Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BEVbMNzdJY3IdKgnwvY38Y49yOc.roa
File: BEVbMNzdJY3IdKgnwvY38Y49yOc.roa (raw, json)
Hash identifier: RCn6WtHi8vE/3DeNpfM7/bSpM6uAciubrLdy/EQ6kCw=
Subject key identifier: 04:45:5B:30:DC:DD:25:8D:C8:74:A8:27:C2:F6:37:F1:8E:3D:C8:E7
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0184E159CB0F5D639FE9F317635BB81E2C91
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BEVbMNzdJY3IdKgnwvY38Y49yOc.roa
Signing time: Mon 05 Dec 2022 08:14:28 +0000
ROA not before: Mon 05 Dec 2022 08:14:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.185.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
185.238.152.0/22 maxlen: 22
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
31.184.200.0/22 maxlen: 22
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/22 maxlen: 22
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.36.0/22 maxlen: 22
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.44.0/22 maxlen: 22
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.56.0/22 maxlen: 22
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:59:cb:0f:5d:63:9f:e9:f3:17:63:5b:b8:1e:2c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 5 08:14:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04455b30dcdd258dc874a827c2f637f18e3dc8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:86:89:3a:aa:dd:20:95:41:b2:95:b3:0f:5e:
dd:39:80:43:36:9b:16:80:6e:df:be:48:3e:1c:ca:
5e:15:2f:f0:9a:65:a9:72:4c:8b:91:91:25:33:58:
58:06:8a:76:40:54:b0:0b:2a:4f:5a:1f:ef:e2:a4:
df:95:55:3c:46:f3:1f:a4:25:37:1e:3a:89:ef:cb:
c3:d0:62:4c:d5:8a:f2:88:4a:e2:ab:84:d2:fe:f6:
99:3b:c4:37:e9:cc:71:34:d4:f9:46:1d:aa:d0:56:
d3:bc:22:60:50:23:be:0c:1a:23:96:50:c5:bf:27:
cf:24:4c:5a:23:ba:94:79:3b:69:a0:13:8b:38:c7:
3f:86:f2:5f:c3:c5:e0:9d:58:21:c1:ec:e5:92:09:
b1:b4:62:b8:40:f3:60:18:9c:df:ce:70:8e:1f:1a:
9d:6b:b7:fc:33:83:29:8c:3e:37:27:c0:45:f3:a5:
42:ae:de:17:bb:a9:7d:ef:58:bd:e4:34:77:22:4a:
96:3b:52:55:64:13:01:89:5d:8d:ba:aa:21:73:1a:
24:38:76:be:97:9e:ff:1b:7c:73:c9:aa:9b:31:96:
0f:5a:a7:08:6a:4d:a9:ab:41:20:5e:93:da:26:e2:
5b:3d:af:95:f7:76:44:a2:fc:bf:8f:e7:f3:ad:ee:
ee:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:45:5B:30:DC:DD:25:8D:C8:74:A8:27:C2:F6:37:F1:8E:3D:C8:E7
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BEVbMNzdJY3IdKgnwvY38Y49yOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.48.0-5.8.57.255
5.8.59.0-5.8.61.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/21
5.101.64.0/22
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/23
31.44.188.0/22
31.184.192.0-31.184.203.255
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.26.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.44.0-91.243.63.255
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
185.238.152.0/22
