Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Zqk3yr2p9as5IwWMQPyEG08ArAc.roa
File: Zqk3yr2p9as5IwWMQPyEG08ArAc.roa (raw, json)
Hash identifier: Yg8I1ta2kqZ0s0Q2GTPnddL/IMz1IqellF0vC5r4AZU=
Subject key identifier: 66:A9:37:CA:BD:A9:F5:AB:39:23:05:8C:40:FC:84:1B:4F:00:AC:07
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0185958900215E4778A415367BB9FAE9655F
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Zqk3yr2p9as5IwWMQPyEG08ArAc.roa
Signing time: Mon 09 Jan 2023 07:57:41 +0000
ROA not before: Mon 09 Jan 2023 07:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.12.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/23 maxlen: 23
46.161.48.0/22 maxlen: 22
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
185.238.152.0/22 maxlen: 22
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
31.184.200.0/22 maxlen: 22
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.164.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.36.0/22 maxlen: 22
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.44.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.56.0/22 maxlen: 22
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:89:00:21:5e:47:78:a4:15:36:7b:b9:fa:e9:65:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 9 07:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66a937cabda9f5ab3923058c40fc841b4f00ac07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:22:1b:18:8a:7d:9a:0f:e2:b3:e1:f7:22:40:
b3:f7:1f:8e:f2:1c:83:b7:8e:62:9e:71:17:fc:6a:
5e:53:5f:99:ea:21:a5:43:b1:22:69:c3:1c:71:12:
d1:35:fa:60:24:94:d1:8a:eb:01:4c:c7:76:a0:72:
20:b2:67:91:9b:2e:20:a1:5b:cb:55:8a:26:ed:1f:
c2:7a:fa:e3:b0:ed:fc:8c:ee:86:d3:1a:f3:99:ff:
31:62:05:65:5e:9f:79:e2:75:82:ec:92:9b:56:db:
f6:1e:ee:88:84:9f:ad:4d:2f:ac:5e:a9:33:cb:71:
29:df:3e:4b:9c:80:08:47:ee:8f:0f:18:29:9b:26:
44:b8:3e:b9:41:23:ff:ec:56:32:ea:45:35:29:18:
34:f2:d7:1a:02:c8:0b:26:11:ec:f2:89:be:13:33:
b8:e3:08:af:a9:1e:4a:96:d5:6d:86:71:16:ac:a5:
7e:3d:b3:c7:17:ab:5b:4b:54:c3:a2:23:88:f2:6b:
02:14:e5:9e:df:81:3d:ae:57:d9:4e:1d:04:4a:00:
0a:4e:f7:84:96:65:d2:88:bd:a9:76:4d:0f:84:01:
c9:ef:a1:05:ca:11:31:5c:2d:17:30:f9:f8:b3:89:
2e:1d:8e:8c:b3:68:f6:49:fe:8e:fc:32:a4:f5:82:
f2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A9:37:CA:BD:A9:F5:AB:39:23:05:8C:40:FC:84:1B:4F:00:AC:07
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Zqk3yr2p9as5IwWMQPyEG08ArAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.48.0-5.8.57.255
5.8.59.0-5.8.61.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/21
5.101.64.0/22
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.164.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/24
31.44.188.0/22
31.184.192.0-31.184.203.255
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0-46.161.15.255
46.161.20.0-46.161.26.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.44.0-91.243.63.255
