Route Origin Authorization
Location: rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/AKriC0LBbgkWjTMzYsRrTJLDVWw.roa (download)
Subject key identifier: 00:AA:E2:0B:42:C1:6E:09:16:8D:33:33:62:C4:6B:4C:92:C3:55:6C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
asID: AS20473
Prefixes:
1: 185.188.6.0/24 (max: 32)
2: 193.160.214.0/24 (max: 32)
3: 193.160.215.0/24 (max: 32)
4: 84.39.184.0/24 (max: 24)
5: 84.39.191.0/24 (max: 32)
6: 84.39.187.0/24 (max: 32)
7: 84.39.190.0/24 (max: 32)
8: 185.208.168.0/22 (max: 32)
9: 185.255.154.0/24 (max: 32)
10: 45.67.17.0/24 (max: 32)
11: 45.67.16.0/24 (max: 32)
12: 85.208.152.0/22 (max: 32)
13: 185.146.194.0/24 (max: 24)
14: 185.133.75.0/24 (max: 32)
15: 185.146.193.0/24 (max: 32)
16: 94.140.12.0/23 (max: 32)
17: 94.140.20.0/22 (max: 32)
18: 185.214.70.0/24 (max: 32)
19: 92.119.150.0/24 (max: 32)
20: 185.240.218.0/24 (max: 32)
21: 92.119.149.0/24 (max: 32)
22: 92.119.151.0/24 (max: 32)
23: 185.240.219.0/24 (max: 32)
24: 193.187.152.0/24 (max: 32)
25: 185.133.195.0/24 (max: 32)
26: 185.133.193.0/24 (max: 32)
27: 193.160.212.0/24 (max: 32)
28: 185.119.255.0/24 (max: 32)
29: 185.120.7.0/24 (max: 32)
30: 185.120.6.0/24 (max: 32)
31: 185.120.5.0/24 (max: 32)
32: 185.120.15.0/24 (max: 32)
33: 185.120.14.0/24 (max: 32)
34: 185.120.20.0/24 (max: 32)
35: 185.120.23.0/24 (max: 24)
36: 185.120.21.0/24 (max: 32)
37: 185.207.176.0/22 (max: 32)
38: 79.174.23.0/24 (max: 32)
39: 79.174.21.0/24 (max: 32)
40: 79.174.22.0/24 (max: 32)
41: 195.85.68.0/22 (max: 32)
42: 185.193.36.0/22 (max: 32)
43: 185.172.165.0/24 (max: 32)
44: 185.172.166.0/24 (max: 32)
45: 5.253.138.0/24 (max: 32)
46: 195.85.32.0/22 (max: 32)
47: 195.85.40.0/22 (max: 32)
48: 195.85.48.0/23 (max: 32)
49: 185.253.251.0/24 (max: 32)
50: 147.78.220.0/24 (max: 32)
51: 147.78.221.0/24 (max: 32)
52: 37.10.112.0/24 (max: 32)
53: 94.199.102.0/24 (max: 32)
54: 2.57.252.0/22 (max: 32)
55: 185.185.251.0/24 (max: 24)
56: 185.185.250.0/24 (max: 32)
57: 185.172.145.0/24 (max: 32)
58: 195.85.10.0/23 (max: 32)
59: 185.226.73.0/24 (max: 32)
60: 185.226.74.0/24 (max: 32)
61: 185.144.103.0/24 (max: 32)
62: 185.144.102.0/24 (max: 32)
63: 185.144.101.0/24 (max: 32)
64: 193.16.8.0/22 (max: 32)
65: 185.117.20.0/24 (max: 32)
66: 185.171.2.0/24 (max: 32)
67: 185.171.1.0/24 (max: 32)
68: 185.171.0.0/24 (max: 32)
69: 185.251.233.0/24 (max: 32)
70: 185.251.235.0/24 (max: 32)
71: 185.251.234.0/24 (max: 32)
72: 46.251.239.0/24 (max: 32)
73: 194.36.101.0/24 (max: 32)
