Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Yfrl5MEby4HLjudV3qrXYZHlgpU.roa
File: Yfrl5MEby4HLjudV3qrXYZHlgpU.roa (raw, json)
Hash identifier: 94A/MnH9SVAxKoy2sMbMWtQVu19ORDJUYROBVymtr2E=
Subject key identifier: 61:FA:E5:E4:C1:1B:CB:81:CB:8E:E7:55:DE:AA:D7:61:91:E5:82:95
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01823A89757C330C346061AE736B811B403A
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Yfrl5MEby4HLjudV3qrXYZHlgpU.roa
Signing time: Tue 26 Jul 2022 12:44:23 +0000
ROA not before: Tue 26 Jul 2022 12:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.185.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.196.0/22 maxlen: 22
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.36.0/22 maxlen: 22
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.62.0/24 maxlen: 24
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/22 maxlen: 22
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.68.0/22 maxlen: 22
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.44.0/22 maxlen: 22
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:89:75:7c:33:0c:34:60:61:ae:73:6b:81:1b:40:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jul 26 12:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61fae5e4c11bcb81cb8ee755deaad76191e58295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:7b:41:36:ed:ae:55:e7:7c:81:83:8d:a1:
31:b6:78:10:02:c8:d6:61:3e:28:39:91:50:e3:c4:
1e:0c:77:98:ec:bc:b2:81:c1:7e:ac:dc:de:41:17:
af:f9:55:ec:e3:08:42:d9:6e:5f:c1:d3:c4:45:7c:
0f:2f:38:fc:80:6c:e4:48:44:23:18:d5:aa:17:e4:
4b:76:66:6f:8b:a8:fc:f6:f9:e1:df:41:78:af:d0:
c4:34:a1:f0:a6:81:ec:ec:df:5d:f2:79:c8:19:f5:
87:a2:0e:8c:22:02:cf:37:32:ca:93:4f:1d:14:5d:
83:9e:46:de:9f:77:9b:80:d8:f3:14:58:40:97:ed:
b6:71:93:25:4a:24:64:24:05:6e:58:37:2c:7f:cc:
3b:fc:25:1b:99:9d:4a:93:18:02:9f:35:ab:60:cf:
7a:51:c8:96:32:46:cf:2f:57:ff:4b:d4:c7:c8:7c:
97:08:26:36:4c:10:f9:58:35:c2:ed:61:f8:8a:28:
ad:fa:f3:f5:d5:ee:76:c5:44:75:c6:ce:b6:70:9e:
2d:4f:f8:6e:f2:8f:39:d2:90:74:b0:e5:c9:ca:21:
df:06:c6:49:6f:37:2c:b8:10:af:6d:f5:db:40:d8:
24:4e:7c:f4:00:da:18:e2:67:01:e1:03:94:10:1b:
59:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FA:E5:E4:C1:1B:CB:81:CB:8E:E7:55:DE:AA:D7:61:91:E5:82:95
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Yfrl5MEby4HLjudV3qrXYZHlgpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.62.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/21
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/23
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.36.0/22
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.26.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.44.0-91.243.55.255
91.243.60.0/22
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.196.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
