAMEAMGjcQMEANQI9AMEANQI9jAMAwQA1FZlAwQA
1FZmAwQB1FZsAwQB1FZyAwQC1KKYAwQC1aZEMA0EAgACMAcDBQMqB1mAMA0GCSqG
SIb3DQEBCwUAA4IBAQAyivGWVEA6gy84vg0Cns6sUj3+/WALaghllI0sHShlG61U
v9Vvl1X07Fh1IJ7mz2LsvdbQn0z0glrJARQ+wdRj/Jih6ZTNcOAjmMXvvlOHzhyJ
93zbHHo13uHzDi7SMK39vM/OPoGWw61SgTCQrrZGqTA+ccOknfbdVjjLdmUZ6jFl
F24dG5cLXMcQgfzKgdq00qvlCUwGa29PHxZI3AvYTIgpNH4kYC8b+DDHDyfi9dR7
TNa+Ou+adVO2xKZ2lBuAsoHNq1p23ydCOvOPKQTBTXUw2n+b+u/G9+nlwb97Ctfp
1Av6rDkO1V8IP59vWwuMjAi/x+j9bPaZhuA4h1eO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:20 2024 by rpki-client on console-ams.rpki-client.org