Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Ydmj6iiK6hKrvVhM4Fnl-repnd8.roa
File: Ydmj6iiK6hKrvVhM4Fnl-repnd8.roa (raw, json)
Hash identifier: NYlu1H0DRkpcvkcji1Xvkp4AI2CU/tssyYVVcvaaDb4=
Subject key identifier: 61:D9:A3:EA:28:8A:EA:12:AB:BD:58:4C:E0:59:E5:FA:B7:A9:9D:DF
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4A1AC195
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Ydmj6iiK6hKrvVhM4Fnl-repnd8.roa
Signing time: Wed 15 Jun 2022 06:06:44 +0000
ROA not before: Wed 15 Jun 2022 06:06:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
95.215.0.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/23 maxlen: 23
46.161.48.0/22 maxlen: 22
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.196.0/22 maxlen: 22
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.36.0/22 maxlen: 22
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.62.0/24 maxlen: 24
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.68.0/22 maxlen: 22
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.48.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1243267477 (0x4a1ac195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jun 15 06:06:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61d9a3ea288aea12abbd584ce059e5fab7a99ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cc:6b:a6:ed:a9:07:ba:98:78:cf:1f:4e:49:
5a:73:c6:b7:f0:b6:12:d7:7d:eb:c9:7b:88:27:7e:
db:c7:fb:b2:d2:c1:f8:c0:61:9f:50:0f:a4:86:86:
79:1b:e4:2e:e6:35:e1:86:48:9d:6f:47:98:e1:e2:
8f:67:04:0c:24:b2:c7:78:46:3a:58:27:af:5a:f6:
58:56:32:13:03:74:91:cd:b6:6d:3f:d3:72:43:61:
e1:23:da:d3:35:05:25:12:c0:f4:f5:99:a3:79:f8:
48:84:2b:52:41:77:5b:ef:fe:9a:76:b1:41:bb:95:
66:07:40:62:3e:c8:12:2f:01:7f:53:67:2f:25:52:
54:f1:e7:76:81:23:5c:83:86:ea:02:73:d0:94:0d:
51:7a:6e:9a:e6:18:36:1c:32:cf:7e:0b:ac:74:cd:
f7:a8:e0:49:5b:21:31:74:30:04:7f:47:4e:9f:11:
13:f0:84:b8:39:0c:ea:0c:99:15:7d:b1:42:c5:e8:
26:cd:16:86:21:1c:1c:0c:cf:86:03:53:d7:f2:42:
48:d4:1d:f1:5d:ca:03:9f:35:a4:6d:9f:bd:15:6d:
6b:b7:bb:a8:f4:ea:6e:67:91:f1:97:9e:c2:a6:33:
85:37:b2:17:98:fd:34:68:fb:02:3e:29:59:4b:31:
b6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D9:A3:EA:28:8A:EA:12:AB:BD:58:4C:E0:59:E5:FA:B7:A9:9D:DF
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Ydmj6iiK6hKrvVhM4Fnl-repnd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.62.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/21
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/24
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.36.0/22
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.25.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.48.0/21
91.243.60.0/22
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.196.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
