Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa
File: N9j_U0oIURmGXBs1sKahNrNV_A4.roa (raw, json)
Hash identifier: RiSurH4oQsjR40sO+tHaFQ8yvv1QqjSBBErQNBan7DA=
Subject key identifier: 37:D8:FF:53:4A:08:51:19:86:5C:1B:35:B0:A6:A1:36:B3:55:FC:0E
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01859F13963C374A5526B4F3167AE6A2F0B7
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa
Signing time: Wed 11 Jan 2023 04:25:39 +0000
ROA not before: Wed 11 Jan 2023 04:25:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.12.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.41.0/24 maxlen: 24
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.1.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
185.238.152.0/22 maxlen: 22
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/22 maxlen: 22
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.164.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.44.0/22 maxlen: 22
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.56.0/22 maxlen: 22
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:13:96:3c:37:4a:55:26:b4:f3:16:7a:e6:a2:f0:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 11 04:25:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37d8ff534a085119865c1b35b0a6a136b355fc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:4b:15:cd:71:47:2f:79:81:65:d7:2a:25:
10:15:b6:05:1a:bc:b9:a6:b4:a8:c3:e6:f5:be:b1:
d4:42:66:b8:4e:26:e6:65:7f:aa:9c:7e:c1:80:90:
82:21:14:fb:92:2f:31:56:4b:da:b7:94:2a:fc:8d:
75:73:32:5a:bb:55:d3:2f:2b:08:3b:7f:22:d4:57:
52:bc:2e:03:be:81:9a:6c:ad:df:86:49:a7:5b:f5:
05:ac:8d:53:de:33:ee:39:f9:0f:22:3d:d8:21:5e:
8a:f7:8b:f2:71:e6:18:6f:49:30:7f:58:ae:a8:6b:
4f:ee:d9:33:7a:1e:96:19:cd:f6:e8:58:7d:f6:27:
6a:c1:3d:59:f3:c3:b3:74:72:40:0f:66:3a:d8:dd:
e2:63:88:07:04:d7:4c:c7:a9:e6:d8:2f:9c:1a:28:
e4:85:d3:be:d2:ed:32:da:71:2e:a0:ca:b7:7b:16:
2f:d2:95:24:f4:f6:5a:03:fc:a1:e4:0c:8e:8e:71:
dc:bb:c6:8c:2a:c8:27:03:5a:ba:bb:14:f6:4a:6f:
4a:df:1e:0f:1a:3d:38:cd:4f:7e:7a:47:46:03:71:
a7:fb:ad:a3:b6:06:5f:56:98:13:b0:9d:a6:2f:7d:
43:1e:ad:d2:4f:26:9c:e5:8e:b9:0e:5b:88:74:d8:
d4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D8:FF:53:4A:08:51:19:86:5C:1B:35:B0:A6:A1:36:B3:55:FC:0E
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.48.0-5.8.57.255
5.8.59.0-5.8.61.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/22
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.164.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/24
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.1.0-46.161.3.255
46.161.8.0/24
46.161.10.0-46.161.15.255
46.161.20.0-46.161.26.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.41.0-46.161.42.255
46.161.48.0/22
91.243.32.0/22
91.243.44.0-91.243.63.255
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
185.238.152.0/22