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
51:c0:a7:ae:aa:6e:de:15:0a:5f:3a:70:80:7b:6b:79:31:48:
87:4b:a6:5d:bc:7b:82:f5:fa:fd:36:c7:b8:ba:8c:2f:90:42:
07:c2:87:3a:fc:02:de:7b:f7:80:68:8b:b5:e3:0f:d7:33:bc:
57:0a:e3:8c:d5:9f:7f:0a:e4:2d:b7:80:97:cd:e8:b9:d3:90:
7b:53:83:b0:a4:69:8f:9f:01:5f:98:ea:24:6a:dc:a3:c2:3c:
04:42:5b:6b:3f:5a:b0:74:1d:52:b2:97:a1:b3:f2:1d:bd:20:
1e:c4:88:8d:f0:1b:b6:b4:18:dd:c7:49:4d:e3:f5:ff:e8:d4:
9e:d6:42:ce:04:28:fa:2c:3d:72:36:6a:84:37:a0:5b:80:db:
8c:00:07:b0:ba:49:25:34:0c:8b:04:b7:1a:64:14:c0:1f:0c:
d0:44:97:98:1e:8e:e5:95:02:9d:02:53:c3:fd:36:b0:68:2a:
a2:23:9b:2f:cf:c7:86:68:c8:27:fb:4a:26:c4:a7:78:a6:76:
74:37:93:a5:28:d8:80:46:23:4f:c2:77:f8:a1:6b:aa:60:c2:
e8:d9:a2:3c:a6:2e:c8:70:1e:b1:ae:dc:ec:7f:f4:e3:de:87:
99:be:b8:3a:10:52:ac:d0:0d:3c:c5:18:60:e3:58:8b:da:5a:
e2:75:48:b4
-----BEGIN CERTIFICATE-----
MIIGwDCCBaigAwIBAgISAYThWcsPXWOf6fMXY1u4HiyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjA1MDgxNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ1NWIzMGRjZGQyNThkYzg3NGE4MjdjMmY2MzdmMThlM2RjOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4aJOqrdIJVBspWzD17dOYBDNpsW
gG7fvkg+HMpeFS/wmmWpckyLkZElM1hYBop2QFSwCypPWh/v4qTflVU8RvMfpCU3
HjqJ78vD0GJM1YryiEriq4TS/vaZO8Q36cxxNNT5Rh2q0FbTvCJgUCO+DBojllDF
vyfPJExaI7qUeTtpoBOLOMc/hvJfw8XgnVghwezlkgmxtGK4QPNgGJzfznCOHxqd
a7f8M4MpjD43J8BF86VCrt4Xu6l971i95DR3IkqWO1JVZBMBiV2NuqohcxokOHa+
l57/G3xzyaqbMZYPWqcIak2pq0EgXpPaJuJbPa+V93ZEovy/j+fzre7uaQIDAQAB
o4IDzDCCA8gwHQYDVR0OBBYEFARFWzDc3SWNyHSoJ8L2N/GOPcjnMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvQkVWYk1OemRKWTNJZEtnbnd2WTM4WTQ5eU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB4AYIKwYBBQUHAQcBAf8EggHPMIIByzCCAbQEAgABMIIB
rAMEAwUICDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEEDBAMFZQAD
BAMFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQCBbwsAwQB
BbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQABbzPAwQC
BbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAEfLLgDBAIfLLwwDAMEBh+4
wAMEAh+4yAMEAR+45DAMAwQAH7jnAwQCH7joAwQBH7juAwQAH7jzAwQAJQkwAwQA
JQkyAwQCJQk0AwQAJYsxAwQAJYszMAwDBAAlizUDBAIlizgDBAEuoQIDBAAuoQgD
BAEuoQoDBAEuoQ4wDAMEAi6hFAMEAC6hGjAMAwQCLqEcAwQALqEeAwQCLqEgAwQA
LqEqMAwDBAIuoSwDBAIuoTADBAJb8yAwDAMEAlvzLAMEBlvzAAMEAVvzWgMEAFvz
XQMEAl/XADAMAwQAkrnfAwQDkrngAwQBkrn0AwQCue6YAwQCvI/oAwQBwwLwMBEE
AgACMAsDCQYqAB14AQABwDANBgkqhkiG9w0BAQsFAAOCAQEAUcCnrqpu3hUKXzpw
gHtreTFIh0umXbx7gvX6/TbHuLqML5BCB8KHOvwC3nv3gGiLteMP1zO8VwrjjNWf
fwrkLbeAl83oudOQe1ODsKRpj58BX5jqJGrco8I8BEJbaz9asHQdUrKXobPyHb0g
HsSIjfAbtrQY3cdJTeP1/+jUntZCzgQo+iw9cjZqhDegW4DbjAAHsLpJJTQMiwS3
GmQUwB8M0ESXmB6O5ZUCnQJTw/02sGgqoiObL8/HhmjIJ/tKJsSneKZ2dDeTpSjY
gEYjT8J3+KFrqmDC6NmiPKYuyHAesa7c7H/0496Hmb64OhBSrNANPMUYYONYi9pa
4nVItA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org