Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa
File: cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa (raw, json)
Hash identifier: +FLp+heQ73N/pbzsIOdIWctTXo+W//pmixOqlmUb6/k=
Subject key identifier: 72:04:4B:59:9A:A9:59:12:4C:2B:63:C8:27:F7:24:7F:29:95:0C:89
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01821525F380A2EF0CA6F662CA92E2FA1883
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa
Signing time: Tue 19 Jul 2022 06:29:44 +0000
ROA not before: Tue 19 Jul 2022 06:29:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
95.215.0.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.185.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.196.0/22 maxlen: 22
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.36.0/22 maxlen: 22
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.62.0/24 maxlen: 24
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/22 maxlen: 22
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.68.0/22 maxlen: 22
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:25:f3:80:a2:ef:0c:a6:f6:62:ca:92:e2:fa:18:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jul 19 06:29:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72044b599aa959124c2b63c827f7247f29950c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:ae:d2:68:2e:8e:c8:cb:e3:cd:f4:54:3b:
d3:bd:f1:e7:04:d8:a9:58:e0:f4:0e:93:61:26:23:
13:d4:e9:2c:8a:63:d3:3e:ac:ec:ba:7b:42:f9:26:
2e:49:38:48:aa:31:77:f0:c2:80:ce:57:c6:3d:c9:
4c:30:b6:09:57:05:3e:e1:f9:4d:7c:5b:68:34:24:
8b:48:b9:75:e0:dc:f9:d2:f3:3e:85:ae:3b:bd:ca:
8f:23:f1:ac:06:47:6d:4b:86:cf:46:96:e5:93:14:
2e:3f:84:46:45:27:8d:9a:2e:8b:48:73:21:96:72:
c7:27:a6:8a:f9:78:0e:f6:73:5c:5b:90:b0:fc:39:
f0:38:3d:95:67:4d:94:81:3a:be:5b:45:14:9e:5e:
79:04:2f:81:fd:ee:61:f4:fb:87:35:0c:88:34:49:
ea:ef:d5:15:18:73:68:57:b8:a6:89:77:ca:4f:e5:
1d:a8:10:13:30:0d:eb:59:da:96:3c:1a:42:e1:08:
7e:d9:ed:64:b1:e4:7f:24:de:47:87:83:a9:25:c2:
55:df:ed:56:83:3e:77:a4:fa:d6:41:ba:00:43:85:
2e:ac:7c:cf:c3:fc:5f:2b:f3:53:58:c7:18:2a:d6:
09:48:01:9d:05:b9:6e:a6:6b:be:09:17:92:17:71:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:04:4B:59:9A:A9:59:12:4C:2B:63:C8:27:F7:24:7F:29:95:0C:89
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.62.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/21
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/23
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.36.0/22
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.25.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.48.0/21
91.243.60.0/22
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.196.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
96:85:53:57:af:72:4b:ee:f8:c0:46:f3:37:1d:f9:d1:05:36:
ad:27:61:52:d0:b7:6c:64:3d:a4:c1:09:d9:0c:eb:f3:1d:b4:
b3:cb:47:8f:93:bf:5f:90:65:54:1c:71:6f:fd:9e:31:76:39:
38:c8:6c:f5:31:98:dc:ae:d4:ac:6e:a5:59:d9:22:33:e3:c1:
6d:90:c3:7c:c2:56:e7:31:da:f9:26:27:93:a6:4a:d3:ce:a9:
7a:01:4e:d5:d6:19:55:d8:ac:85:73:25:ba:cc:2c:8a:3f:7b:
eb:09:69:fc:85:12:08:ca:b5:0a:26:a2:69:fb:a4:05:1d:20:
8c:9b:a6:3c:05:2e:d7:a7:a2:98:31:e0:95:f5:e7:8c:ba:71:
6c:b9:72:2c:30:dd:32:22:0b:15:44:f0:8a:aa:8e:c1:97:59:
e4:df:9d:87:1c:98:7a:0c:4e:42:66:40:14:e8:40:2b:31:01:
c0:23:e2:4b:bd:69:27:99:38:ec:ee:c4:e1:68:fa:c3:02:9b:
8b:95:c2:ec:58:84:b7:90:2b:cc:fd:9b:45:ea:79:32:c0:7f:
08:14:03:20:7e:a8:5d:f3:8f:d9:2a:c5:0c:ee:8c:29:50:5b:
81:95:0b:71:cd:86:e8:20:49:fc:74:11:3a:47:71:54:ab:e4:
cd:fe:38:e9
-----BEGIN CERTIFICATE-----
MIIGwjCCBaqgAwIBAgISAYIVJfOAou8MpvZiypLi+hiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwNzE5MDYyOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA0NGI1OTlhYTk1OTEyNGMyYjYzYzgyN2Y3MjQ3ZjI5OTUwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbKu0mgujsjL4830VDvTvfHnBNip
WOD0DpNhJiMT1OksimPTPqzsuntC+SYuSThIqjF38MKAzlfGPclMMLYJVwU+4flN
fFtoNCSLSLl14Nz50vM+ha47vcqPI/GsBkdtS4bPRpblkxQuP4RGRSeNmi6LSHMh
lnLHJ6aK+XgO9nNcW5Cw/DnwOD2VZ02UgTq+W0UUnl55BC+B/e5h9PuHNQyINEnq
79UVGHNoV7imiXfKT+UdqBATMA3rWdqWPBpC4Qh+2e1kseR/JN5Hh4OpJcJV3+1W
gz53pPrWQboAQ4UurHzPw/xfK/NTWMcYKtYJSAGdBblupmu+CReSF3FzDQIDAQAB
o4IDzjCCA8owHQYDVR0OBBYEFHIES1maqVkSTCtjyCf3JH8plQyJMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvY2dSTFdacXBXUkpNSzJQSUpfY2tmeW1WRElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB4gYIKwYBBQUHAQcBAf8EggHRMIIBzTCCAbYEAgABMIIB
rgMEAwUICAMEAgUIFDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAAFCD4DBAAFCEED
BAMFZQADBAIFZSADBAMFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQC
BbwsAwQBBbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQA
BbzPAwQCBbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAEfLLgDBAIfLLwD
BAMfuMADBAEfuOQwDAMEAB+45wMEAh+46AMEAR+47gMEAB+48wMEAiUJJAMEACUJ
MAMEACUJMgMEAiUJNAMEACWLMQMEACWLMzAMAwQAJYs1AwQCJYs4AwQBLqECAwQA
LqEIAwQBLqEKAwQBLqEOMAwDBAIuoRQDBAEuoRgwDAMEAi6hHAMEAC6hHgMEAi6h
IAMEAC6hKjAMAwQCLqEsAwQCLqEwAwQCW/MgAwQDW/MwAwQCW/M8AwQBW/NaAwQA
W/NdAwQCX9cAAwQCkrnEMAwDBACSud8DBAOSueADBAGSufQDBAK8j+gDBAHDAvAw
EQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQCWhVNXr3JL7vjA
RvM3HfnRBTatJ2FS0LdsZD2kwQnZDOvzHbSzy0ePk79fkGVUHHFv/Z4xdjk4yGz1
MZjcrtSsbqVZ2SIz48FtkMN8wlbnMdr5JieTpkrTzql6AU7V1hlV2KyFcyW6zCyK
P3vrCWn8hRIIyrUKJqJp+6QFHSCMm6Y8BS7Xp6KYMeCV9eeMunFsuXIsMN0yIgsV
RPCKqo7Bl1nk352HHJh6DE5CZkAU6EArMQHAI+JLvWknmTjs7sThaPrDApuLlcLs
WIS3kCvM/ZtF6nkywH8IFAMgfqhd84/ZKsUM7owpUFuBlQtxzYboIEn8dBE6R3FU
q+TN/jjp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org