c5:42:16:98:76:d0:ee:46:4c:b9:28:ff:5b:8b:98:65:cb:9d:
a6:0f:cc:c1:28:bf:51:a5:f0:ea:74:e7:16:90:76:d1:f7:8b:
eb:ea:dd:8a:0d:79:70:26:35:86:56:b5:c0:05:97:be:92:50:
cf:b4:0c:45:0e:f5:81:6b:3b:10:cf:8a:5d:78:05:3d:24:92:
43:c5:d9:f2:0c:58:b3:4d:8e:a3:9a:6c:e8:15:fc:69:14:7a:
db:b1:32:e1:57:36:a7:3a:7b:53:11:37:cf:7e:23:aa:40:57:
a7:14:a2:67:b6:8b:e9:8d:9b:71:20:0c:d2:d6:d3:60:ea:a9:
d7:29:3c:e9:14:eb:05:c5:d0:bd:a9:3b:b6:c8:b4:1a:c6:53:
cd:cf:9a:43:f2:f4:ab:f1:18:50:82:a7:95:14:aa:6f:b1:56:
ee:45:58:de:09:92:de:f5:f8:16:af:76:f7:9c:27:e8:2c:16:
0f:8a:00:fb:93:4d:67:7e:c9:de:23:8b:c9:64:01:96:db:f4:
33:3f:e5:eb:7a:42:50:93:38:7d:dd:96:de:a5:13:c3:d9:ed:
f0:5b:43:a5:ee:a0:37:14:6a:05:56:07:4e:38:4d:68:5f:45:
71:e4:03:05:a0:a7:5e:e5:b3:3c:33:31:ec:8d:5d:c7:97:bd:
04:de:8e:9f
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIEShrBlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDYx
NTA2MDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjFkOWEzZWEyODhh
ZWExMmFiYmQ1ODRjZTA1OWU1ZmFiN2E5OWRkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3Ma6btqQe6mHjPH05JWnPGt/C2Etd968l7iCd+28f7stLB
+MBhn1APpIaGeRvkLuY14YZInW9HmOHij2cEDCSyx3hGOlgnr1r2WFYyEwN0kc22
bT/TckNh4SPa0zUFJRLA9PWZo3n4SIQrUkF3W+/+mnaxQbuVZgdAYj7IEi8Bf1Nn
LyVSVPHndoEjXIOG6gJz0JQNUXpumuYYNhwyz34LrHTN96jgSVshMXQwBH9HTp8R
E/CEuDkM6gyZFX2xQsXoJs0WhiEcHAzPhgNT1/JCSNQd8V3KA581pG2fvRVta7e7
qPTqbmeR8ZeewqYzhTeyF5j9NGj7Aj4pWUsxttsCAwEAAaOCA8gwggPEMB0GA1Ud
DgQWBBRh2aPqKIrqEqu9WEzgWeX6t6md3zAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L1lkbWo2aWlLNmhLcnZWaE00Rm5sLXJlcG5kOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AdwGCCsGAQUFBwEHAQH/BIIByzCCAccwggGwBAIAATCCAagDBAMFCAgDBAIFCBQw
DAMEBAUIMAMEAQUIODAMAwQABQg7AwQABQg+AwQABQhBAwQDBWUAAwQCBWUgAwQD
BWVAAwQDBWVQAwQBBWVaMAwDBAAFvAkDBAIFvAgwDAMEAgW8LAMEAQW8MDAMAwQC
Bbw8AwQABbw+MAwDBAAFvKUDBAAFvKYDBAEFvMwwDAMEAAW8zwMEAgW80AMEAgW8
3DAMAwQABbzpAwQCBbzoAwQCBb34AwQAHyy4AwQCHyy8AwQDH7jAAwQBH7jkMAwD
BAAfuOcDBAIfuOgDBAEfuO4DBAAfuPMDBAIlCSQDBAAlCTADBAAlCTIDBAIlCTQD
BAAlizEDBAAlizMwDAMEACWLNQMEAiWLOAMEAS6hAgMEAC6hCAMEAS6hCgMEAS6h
DjAMAwQCLqEUAwQBLqEYMAwDBAIuoRwDBAAuoR4DBAIuoSADBAAuoSowDAMEAi6h
LAMEAi6hMAMEA1vzMAMEAlvzPAMEAVvzWgMEAFvzXQMEAl/XAAMEApK5xDAMAwQA
krnfAwQDkrngAwQBkrn0AwQCvI/oAwQBwwLwMBEEAgACMAsDCQYqAB14AQABwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxUIWmHbQ7kZMuSj/W4uYZcudpg/MwSi/UaXw6nTn
FpB20feL6+rdig15cCY1hla1wAWXvpJQz7QMRQ71gWs7EM+KXXgFPSSSQ8XZ8gxY
s02Oo5ps6BX8aRR627Ey4Vc2pzp7UxE3z34jqkBXpxSiZ7aL6Y2bcSAM0tbTYOqp
1yk86RTrBcXQvak7tsi0GsZTzc+aQ/L0q/EYUIKnlRSqb7FW7kVY3gmS3vX4Fq92
95wn6CwWD4oA+5NNZ37J3iOLyWQBltv0Mz/l63pCUJM4fd2W3qUTw9nt8FtDpe6g
NxRqBVYHTjhNaF9FceQDBaCnXuWzPDMx7I1dx5e9BN6Onw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org