59:40:90:b9:22:b8:5d:ce:fe:ff:e1:25:0f:c9:bb:97:66:59:
b5:a0:0e:12:6f:4e:5f:af:1a:7b:ae:0b:03:e5:75:fc:13:26:
01:a2:26:9a:ad:dd:27:38:09:1b:35:d2:24:ea:8b:dd:c9:61:
eb:0f:9b:5a:e2:fa:05:5c:67:5b:68:2f:f7:65:b7:51:09:42:
5d:01:3a:cc:01:5a:39:68:39:f9:e3:18:ed:4d:57:ba:ba:ad:
d1:dd:10:c0:4a:ce:2b:50:a8:80:a9:70:63:13:59:cc:a6:da:
00:15:4d:2d:2f:6e:dd:11:a5:db:1e:3c:0a:de:e3:6a:44:65:
9a:33:12:8f:71:20:4f:c5:9a:2f:15:ad:35:22:43:a0:6c:f7:
2e:ac:8e:15:4d:93:7f:f6:76:c1:77:65:1c:de:1c:cf:d4:b9:
36:dc:51:fd:2d:f6:e7:97:a5:77:f4:71:96:87:27:2c:d3:bc:
7f:98:81:cc:f5:b6:9d:71:64:df:02:90:30:40:1e:77:83:85:
47:a6:1b:7a:06:d3:32:ae:dd:21:e1:03:60:95:0b:fe:31:18:
aa:b9:26:50:e2:30:a5:d5:45:8a:ca:e6:7e:c8:ec:4f:77:5b:
0d:9d:f2:83:02:90:d1:95:36:94:75:47:2a:f8:2a:2c:72:54:
56:97:d4:46
-----BEGIN CERTIFICATE-----
MIIGyjCCBbKgAwIBAgISAYI6iXV8Mww0YGGuc2uBG0A6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwNzI2MTI0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZhZTVlNGMxMWJjYjgxY2I4ZWU3NTVkZWFhZDc2MTkxZTU4Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUh7QTbtrlXnfIGDjaExtngQAsjW
YT4oOZFQ48QeDHeY7LyygcF+rNzeQRev+VXs4whC2W5fwdPERXwPLzj8gGzkSEQj
GNWqF+RLdmZvi6j89vnh30F4r9DENKHwpoHs7N9d8nnIGfWHog6MIgLPNzLKk08d
FF2Dnkben3ebgNjzFFhAl+22cZMlSiRkJAVuWDcsf8w7/CUbmZ1KkxgCnzWrYM96
UciWMkbPL1f/S9THyHyXCCY2TBD5WDXC7WH4iiit+vP11e52xUR1xs62cJ4tT/hu
8o850pB0sOXJyiHfBsZJbzcsuBCvbfXbQNgkTnz0ANoY4mcB4QOUEBtZlQIDAQAB
o4ID1jCCA9IwHQYDVR0OBBYEFGH65eTBG8uBy47nVd6q12GR5YKVMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWWZybDVNRWJ5NEhManVkVjNxclhZWkhsZ3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6gYIKwYBBQUHAQcBAf8EggHZMIIB1TCCAb4EAgABMIIB
tgMEAwUICAMEAgUIFDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAAFCD4DBAAFCEED
BAMFZQADBAIFZSADBAMFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQC
BbwsAwQBBbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQA
BbzPAwQCBbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAEfLLgDBAIfLLwD
BAMfuMADBAEfuOQwDAMEAB+45wMEAh+46AMEAR+47gMEAB+48wMEAiUJJAMEACUJ
MAMEACUJMgMEAiUJNAMEACWLMQMEACWLMzAMAwQAJYs1AwQCJYs4AwQBLqECAwQA
LqEIAwQBLqEKAwQBLqEOMAwDBAIuoRQDBAAuoRowDAMEAi6hHAMEAC6hHgMEAi6h
IAMEAC6hKjAMAwQCLqEsAwQCLqEwAwQCW/MgMAwDBAJb8ywDBANb8zADBAJb8zwD
BAFb81oDBABb810DBAJf1wADBAKSucQwDAMEAJK53wMEA5K54AMEAZK59AMEAryP
6AMEAcMC8DARBAIAAjALAwkGKgAdeAEAAcAwDQYJKoZIhvcNAQELBQADggEBAFlA
kLkiuF3O/v/hJQ/Ju5dmWbWgDhJvTl+vGnuuCwPldfwTJgGiJpqt3Sc4CRs10iTq
i93JYesPm1ri+gVcZ1toL/dlt1EJQl0BOswBWjloOfnjGO1NV7q6rdHdEMBKzitQ
qICpcGMTWcym2gAVTS0vbt0RpdsePAre42pEZZozEo9xIE/Fmi8VrTUiQ6Bs9y6s
jhVNk3/2dsF3ZRzeHM/UuTbcUf0t9ueXpXf0cZaHJyzTvH+Ygcz1tp1xZN8CkDBA
HneDhUemG3oG0zKu3SHhA2CVC/4xGKq5JlDiMKXVRYrK5n7I7E93Ww2d8oMCkNGV
NpR1Ryr4KixyVFaX1EY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org