74: 194.36.100.0/24 (max: 32)
75: 185.238.242.0/24 (max: 32)
76: 185.238.241.0/24 (max: 32)
77: 45.10.3.0/24 (max: 32)
78: 45.10.2.0/24 (max: 32)
79: 213.232.104.0/22 (max: 32)
80: 194.124.64.0/23 (max: 32)
81: 185.137.180.0/22 (max: 32)
82: 185.238.240.0/24 (max: 32)
83: 5.183.206.0/24 (max: 32)
84: 5.183.207.0/24 (max: 32)
85: 185.177.20.0/22 (max: 32)
86: 45.82.204.0/22 (max: 32)
87: 79.143.51.0/24 (max: 32)
88: 79.143.49.0/24 (max: 32)
89: 79.143.52.0/24 (max: 32)
90: 79.143.55.0/24 (max: 32)
91: 79.143.53.0/24 (max: 32)
92: 79.143.62.0/24 (max: 32)
93: 79.143.61.0/24 (max: 32)
94: 185.211.50.0/24 (max: 24)
95: 185.211.49.0/24 (max: 32)
96: 185.211.48.0/24 (max: 24)
97: 194.56.76.0/22 (max: 32)
98: 193.22.159.0/24 (max: 32)
99: 185.177.80.0/22 (max: 32)
100: 91.189.184.0/22 (max: 32)
101: 185.142.143.0/24 (max: 32)
102: 45.81.236.0/22 (max: 32)
103: 45.81.244.0/22 (max: 32)
104: 85.209.253.0/24 (max: 32)
105: 194.34.230.0/24 (max: 32)
106: 194.34.231.0/24 (max: 32)
107: 77.243.92.0/22 (max: 32)
108: 185.122.56.0/22 (max: 32)
109: 185.115.131.0/24 (max: 32)
110: 188.116.19.0/24 (max: 32)
111: 45.15.36.0/22 (max: 32)
112: 188.116.49.0/24 (max: 32)
113: 185.115.243.0/24 (max: 32)
114: 193.149.160.0/22 (max: 32)
115: 185.115.242.0/24 (max: 32)
116: 213.190.20.0/22 (max: 32)
117: 185.215.212.0/22 (max: 32)
118: 195.7.1.0/24 (max: 32)
119: 195.7.3.0/24 (max: 32)
120: 185.182.48.0/24 (max: 32)
121: 185.182.49.0/24 (max: 32)
122: 185.141.205.0/24 (max: 32)
123: 185.182.62.0/24 (max: 32)
124: 185.114.225.0/24 (max: 32)
125: 185.141.207.0/24 (max: 32)
126: 185.114.227.0/24 (max: 32)
127: 193.222.100.0/24 (max: 32)
128: 193.222.103.0/24 (max: 32)
129: 91.188.200.0/22 (max: 32)
130: 45.81.8.0/22 (max: 32)
131: 45.14.44.0/22 (max: 32)
132: 62.122.24.0/22 (max: 32)
133: 128.0.116.0/22 (max: 32)
134: 45.13.244.0/22 (max: 32)
135: 185.236.80.0/24 (max: 32)
136: 185.236.83.0/24 (max: 32)
137: 185.249.216.0/24 (max: 32)
138: 185.249.218.0/24 (max: 32)
139: 185.188.4.0/22 (max: 32)
140: 45.12.160.0/22 (max: 32)
141: 84.39.184.0/21 (max: 32)
142: 45.80.176.0/22 (max: 32)
143: 85.208.155.0/24 (max: 32)
144: 85.208.153.0/24 (max: 32)
145: 185.133.72.0/22 (max: 32)
146: 185.214.68.0/22 (max: 32)
147: 92.119.148.0/22 (max: 32)
148: 185.240.216.0/22 (max: 32)
149: 185.133.192.0/22 (max: 32)
150: 2.59.174.0/24 (max: 32)
151: 2.59.175.0/24 (max: 32)
152: 185.120.4.0/22 (max: 32)
153: 185.120.12.0/22 (max: 32)
154: 185.120.20.0/22 (max: 32)
