Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ZbNtsE2fvL4RxYwwanyU7LQ_n34.roa
File: ZbNtsE2fvL4RxYwwanyU7LQ_n34.roa (raw, json)
Hash identifier: qiI2kG7QIlEO5Tasv49sNRiHHcb37Ytgv3oL55QA+YU=
Subject key identifier: 65:B3:6D:B0:4D:9F:BC:BE:11:C5:8C:30:6A:7C:94:EC:B4:3F:9F:7E
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0189B6241D6FE333B210921016B93FADB844
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ZbNtsE2fvL4RxYwwanyU7LQ_n34.roa
Signing time: Wed 02 Aug 2023 12:06:07 +0000
ROA not before: Wed 02 Aug 2023 12:06:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8866
IP address blocks: 90.154.128.0/17 maxlen: 24
62.73.64.0/18 maxlen: 24
83.228.61.0/24 maxlen: 24
84.40.64.0/18 maxlen: 18
46.249.64.0/19 maxlen: 19
85.187.46.0/23 maxlen: 24
85.187.64.0/18 maxlen: 18
212.72.199.0/24 maxlen: 24
212.72.198.0/24 maxlen: 24
212.72.202.0/23 maxlen: 24
212.72.212.0/24 maxlen: 24
89.25.72.0/22 maxlen: 22
85.187.22.0/23 maxlen: 24
85.187.24.0/21 maxlen: 24
85.187.32.0/21 maxlen: 24
83.228.0.0/17 maxlen: 24
79.100.0.0/16 maxlen: 24
78.154.0.0/19 maxlen: 24
212.72.214.0/24 maxlen: 24
212.72.221.0/24 maxlen: 24
212.5.128.0/19 maxlen: 24
212.39.64.0/19 maxlen: 24
82.146.0.0/22 maxlen: 22
82.146.6.0/23 maxlen: 24
82.146.11.0/24 maxlen: 24
82.146.24.0/23 maxlen: 24
77.85.176.0/20 maxlen: 24
77.85.174.0/24 maxlen: 24
77.85.196.0/24 maxlen: 24
77.85.198.0/24 maxlen: 24
89.25.64.0/21 maxlen: 21
82.146.28.0/23 maxlen: 24
82.146.31.0/24 maxlen: 24
77.85.128.0/19 maxlen: 24
87.126.0.0/16 maxlen: 24
77.85.160.0/21 maxlen: 24
77.85.168.0/22 maxlen: 24
77.85.172.0/23 maxlen: 24
95.43.206.0/24 maxlen: 24
95.43.220.0/22 maxlen: 22
213.91.154.0/24 maxlen: 24
46.10.193.0/24 maxlen: 24
77.85.0.0/16 maxlen: 24
213.91.128.0/17 maxlen: 24
46.10.166.0/23 maxlen: 23
84.238.136.0/22 maxlen: 22
84.238.134.0/23 maxlen: 24
84.238.140.0/23 maxlen: 23
84.238.142.0/23 maxlen: 23
84.238.144.0/21 maxlen: 21
84.238.152.0/22 maxlen: 24
84.238.156.0/22 maxlen: 22
84.238.165.0/24 maxlen: 24
84.238.168.0/21 maxlen: 21
84.238.167.0/24 maxlen: 24
84.238.178.0/23 maxlen: 24
84.238.180.0/22 maxlen: 22
82.137.64.0/18 maxlen: 24
95.43.0.0/17 maxlen: 24
37.157.136.0/21 maxlen: 21
213.16.32.0/19 maxlen: 24
37.157.160.0/19 maxlen: 19
84.238.128.0/22 maxlen: 22
46.10.0.0/16 maxlen: 24
84.238.192.0/22 maxlen: 24
