Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksd44rMx4AGsPqD1WbiNPfA2qGU.roa
File: ksd44rMx4AGsPqD1WbiNPfA2qGU.roa (raw, json)
Hash identifier: Th5o0ErPLp6QU5Dn7UV2nPXIK33gUfNFZFcphUAk7Cs=
Subject key identifier: 92:C7:78:E2:B3:31:E0:01:AC:3E:A0:F5:59:B8:8D:3D:F0:36:A8:65
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018E18E62AF47C9D34BA16689583C41F1E91
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksd44rMx4AGsPqD1WbiNPfA2qGU.roa
Signing time: Thu 07 Mar 2024 12:32:01 +0000
ROA not before: Thu 07 Mar 2024 12:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8866
IP address blocks: 37.157.136.0/21 maxlen: 24
37.157.160.0/19 maxlen: 24
46.10.0.0/16 maxlen: 24
46.10.166.0/23 maxlen: 24
46.10.193.0/24 maxlen: 24
46.249.64.0/19 maxlen: 24
62.73.64.0/18 maxlen: 24
62.176.64.0/19 maxlen: 24
62.176.96.0/19 maxlen: 24
62.176.117.0/24 maxlen: 24
62.176.124.54/32 maxlen: 32
77.85.0.0/16 maxlen: 24
77.85.128.0/19 maxlen: 24
77.85.160.0/21 maxlen: 24
77.85.168.0/22 maxlen: 24
77.85.172.0/23 maxlen: 24
77.85.174.0/24 maxlen: 24
77.85.176.0/20 maxlen: 24
77.85.196.0/24 maxlen: 24
77.85.198.0/24 maxlen: 24
78.154.0.0/19 maxlen: 24
79.100.0.0/16 maxlen: 24
82.137.64.0/18 maxlen: 24
82.146.0.0/22 maxlen: 24
82.146.6.0/23 maxlen: 24
82.146.11.0/24 maxlen: 24
82.146.24.0/23 maxlen: 24
82.146.28.0/23 maxlen: 24
82.146.31.0/24 maxlen: 24
83.148.64.0/18 maxlen: 24
83.228.0.0/17 maxlen: 24
83.228.61.0/24 maxlen: 24
84.40.64.0/18 maxlen: 24
84.40.89.0/24 maxlen: 24
84.238.128.0/22 maxlen: 24
84.238.134.0/23 maxlen: 24
84.238.136.0/22 maxlen: 24
84.238.140.0/23 maxlen: 24
84.238.142.0/23 maxlen: 24
84.238.144.0/21 maxlen: 24
84.238.152.0/22 maxlen: 24
84.238.156.0/22 maxlen: 24
84.238.165.0/24 maxlen: 24
84.238.167.0/24 maxlen: 24
84.238.168.0/21 maxlen: 24
84.238.178.0/23 maxlen: 24
84.238.180.0/22 maxlen: 24
84.238.192.0/22 maxlen: 24
84.238.204.0/22 maxlen: 24
85.187.22.0/23 maxlen: 24
85.187.24.0/21 maxlen: 24
85.187.32.0/21 maxlen: 24
85.187.46.0/23 maxlen: 24
85.187.64.0/18 maxlen: 24
87.116.66.160/32 maxlen: 32
87.116.82.0/24 maxlen: 24
87.126.0.0/16 maxlen: 24
87.126.134.0/24 maxlen: 24
87.243.80.0/20 maxlen: 24
87.243.96.0/21 maxlen: 24
87.243.104.0/21 maxlen: 24
87.243.112.0/22 maxlen: 22
87.243.116.0/22 maxlen: 24
87.243.120.0/21 maxlen: 24
87.254.160.0/19 maxlen: 24
87.254.160.0/23 maxlen: 24
87.254.162.0/23 maxlen: 24
87.254.162.0/24 maxlen: 24