155: 185.207.178.0/24 (max: 32)
156: 185.207.177.0/24 (max: 32)
157: 185.227.240.0/22 (max: 32)
158: 79.174.20.0/22 (max: 32)
159: 185.193.36.0/24 (max: 32)
160: 185.193.39.0/24 (max: 32)
161: 185.172.164.0/22 (max: 32)
162: 185.253.248.0/22 (max: 32)
163: 147.78.220.0/22 (max: 32)
164: 213.232.107.0/24 (max: 32)
165: 87.239.48.0/22 (max: 32)
166: 94.199.100.0/22 (max: 32)
167: 2.57.255.0/24 (max: 32)
168: 77.83.156.0/24 (max: 32)
169: 77.83.158.0/24 (max: 32)
170: 77.83.159.0/24 (max: 32)
171: 77.83.157.0/24 (max: 32)
172: 185.144.100.0/22 (max: 32)
173: 193.16.9.0/24 (max: 32)
174: 193.16.10.0/24 (max: 32)
175: 185.117.20.0/22 (max: 32)
176: 185.171.0.0/22 (max: 32)
177: 194.36.100.0/22 (max: 32)
178: 45.10.0.0/22 (max: 32)
179: 185.137.181.0/24 (max: 32)
180: 194.124.64.0/24 (max: 32)
181: 194.124.67.0/24 (max: 32)
182: 194.124.65.0/24 (max: 32)
183: 194.124.66.0/24 (max: 32)
184: 81.16.138.0/24 (max: 32)
185: 81.16.137.0/24 (max: 32)
186: 81.16.136.0/24 (max: 32)
187: 185.238.240.0/22 (max: 32)
188: 5.183.204.0/22 (max: 32)
189: 45.82.206.0/24 (max: 32)
190: 45.82.207.0/24 (max: 32)
191: 79.143.48.0/20 (max: 32)
192: 185.211.48.0/22 (max: 32)
193: 194.56.76.0/24 (max: 32)
194: 194.56.77.0/24 (max: 32)
195: 194.56.79.0/24 (max: 24)
196: 185.224.144.0/22 (max: 32)
197: 91.189.184.0/24 (max: 32)
198: 91.189.185.0/24 (max: 32)
199: 91.189.187.0/24 (max: 32)
200: 194.34.228.0/22 (max: 32)
201: 77.243.95.0/24 (max: 32)
202: 77.243.93.0/24 (max: 32)
203: 185.122.39.0/24 (max: 32)
204: 185.115.124.0/22 (max: 32)
205: 188.116.18.0/23 (max: 32)
206: 188.116.48.0/23 (max: 32)
207: 185.115.240.0/22 (max: 32)
208: 213.190.21.0/24 (max: 32)
209: 213.190.23.0/24 (max: 32)
210: 213.190.20.0/24 (max: 32)
211: 185.215.214.0/24 (max: 32)
212: 195.7.0.0/22 (max: 32)
213: 185.141.204.0/22 (max: 32)
214: 193.222.100.0/22 (max: 32)
215: 45.14.44.0/24 (max: 32)
216: 45.14.45.0/24 (max: 32)
217: 45.13.245.0/24 (max: 32)
218: 185.236.80.0/22 (max: 32)
219: 185.249.216.0/22 (max: 32)
220: 2a06:7a02::/48 (max: 48)
221: 2a0b:1900::/29 (max: 128)
222: 2a06:7a05::/48 (max: 48)
223: 2a0c:da01::/48 (max: 48)
224: 2a0e:c500::/29 (max: 128)
225: 2a06:8dc0::/42 (max: 48)
--
$ test-roa -p rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/AKriC0LBbgkWjTMzYsRrTJLDVWw.roa | openssl x509 -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325719150 (0x136a146e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 27 03:06:12 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=00aae20b42c16e09168d333362c46b4c92c3556c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a1:cf:4d:36:7a:e9:e6:15:12:34:9c:1d:c9:
14:55:52:87:86:e7:36:40:5a:fc:7b:51:24:3a:fb:
7d:e1:02:fe:59:18:80:7b:8e:04:af:03:b8:eb:d2:
f2:8c:f4:fc:6b:f7:42:b0:de:92:6e:56:ec:0e:8f:
3b:2f:aa:cd:21:0d:34:7a:42:8f:58:ac:91:96:1e:
38:d0:3c:13:39:65:16:a4:33:76:7a:aa:1f:ae:78:
a2:b5:67:37:39:6e:4f:57:e9:5d:0d:80:cb:7a:a6:
b0:0b:1f:be:e0:9e:68:b9:2c:37:b0:42:5a:7a:34:
08:a3:17:e5:10:ab:a0:f6:2c:07:00:12:b8:0c:e5:
54:de:1c:00:11:0f:fb:df:98:eb:16:d7:c9:23:99:
59:fe:e5:f5:fa:d5:12:b5:a0:22:f6:46:7a:ce:0c:
02:38:b9:87:15:20:7b:81:7e:e8:64:4d:e7:4d:f9:
fe:c0:6f:d7:88:a3:ea:ec:69:40:7f:04:b4:1e:aa:
38:28:cf:29:cb:64:22:26:63:e7:e8:2e:78:a3:fd:
00:81:d8:d7:3d:58:56:68:22:ae:42:32:7b:9e:5b:
19:95:bc:e5:02:90:55:c4:9f:08:d2:b2:e6:cc:97:
89:c1:c4:13:7e:64:44:49:ed:d5:59:a4:50:b5:8b:
92:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AA:E2:0B:42:C1:6E:09:16:8D:33:33:62:C4:6B:4C:92:C3:55:6C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/AKriC0LBbgkWjTMzYsRrTJLDVWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
0...0.......0..x....9.....;................%
p...-
....-.....-
....-.,...-.$...-C....-P....-Q....-Q....-Q....-R..........>z....MS....M.\...O.0...O..0....Q.....Q.....T'....U.....U.....W.0...[.....[.....\w....^.....^.....^.d.....t....N.....r.....r.....s|....s.....s.....u.....w.....x.....x.....x.....z'....z8.....H.............................d0..........................................P.....0.....>.................$.................0.....D............0......I.....J...........P..................0.............................t.....t0.........................................d....".....$d....8L....|@..........U
....U ....U(....U0....UD...........h08....02...*.z......*.z......*........*......*........*...
Signature Algorithm: sha256WithRSAEncryption
3c:90:b5:ac:0f:65:33:f7:0f:8c:51:c1:4f:dc:bf:6c:08:8b:
a1:97:c9:fa:f2:9c:98:b8:c0:f5:fe:57:1c:17:6c:b5:d0:00:
4c:97:f8:1e:19:3b:88:7b:6d:b4:0c:f9:d9:35:01:fe:1d:96:
f5:98:ed:f8:3d:fd:7f:11:f9:67:e3:63:2f:ab:e8:42:42:6f:
a4:fc:1b:c7:88:13:ec:03:7b:a3:10:35:5a:b6:10:76:1f:9c:
c0:53:10:6e:80:2d:66:93:55:29:e8:69:62:53:69:71:85:68:
f6:b0:c8:3c:91:3b:88:4d:16:fc:26:b2:b4:24:90:3c:95:2f:
f8:28:37:89:16:3c:75:9d:92:11:16:6d:b6:22:05:f9:1c:3e:
7f:ab:aa:e1:30:bf:cb:34:7b:6e:20:91:90:5a:e5:90:ab:29:
6b:50:33:9f:7d:11:75:f2:52:01:c8:a1:67:a4:57:10:e9:a8:
00:91:27:73:84:97:b6:b4:51:82:06:6a:bd:e3:b0:23:eb:13:
f7:11:fc:20:81:a0:6f:1b:11:c2:0d:2c:4f:5b:94:57:6e:9a:
f3:b1:ba:b3:46:22:8f:65:01:c8:3d:e7:5a:f7:7d:fb:e9:48:
b1:cb:40:5c:f1:0f:51:22:ea:63:ce:6f:bb:8f:8e:54:a4:43:
86:6f:0a:8d
-----BEGIN CERTIFICATE-----
MIIHpTCCBo2gAwIBAgIEE2oUbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIxMDUy
NzAzMDYxMloXDTIyMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBhYWUyMGI0MmMx
NmUwOTE2OGQzMzMzNjJjNDZiNGM5MmMzNTU2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKhz002eunmFRI0nB3JFFVSh4bnNkBa/HtRJDr7feEC/lkY
gHuOBK8DuOvS8oz0/Gv3QrDekm5W7A6POy+qzSENNHpCj1iskZYeONA8EzllFqQz
dnqqH654orVnNzluT1fpXQ2Ay3qmsAsfvuCeaLksN7BCWno0CKMX5RCroPYsBwAS
uAzlVN4cABEP+9+Y6xbXySOZWf7l9frVErWgIvZGes4MAji5hxUge4F+6GRN5035
/sBv14ij6uxpQH8EtB6qOCjPKctkIiZj5+gueKP9AIHY1z1YVmgirkIye55bGZW8
5QKQVcSfCNKy5syXicHEE35kREnt1VmkULWLkg8CAwEAAaOCBL8wggS7MB0GA1Ud
DgQWBBQAquILQsFuCRaNMzNixGtMksNVbDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0FLcmlDMExCYmdrV2pUTXpZc1JyVEpMRFZXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AtMGCCsGAQUFBwEHAQH/BIICwjCCAr4wggKABAIAATCCAngDBAICOfwDBAECO64D
BAIFt8wDBAAF/YoDBAAlCnADBAItCgADBAItDKADBAItDfQDBAItDiwDBAItDyQD
BAEtQxADBAItULADBAItUQgDBAItUewDBAItUfQDBAItUswDBAAu++8DBAI+ehgD
BAJNU5wDBAJN81wDBARPjzADBAJPrhQwDAMEA1EQiAMEAFEQigMEA1QnuAMEAlXQ
mAMEAFXR/QMEAlfvMAMEAlu8yAMEAlu9uAMEAlx3lAMEAV6MDAMEAl6MFAMEAl7H
ZAMEAoAAdAMEApNO3AMEALly4QMEALly4wMEArlzfAMEALlzgwMEArlz8AMEArl1
FAMEALl3/wMEArl4BAMEArl4DAMEArl4FAMEALl6JwMEArl6OAMEArmFSAMEArmF
wAMEArmJtAMEArmNzAMEALmOjwMEArmQZDAMAwQAuZLBAwQAuZLCAwQCuasAAwQA
uayRAwQCuaykAwQCubEUAwQCubFQAwQBubYwAwQAubY+AwQBubn6AwQCubwEAwQC
ucEkAwQCuc+wAwQCudCoAwQCudMwAwQCudZEAwQCudfUAwQCueCQMAwDBAC54kkD
BAC54koDBAK54/ADBAK57FADBAK57vADBAK58NgDBAK5+dgwDAMEALn76QMEArn7
6AMEArn9+AMEALn/mgMEAbx0EgMEAbx0MAMEAsEQCAMEAMEWnwMEAsGVoAMEAMGg
1AMEAcGg1gMEAMG7mAMEAsHeZAMEAsIi5AMEAsIkZAMEAsI4TAMEAsJ8QAMEAsMH
AAMEAcNVCgMEAsNVIAMEAsNVKAMEAcNVMAMEAsNVRAMEAtW+FAMEAtXoaDA4BAIA
AjAyAwcAKgZ6AgAAAwcAKgZ6BQAAAwcGKgaNwAAAAwUDKgsZAAMHACoM2gEAAAMF
AyoOxQAwDQYJKoZIhvcNAQELBQADggEBADyQtawPZTP3D4xRwU/cv2wIi6GXyfry
nJi4wPX+VxwXbLXQAEyX+B4ZO4h7bbQM+dk1Af4dlvWY7fg9/X8R+WfjYy+r6EJC
b6T8G8eIE+wDe6MQNVq2EHYfnMBTEG6ALWaTVSnoaWJTaXGFaPawyDyRO4hNFvwm
srQkkDyVL/goN4kWPHWdkhEWbbYiBfkcPn+rquEwv8s0e24gkZBa5ZCrKWtQM599
EXXyUgHIoWekVxDpqACRJ3OEl7a0UYIGar3jsCPrE/cR/CCBoG8bEcINLE9blFdu
mvOxurNGIo9lAcg951r3ffvpSLHLQFzxD1Ei6mPOb7uPjlSkQ4ZvCo0=
-----END CERTIFICATE-----
Generated at Fri May 28 15:45:49 2021 by LibreSSL & rpki-client.