84.238.204.0/22 maxlen: 22
87.116.64.0/22 maxlen: 22
87.116.72.0/21 maxlen: 21
151.237.140.0/23 maxlen: 24
87.116.82.0/24 maxlen: 24
213.130.92.0/23 maxlen: 24
213.130.95.0/24 maxlen: 24
213.130.64.0/22 maxlen: 22
213.130.78.0/23 maxlen: 23
213.130.76.0/23 maxlen: 24
213.130.77.0/24 maxlen: 24
62.176.64.0/19 maxlen: 24
94.236.229.0/24 maxlen: 24
94.236.231.0/24 maxlen: 24
94.236.228.0/24 maxlen: 24
94.236.234.0/24 maxlen: 24
94.236.235.0/24 maxlen: 24
94.236.238.0/24 maxlen: 24
94.236.240.0/20 maxlen: 20
62.176.96.0/19 maxlen: 24
94.236.163.0/24 maxlen: 24
94.236.164.0/24 maxlen: 24
94.236.160.0/24 maxlen: 24
87.243.96.0/21 maxlen: 21
94.236.161.0/24 maxlen: 24
94.236.160.0/19 maxlen: 24
94.236.172.0/24 maxlen: 24
87.243.104.0/21 maxlen: 21
94.236.170.0/23 maxlen: 23
94.236.179.0/24 maxlen: 24
87.243.112.0/22 maxlen: 22
94.236.173.0/24 maxlen: 24
94.236.174.0/24 maxlen: 24
94.236.175.0/24 maxlen: 24
94.236.176.0/23 maxlen: 23
87.243.116.0/22 maxlen: 22
94.236.180.0/22 maxlen: 22
94.236.184.0/21 maxlen: 21
87.243.120.0/21 maxlen: 21
94.236.204.0/24 maxlen: 24
94.236.205.0/24 maxlen: 24
95.42.0.0/15 maxlen: 24
62.176.117.0/24 maxlen: 24
217.75.139.0/24 maxlen: 24
217.75.143.0/24 maxlen: 24
94.155.64.0/20 maxlen: 24
94.155.80.0/22 maxlen: 24
185.20.156.0/22 maxlen: 22
83.148.64.0/18 maxlen: 24
95.87.192.0/18 maxlen: 18
94.236.144.0/24 maxlen: 24
94.236.144.0/21 maxlen: 24
87.243.80.0/20 maxlen: 20
94.236.149.0/24 maxlen: 24
94.236.151.0/24 maxlen: 24
94.236.146.0/24 maxlen: 24
94.236.152.0/24 maxlen: 24
94.236.152.0/21 maxlen: 24
94.236.153.0/24 maxlen: 24
94.236.154.0/24 maxlen: 24
94.155.112.0/21 maxlen: 24
94.155.120.0/22 maxlen: 24
2a01:5a8:2:5::/64 maxlen: 64
2a01:5a8:1:ffff::/64 maxlen: 64
2a01:5a8:2:4::/64 maxlen: 64
2a01:5a8::/32 maxlen: 128
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:24:1d:6f:e3:33:b2:10:92:10:16:b9:3f:ad:b8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Aug 2 12:06:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65b36db04d9fbcbe11c58c306a7c94ecb43f9f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:35:ab:f8:c5:ea:6f:91:e6:2f:b9:20:17:b2:
9c:ed:b1:b0:fb:e2:a2:cb:8d:47:ad:fb:b6:a3:0d:
43:c6:8f:41:ed:82:b8:8f:93:b4:a4:a0:82:66:4f:
66:a5:45:6f:fe:0b:e9:df:cb:e6:83:23:f7:09:59:
f2:c6:6a:8d:9c:60:21:df:15:c9:b8:5b:72:41:ee:
77:d4:51:16:cb:6a:eb:7e:2d:4c:da:d3:7b:9f:24:
17:af:5b:f3:d3:d0:69:b0:12:c6:bc:c9:8e:fd:f2:
c7:1a:52:b1:32:8e:64:ff:fc:27:30:18:03:74:f3:
6d:e4:53:71:ef:cc:f5:44:26:fd:ee:24:ad:e7:a6:
d2:ea:14:76:9b:dc:bc:52:72:c0:2c:94:3e:08:c4:
e1:bc:02:08:af:db:45:cc:aa:0b:8b:2f:88:c5:b7:
22:5b:d9:e1:eb:65:f8:dc:4c:fc:b1:7f:d9:e2:20:
54:f9:29:8b:dd:6c:4e:5b:c6:c4:f4:5c:ec:23:39:
29:52:3d:c6:67:eb:6a:4e:aa:74:eb:e1:5a:ac:ba:
79:96:74:34:93:a3:cc:3e:d9:a9:90:1d:38:10:0e:
f0:3f:b1:be:fd:75:90:1e:69:f0:94:5b:97:b9:f7:
53:71:02:a2:c1:d7:dd:94:08:41:44:b7:23:6f:1a:
d2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B3:6D:B0:4D:9F:BC:BE:11:C5:8C:30:6A:7C:94:EC:B4:3F:9F:7E
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ZbNtsE2fvL4RxYwwanyU7LQ_n34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.136.0/21
37.157.160.0/19
46.10.0.0/16
46.249.64.0/19
62.73.64.0/18
62.176.64.0/18
77.85.0.0/16
78.154.0.0/19
79.100.0.0/16
82.137.64.0/18
82.146.0.0/22
82.146.6.0/23
82.146.11.0/24
82.146.24.0/23
82.146.28.0/23
82.146.31.0/24
83.148.64.0/18
83.228.0.0/17
84.40.64.0/18
84.238.128.0/22
84.238.134.0-84.238.159.255
84.238.165.0/24
84.238.167.0-84.238.175.255
84.238.178.0-84.238.183.255
84.238.192.0/22
84.238.204.0/22
85.187.22.0-85.187.39.255
85.187.46.0/23
85.187.64.0/18
87.116.64.0/22
87.116.72.0/21
87.116.82.0/24
87.126.0.0/16
87.243.80.0-87.243.127.255
89.25.64.0-89.25.75.255
90.154.128.0/17
94.155.64.0-94.155.83.255
94.155.112.0-94.155.123.255
94.236.144.0-94.236.191.255
94.236.204.0/23
94.236.228.0/23
94.236.231.0/24
94.236.234.0/23
94.236.238.0/24
94.236.240.0/20
95.42.0.0/15
95.87.192.0/18
151.237.140.0/23
185.20.156.0/22
212.5.128.0/19
212.39.64.0/19
212.72.198.0/23
212.72.202.0/23
212.72.212.0/24
212.72.214.0/24
212.72.221.0/24
213.16.32.0/19
213.91.128.0/17
213.130.64.0/22
213.130.76.0/22
213.130.92.0/23
213.130.95.0/24
217.75.139.0/24
217.75.143.0/24
IPv6:
2a01:5a8::/32
Signature Algorithm: sha256WithRSAEncryption
51:9e:a0:ce:68:8a:c5:d4:31:5c:c6:18:eb:2c:15:0d:f3:70:
29:0a:1d:00:55:23:c9:2a:aa:46:1e:63:1f:49:e9:18:95:c3:
74:fc:6f:fa:04:ef:b6:89:c4:ec:65:e8:87:53:b1:e9:e2:52:
a2:90:f5:1d:94:ed:c5:19:2c:34:e9:02:f4:92:85:5b:b1:07:
75:78:6a:70:73:e0:86:0f:eb:d9:29:4f:9f:e7:b7:68:52:9d:
99:0f:87:9a:a5:bf:1b:0f:b5:c9:9a:6c:ea:63:46:a1:22:f2:
90:03:18:e9:c7:c7:95:d7:94:d8:10:5d:67:59:5f:22:f1:5e:
b5:3a:23:43:07:61:e7:c4:36:c9:9a:5d:59:16:19:1f:11:34:
9b:01:25:40:a2:31:4b:f3:c5:1e:ff:d0:f9:60:de:72:82:da:
67:ee:05:6f:f8:39:e1:ae:bf:fc:49:26:95:ef:d8:f3:bb:4c:
a3:e0:5c:fe:47:99:73:f9:06:1f:2e:de:c9:b3:96:9e:50:09:
d2:ab:a3:8c:33:d9:a0:8f:9e:8d:7d:03:47:84:aa:e8:f2:24:
b6:d3:b9:a9:3c:29:40:63:67:4b:3c:7a:26:42:43:ac:5a:22:
9f:5a:24:d4:89:c7:de:90:2a:7d:1a:e1:d9:9c:88:02:6a:b4:
22:f3:df:50
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgISAYm2JB1v4zOyEJIQFrk/rbhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwODAyMTIwNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWIzNmRiMDRkOWZiY2JlMTFjNThjMzA2YTdjOTRlY2I0M2Y5ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzWr+MXqb5HmL7kgF7Kc7bGw++Ki
y41Hrfu2ow1Dxo9B7YK4j5O0pKCCZk9mpUVv/gvp38vmgyP3CVnyxmqNnGAh3xXJ
uFtyQe531FEWy2rrfi1M2tN7nyQXr1vz09BpsBLGvMmO/fLHGlKxMo5k//wnMBgD
dPNt5FNx78z1RCb97iSt56bS6hR2m9y8UnLALJQ+CMThvAIIr9tFzKoLiy+Ixbci
W9nh62X43Ez8sX/Z4iBU+SmL3WxOW8bE9FzsIzkpUj3GZ+tqTqp06+FarLp5lnQ0
k6PMPtmpkB04EA7wP7G+/XWQHmnwlFuXufdTcQKiwdfdlAhBRLcjbxrS3QIDAQAB
o4ID3zCCA9swHQYDVR0OBBYEFGWzbbBNn7y+EcWMMGp8lOy0P59+MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWmJOdHNFMmZ2TDRSeFl3d2FueVU3TFFfbjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB8wYIKwYBBQUHAQcBAf8EggHiMIIB3jCCAcsEAgABMIIB
wwMEAyWdiAMEBSWdoAMDAC4KAwQFLvlAAwQGPklAAwQGPrBAAwMATVUDBAVOmgAD
AwBPZAMEBlKJQAMEAlKSAAMEAVKSBgMEAFKSCwMEAVKSGAMEAVKSHAMEAFKSHwME
BlOUQAMEB1PkAAMEBlQoQAMEAlTugDAMAwQBVO6GAwQFVO6AAwQAVO6lMAwDBABU
7qcDBARU7qAwDAMEAVTusgMEA1TusAMEAlTuwAMEAlTuzDAMAwQBVbsWAwQDVbsg
AwQBVbsuAwQGVbtAAwQCV3RAAwQDV3RIAwQAV3RSAwMAV34wDAMEBFfzUAMEB1fz
ADAMAwQGWRlAAwQCWRlIAwQHWpqAMAwDBAZem0ADBAJem1AwDAMEBF6bcAMEAl6b
eDAMAwQEXuyQAwQGXuyAAwQBXuzMAwQBXuzkAwQAXuznAwQBXuzqAwQAXuzuAwQE
XuzwAwMBXyoDBAZfV8ADBAGX7YwDBAK5FJwDBAXUBYADBAXUJ0ADBAHUSMYDBAHU
SMoDBADUSNQDBADUSNYDBADUSN0DBAXVECADBAfVW4ADBALVgkADBALVgkwDBAHV
glwDBADVgl8DBADZS4sDBADZS48wDQQCAAIwBwMFACoBBagwDQYJKoZIhvcNAQEL
BQADggEBAFGeoM5oisXUMVzGGOssFQ3zcCkKHQBVI8kqqkYeYx9J6RiVw3T8b/oE
77aJxOxl6IdTseniUqKQ9R2U7cUZLDTpAvSShVuxB3V4anBz4IYP69kpT5/nt2hS
nZkPh5qlvxsPtcmabOpjRqEi8pADGOnHx5XXlNgQXWdZXyLxXrU6I0MHYefENsma
XVkWGR8RNJsBJUCiMUvzxR7/0Plg3nKC2mfuBW/4OeGuv/xJJpXv2PO7TKPgXP5H
mXP5Bh8u3smzlp5QCdKro4wz2aCPno19A0eEqujyJLbTuak8KUBjZ0s8eiZCQ6xa
Ip9aJNSJx96QKn0a4dmciAJqtCLz31A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org