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
185.238.152.0/22
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
2f:29:7d:dc:a0:44:15:c2:9a:97:a5:2d:88:9e:dd:98:ac:ac:
a2:51:12:8e:f8:4e:a6:86:89:f1:3c:69:29:dc:43:9f:0c:2c:
01:b7:71:d1:56:54:8e:57:8c:32:53:64:8d:fa:60:a0:1c:6f:
02:31:f7:10:7c:7b:ac:cd:36:e5:07:c5:8c:f6:2c:c2:e5:2c:
eb:5a:ad:21:71:05:bc:08:ef:d5:15:d8:5c:0d:b2:80:42:c6:
df:be:04:5a:94:a0:c0:87:3e:d8:d5:21:62:35:dc:cc:d4:8e:
1c:bd:ef:d0:11:2f:87:68:71:cb:72:3c:d6:9f:c8:fb:2d:1d:
48:09:15:f3:12:36:b1:7b:70:c1:7f:08:84:aa:83:94:ca:3e:
e9:11:54:77:d6:b7:00:30:4b:20:1b:c2:ab:a6:cf:cd:2e:28:
18:fb:fb:bc:14:e0:29:4c:3d:32:cb:43:fc:3c:7d:04:72:a6:
cd:a8:56:ba:66:9b:3f:86:7c:be:f1:59:76:dc:a5:c4:04:26:
87:3c:11:50:0e:68:c7:cf:23:2a:e5:a6:9e:c7:78:3b:30:12:
a7:5c:5e:ca:85:8f:e5:f5:64:c5:89:8e:3e:3b:54:25:3c:ac:
8e:c1:f1:58:ae:66:d9:35:8a:9c:0a:2f:3b:47:51:07:0d:69:
fc:d0:62:20
-----BEGIN CERTIFICATE-----
MIIGvDCCBaSgAwIBAgISAYWViQAhXkd4pBU2e7n66WVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTA5MDc1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE5MzdjYWJkYTlmNWFiMzkyMzA1OGM0MGZjODQxYjRmMDBhYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyIbGIp9mg/is+H3IkCz9x+O8hyD
t45innEX/GpeU1+Z6iGlQ7EiacMccRLRNfpgJJTRiusBTMd2oHIgsmeRmy4goVvL
VYom7R/CevrjsO38jO6G0xrzmf8xYgVlXp954nWC7JKbVtv2Hu6IhJ+tTS+sXqkz
y3Ep3z5LnIAIR+6PDxgpmyZEuD65QSP/7FYy6kU1KRg08tcaAsgLJhHs8om+EzO4
4wivqR5KltVthnEWrKV+PbPHF6tbS1TDoiOI8msCFOWe34E9rlfZTh0ESgAKTveE
lmXSiL2pdk0PhAHJ76EFyhExXC0XMPn4s4kuHY6Ms2j2Sf6O/DKk9YLyNQIDAQAB
o4IDyDCCA8QwHQYDVR0OBBYEFGapN8q9qfWrOSMFjED8hBtPAKwHMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWnFrM3lyMnA5YXM1SXdXTVFQeUVHMDhBckFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3AYIKwYBBQUHAQcBAf8EggHLMIIBxzCCAbAEAgABMIIB
qAMEAwUICDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEEDBAMFZQAD
BAMFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQCBbwsAwQB
BbwwMAwDBAIFvDwDBAAFvD4wDAMEAgW8pAMEAAW8pgMEAQW8zDAMAwQABbzPAwQC
BbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAAfLLgDBAIfLLwwDAMEBh+4
wAMEAh+4yAMEAR+45DAMAwQAH7jnAwQCH7joAwQBH7juAwQAH7jzAwQAJQkwAwQC
JQk0AwQAJYsxAwQAJYszMAwDBAAlizUDBAIlizgDBAEuoQIDBAAuoQgwDAMEAS6h
CgMEBC6hADAMAwQCLqEUAwQALqEaMAwDBAIuoRwDBAAuoR4DBAIuoSADBAAuoSow
DAMEAi6hLAMEAi6hMAMEAlvzIDAMAwQCW/MsAwQGW/MAAwQBW/NaAwQAW/NdAwQC
X9cAMAwDBACSud8DBAOSueADBAGSufQDBAK57pgDBAK8j+gDBAHDAvAwEQQCAAIw
CwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQAvKX3coEQVwpqXpS2Int2Y
rKyiURKO+E6mhonxPGkp3EOfDCwBt3HRVlSOV4wyU2SN+mCgHG8CMfcQfHuszTbl
B8WM9izC5SzrWq0hcQW8CO/VFdhcDbKAQsbfvgRalKDAhz7Y1SFiNdzM1I4cve/Q
ES+HaHHLcjzWn8j7LR1ICRXzEjaxe3DBfwiEqoOUyj7pEVR31rcAMEsgG8Krps/N
LigY+/u8FOApTD0yy0P8PH0EcqbNqFa6Zps/hny+8Vl23KXEBCaHPBFQDmjHzyMq
5aaex3g7MBKnXF7KhY/l9WTFiY4+O1QlPKyOwfFYrmbZNYqcCi87R1EHDWn80GIg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org