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
1a:93:d9:d0:0e:85:37:5a:f2:aa:ba:8f:07:54:e7:86:2d:df:
bd:84:ad:e7:dc:8f:8c:4c:22:57:05:21:4f:1c:ac:4f:72:ba:
d5:a9:70:d0:54:f6:cc:83:a8:65:1c:1e:c3:ee:db:b4:d0:78:
da:d2:a2:e8:4d:6e:c4:44:9d:2a:91:30:71:13:95:76:77:48:
45:01:dc:aa:bc:7a:82:df:38:86:dc:46:75:19:6c:17:d1:36:
81:25:6b:d7:32:83:a2:f5:f8:35:4a:d3:bd:e7:37:76:45:65:
e9:d7:d0:42:c5:72:3e:7c:c9:48:b2:de:f1:59:32:be:0d:7a:
4e:4f:d7:a9:e8:5a:be:50:dc:f1:5a:0a:6b:13:60:18:98:ad:
1d:7a:31:45:d7:e2:56:53:95:43:f7:26:d5:10:34:fc:03:d4:
c1:42:cd:09:f9:7e:f1:5d:79:5d:29:78:c9:3b:f6:3a:6d:24:
a7:1b:ea:2a:ea:9c:07:02:0e:ec:af:8b:a8:93:d2:00:9e:89:
04:85:aa:47:31:42:f0:85:16:85:c5:d6:63:b6:b4:30:0c:6c:
49:0e:d4:48:e4:3a:6b:83:20:ec:87:a3:16:b5:74:cf:b0:59:
99:4a:7f:1f:a5:89:95:42:70:a3:11:1e:e0:5a:b4:98:de:bc:
ff:d1:d2:c2
-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgISAYWfE5Y8N0pVJrTzFnrmovC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTExMDQyNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q4ZmY1MzRhMDg1MTE5ODY1YzFiMzViMGE2YTEzNmIzNTVmYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6VLFc1xRy95gWXXKiUQFbYFGry5
prSow+b1vrHUQma4TibmZX+qnH7BgJCCIRT7ki8xVkvat5Qq/I11czJau1XTLysI
O38i1FdSvC4DvoGabK3fhkmnW/UFrI1T3jPuOfkPIj3YIV6K94vyceYYb0kwf1iu
qGtP7tkzeh6WGc326Fh99idqwT1Z88OzdHJAD2Y62N3iY4gHBNdMx6nm2C+cGijk
hdO+0u0y2nEuoMq3exYv0pUk9PZaA/yh5AyOjnHcu8aMKsgnA1q6uxT2Sm9K3x4P
Gj04zU9+ekdGA3Gn+62jtgZfVpgTsJ2mL31DHq3STyac5Y65DluIdNjUuwIDAQAB
o4IDwjCCA74wHQYDVR0OBBYEFDfY/1NKCFEZhlwbNbCmoTazVfwOMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvTjlqX1Uwb0lVUm1HWEJzMXNLYWhOck5WX0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1gYIKwYBBQUHAQcBAf8EggHFMIIBwTCCAaoEAgABMIIB
ogMEAwUICDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEEDBAMFZQAD
BAIFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQCBbwsAwQB
BbwwMAwDBAIFvDwDBAAFvD4wDAMEAgW8pAMEAAW8pgMEAQW8zDAMAwQABbzPAwQC
BbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAAfLLgDBAIfLLwDBAMfuMAD
BAEfuOQwDAMEAB+45wMEAh+46AMEAR+47gMEAB+48wMEACUJMAMEACWLMQMEACWL
MzAMAwQAJYs1AwQCJYs4MAwDBAAuoQEDBAIuoQADBAAuoQgwDAMEAS6hCgMEBC6h
ADAMAwQCLqEUAwQALqEaMAwDBAIuoRwDBAAuoR4DBAIuoSAwDAMEAC6hKQMEAC6h
KgMEAi6hMAMEAlvzIDAMAwQCW/MsAwQGW/MAAwQBW/NaAwQAW/NdAwQCX9cAMAwD
BACSud8DBAOSueADBAGSufQDBAK57pgDBAK8j+gDBAHDAvAwEQQCAAIwCwMJBioA
HXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQAak9nQDoU3WvKquo8HVOeGLd+9hK3n
3I+MTCJXBSFPHKxPcrrVqXDQVPbMg6hlHB7D7tu00Hja0qLoTW7ERJ0qkTBxE5V2
d0hFAdyqvHqC3ziG3EZ1GWwX0TaBJWvXMoOi9fg1StO95zd2RWXp19BCxXI+fMlI
st7xWTK+DXpOT9ep6Fq+UNzxWgprE2AYmK0dejFF1+JWU5VD9ybVEDT8A9TBQs0J
+X7xXXldKXjJO/Y6bSSnG+oq6pwHAg7sr4uok9IAnokEhapHMULwhRaFxdZjtrQw
DGxJDtRI5DprgyDsh6MWtXTPsFmZSn8fpYmVQnCjER7gWrSY3rz/0dLC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org