87.254.163.0/24 maxlen: 24
87.254.164.0/23 maxlen: 24
87.254.164.0/24 maxlen: 24
87.254.165.0/24 maxlen: 24
87.254.166.0/23 maxlen: 24
87.254.168.0/24 maxlen: 24
87.254.169.0/24 maxlen: 24
87.254.170.0/23 maxlen: 24
87.254.172.0/23 maxlen: 24
87.254.172.0/24 maxlen: 24
87.254.173.0/24 maxlen: 24
88.87.0.0/19 maxlen: 24
90.154.128.0/17 maxlen: 24
94.236.144.0/21 maxlen: 24
94.236.144.0/24 maxlen: 24
94.236.146.0/24 maxlen: 24
94.236.149.0/24 maxlen: 24
94.236.151.0/24 maxlen: 24
94.236.152.0/21 maxlen: 24
94.236.152.0/24 maxlen: 24
94.236.153.0/24 maxlen: 24
94.236.154.0/24 maxlen: 24
94.236.160.0/19 maxlen: 24
94.236.160.0/24 maxlen: 24
94.236.161.0/24 maxlen: 24
94.236.163.0/24 maxlen: 24
94.236.164.0/24 maxlen: 24
94.236.170.0/23 maxlen: 24
94.236.172.0/24 maxlen: 24
94.236.173.0/24 maxlen: 24
94.236.174.0/24 maxlen: 24
94.236.175.0/24 maxlen: 24
94.236.176.0/23 maxlen: 24
94.236.179.0/24 maxlen: 24
94.236.180.0/22 maxlen: 24
94.236.184.0/21 maxlen: 24
94.236.204.0/24 maxlen: 24
94.236.205.0/24 maxlen: 24
94.236.228.0/24 maxlen: 24
94.236.229.0/24 maxlen: 24
94.236.231.0/24 maxlen: 24
94.236.234.0/24 maxlen: 24
94.236.235.0/24 maxlen: 24
94.236.238.0/24 maxlen: 24
94.236.240.0/20 maxlen: 24
95.42.0.0/15 maxlen: 24
95.43.0.0/17 maxlen: 24
95.43.206.0/24 maxlen: 24
95.43.220.0/22 maxlen: 24
95.87.192.0/18 maxlen: 24
109.199.128.0/19 maxlen: 24
151.237.140.0/23 maxlen: 24
185.20.156.0/22 maxlen: 24
212.5.128.0/19 maxlen: 24
212.39.64.0/19 maxlen: 24
212.50.64.0/19 maxlen: 24
212.72.198.0/24 maxlen: 24
212.72.199.0/24 maxlen: 24
212.72.202.0/23 maxlen: 24
212.72.212.0/24 maxlen: 24
212.72.214.0/24 maxlen: 24
212.72.221.0/24 maxlen: 24
213.16.32.0/19 maxlen: 24
213.91.128.0/17 maxlen: 24
213.91.154.0/24 maxlen: 24
213.130.64.0/22 maxlen: 24
213.130.76.0/23 maxlen: 24
213.130.77.0/24 maxlen: 24
213.130.78.0/23 maxlen: 24
213.130.92.0/23 maxlen: 24
213.130.95.0/24 maxlen: 24
217.75.139.0/24 maxlen: 24
2a00:e40::/32 maxlen: 64
2a01:5a8::/32 maxlen: 128
2a01:5a8:1:ffff::/64 maxlen: 64
2a01:5a8:2:4::/64 maxlen: 64
2a01:5a8:2:5::/64 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:e6:2a:f4:7c:9d:34:ba:16:68:95:83:c4:1f:1e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Mar 7 12:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92c778e2b331e001ac3ea0f559b88d3df036a865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:13:45:59:9b:d0:3c:47:54:18:a2:42:fb:1c:
3a:88:22:ab:7a:f9:22:19:da:c8:7d:55:6a:0c:f5:
50:dd:95:76:14:e8:d3:bb:87:b3:cf:75:9e:ab:60:
bc:2a:26:75:08:06:ee:d1:47:e8:9c:2d:ef:26:21:
5d:48:c5:20:e7:70:2c:01:26:a3:9a:51:59:f5:ae:
81:b3:d3:98:fa:fb:c0:62:3f:80:e0:8f:07:8a:6f:
c3:52:78:ab:5f:9f:af:4e:2a:e7:84:fe:4a:8a:90:
ec:e0:ee:4b:a6:9e:d2:f9:a4:c9:ed:de:5a:0e:e6:
7e:09:85:34:2d:41:5c:77:38:0f:ce:32:6a:fb:03:
c3:67:e1:c6:37:89:77:be:1b:6b:a3:61:44:38:ac:
fe:fa:e5:6f:e6:bd:76:a6:2a:1f:fc:44:6b:41:65:
cc:d2:a8:d7:e2:cc:28:d4:a9:72:7b:4c:0b:17:31:
9b:a7:07:56:9c:9d:6d:d2:29:36:f1:5e:01:16:63:
08:fb:f2:cd:00:e7:ef:f2:b2:97:db:7d:8b:a8:0d:
aa:d6:f2:21:15:b1:37:fa:7a:f8:2a:f0:e5:ab:a9:
38:b4:6e:c0:17:e7:1a:e2:1d:50:1d:1e:4d:22:c2:
66:87:ea:b4:d0:fc:38:36:74:a2:8d:d0:29:07:d0:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C7:78:E2:B3:31:E0:01:AC:3E:A0:F5:59:B8:8D:3D:F0:36:A8:65
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksd44rMx4AGsPqD1WbiNPfA2qGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.136.0/21
37.157.160.0/19
46.10.0.0/16
46.249.64.0/19
62.73.64.0/18
62.176.64.0/18
77.85.0.0/16
78.154.0.0/19
79.100.0.0/16
82.137.64.0/18
82.146.0.0/22
82.146.6.0/23
82.146.11.0/24
82.146.24.0/23
82.146.28.0/23
82.146.31.0/24
83.148.64.0/18
83.228.0.0/17
84.40.64.0/18
84.238.128.0/22
84.238.134.0-84.238.159.255
84.238.165.0/24
84.238.167.0-84.238.175.255
84.238.178.0-84.238.183.255
84.238.192.0/22
84.238.204.0/22
85.187.22.0-85.187.39.255
85.187.46.0/23
85.187.64.0/18
87.116.66.160/32
87.116.82.0/24
87.126.0.0/16
87.243.80.0-87.243.127.255
87.254.160.0/19
88.87.0.0/19
90.154.128.0/17
94.236.144.0-94.236.191.255
94.236.204.0/23
94.236.228.0/23
94.236.231.0/24
94.236.234.0/23
94.236.238.0/24
94.236.240.0/20
95.42.0.0/15
95.87.192.0/18
109.199.128.0/19
151.237.140.0/23
185.20.156.0/22
212.5.128.0/19
212.39.64.0/19
212.50.64.0/19
212.72.198.0/23
212.72.202.0/23
212.72.212.0/24
212.72.214.0/24
212.72.221.0/24
213.16.32.0/19
213.91.128.0/17
213.130.64.0/22
213.130.76.0/22
213.130.92.0/23
213.130.95.0/24
217.75.139.0/24
IPv6:
2a00:e40::/32
2a01:5a8::/32
Signature Algorithm: sha256WithRSAEncryption
51:99:2c:bd:61:72:22:a2:36:7d:37:40:9d:4a:10:84:a7:bb:
ef:e4:e2:0a:ca:31:a2:84:11:10:c1:8e:4f:ff:b6:82:3f:e6:
89:1a:9b:db:cb:8f:e8:51:67:7d:26:88:81:b1:09:1a:d7:b4:
e0:04:89:0f:9b:a2:8c:c7:ad:55:69:8b:8a:9b:98:45:d2:9b:
42:79:56:38:01:de:79:6f:76:bc:eb:c0:e9:bb:04:0e:15:30:
11:46:9d:a4:f6:bd:7e:30:a9:d0:46:8a:f4:7e:09:75:6c:b9:
2f:70:5d:73:20:88:70:57:a6:84:cf:ce:29:fd:a4:ae:d7:1c:
10:f5:ee:b1:35:ed:69:cc:38:4d:80:79:96:e6:94:6b:71:03:
14:0d:f8:36:36:4b:df:eb:92:13:c0:be:3e:82:ec:b4:8a:1d:
2d:ad:1a:9d:27:7c:75:42:aa:9e:d9:4b:7f:86:b6:dd:e9:68:
1f:b3:7a:6b:b0:4a:45:16:ce:09:f9:ca:ba:14:c4:4c:11:92:
9e:5e:40:73:68:f3:25:90:e7:1d:e4:2e:89:94:f9:ed:28:86:
c4:55:7a:58:6c:84:3b:6e:09:ae:b9:55:48:39:ae:51:0b:73:
87:2e:69:4e:42:2e:2c:19:0e:49:25:fb:13:32:e4:59:da:b7:
cf:8a:19:87
-----BEGIN CERTIFICATE-----
MIIGvTCCBaWgAwIBAgISAY4Y5ir0fJ00uhZolYPEHx6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMzA3MTIzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM3NzhlMmIzMzFlMDAxYWMzZWEwZjU1OWI4OGQzZGYwMzZhODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxNFWZvQPEdUGKJC+xw6iCKrevki
GdrIfVVqDPVQ3ZV2FOjTu4ezz3Weq2C8KiZ1CAbu0UfonC3vJiFdSMUg53AsASaj
mlFZ9a6Bs9OY+vvAYj+A4I8Him/DUnirX5+vTirnhP5KipDs4O5Lpp7S+aTJ7d5a
DuZ+CYU0LUFcdzgPzjJq+wPDZ+HGN4l3vhtro2FEOKz++uVv5r12piof/ERrQWXM
0qjX4swo1Klye0wLFzGbpwdWnJ1t0ik28V4BFmMI+/LNAOfv8rKX232LqA2q1vIh
FbE3+nr4KvDlq6k4tG7AF+ca4h1QHR5NIsJmh+q00Pw4NnSijdApB9B2SwIDAQAB
o4IDyTCCA8UwHQYDVR0OBBYEFJLHeOKzMeABrD6g9Vm4jT3wNqhlMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEva3NkNDRyTXg0QUdzUHFEMVdiaU5QZkEycUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3QYIKwYBBQUHAQcBAf8EggHMMIIByDCCAa4EAgABMIIB
pgMEAyWdiAMEBSWdoAMDAC4KAwQFLvlAAwQGPklAAwQGPrBAAwMATVUDBAVOmgAD
AwBPZAMEBlKJQAMEAlKSAAMEAVKSBgMEAFKSCwMEAVKSGAMEAVKSHAMEAFKSHwME
BlOUQAMEB1PkAAMEBlQoQAMEAlTugDAMAwQBVO6GAwQFVO6AAwQAVO6lMAwDBABU
7qcDBARU7qAwDAMEAVTusgMEA1TusAMEAlTuwAMEAlTuzDAMAwQBVbsWAwQDVbsg
AwQBVbsuAwQGVbtAAwUAV3RCoAMEAFd0UgMDAFd+MAwDBARX81ADBAdX8wADBAVX
/qADBAVYVwADBAdamoAwDAMEBF7skAMEBl7sgAMEAV7szAMEAV7s5AMEAF7s5wME
AV7s6gMEAF7s7gMEBF7s8AMDAV8qAwQGX1fAAwQFbceAAwQBl+2MAwQCuRScAwQF
1AWAAwQF1CdAAwQF1DJAAwQB1EjGAwQB1EjKAwQA1EjUAwQA1EjWAwQA1EjdAwQF
1RAgAwQH1VuAAwQC1YJAAwQC1YJMAwQB1YJcAwQA1YJfAwQA2UuLMBQEAgACMA4D
BQAqAA5AAwUAKgEFqDANBgkqhkiG9w0BAQsFAAOCAQEAUZksvWFyIqI2fTdAnUoQ
hKe77+TiCsoxooQREMGOT/+2gj/miRqb28uP6FFnfSaIgbEJGte04ASJD5uijMet
VWmLipuYRdKbQnlWOAHeeW92vOvA6bsEDhUwEUadpPa9fjCp0EaK9H4JdWy5L3Bd
cyCIcFemhM/OKf2krtccEPXusTXtacw4TYB5luaUa3EDFA34NjZL3+uSE8C+PoLs
tIodLa0anSd8dUKqntlLf4a23eloH7N6a7BKRRbOCfnKuhTETBGSnl5Ac2jzJZDn
HeQuiZT57SiGxFV6WGyEO24JrrlVSDmuUQtzhy5pTkIuLBkOSSX7EzLkWdq3z4oZ
hw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:23 2025 by rpki-client