Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kDqBAtsBkJ5xi8OWek-W-F1L5ug.roa
File: kDqBAtsBkJ5xi8OWek-W-F1L5ug.roa (raw, json)
Hash identifier: gEzrCJoCsTzI9ahErw0njvtujOGoFRHCPbp+g8VYziA=
Subject key identifier: 90:3A:81:02:DB:01:90:9E:71:8B:C3:96:7A:4F:96:F8:5D:4B:E6:E8
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0184E11F343DFED5EE38703E9E41B167F7DB
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kDqBAtsBkJ5xi8OWek-W-F1L5ug.roa
Signing time: Mon 05 Dec 2022 07:10:29 +0000
ROA not before: Mon 05 Dec 2022 07:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/23 maxlen: 23
46.161.48.0/22 maxlen: 22
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.185.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
185.238.152.0/22 maxlen: 22
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
31.184.200.0/22 maxlen: 22
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.36.0/22 maxlen: 22
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.44.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.56.0/22 maxlen: 22
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:1f:34:3d:fe:d5:ee:38:70:3e:9e:41:b1:67:f7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 5 07:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=903a8102db01909e718bc3967a4f96f85d4be6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:de:f6:2c:66:e1:7c:b2:55:7b:b9:d6:22:72:
c8:c4:5a:8e:ff:4c:a3:33:00:3f:da:88:4c:bc:42:
84:c6:d7:41:ab:10:3a:8d:93:a5:69:0f:26:4a:f6:
c9:44:fc:01:49:cc:97:87:d2:d6:9d:03:14:02:52:
93:01:22:95:f3:f9:98:c1:f3:af:db:02:dd:3c:a4:
ae:5a:a2:61:49:54:b7:53:11:39:29:2a:c1:a3:54:
c0:ae:dd:af:14:ee:1b:9f:f2:58:0a:a6:a1:a6:3b:
5f:f0:43:6d:f2:70:c7:84:89:23:7d:4c:65:8e:ce:
e4:8b:45:9e:6a:a8:d1:6d:29:86:4c:4e:37:3c:af:
62:22:5e:e6:48:0d:14:ed:35:78:58:2e:9c:f8:76:
ec:81:1d:e4:12:6d:e5:c4:ee:5b:10:15:9c:a5:ec:
12:95:91:cd:49:78:a8:f4:4b:e6:c9:86:d4:80:ed:
cb:ed:82:b3:b2:d8:03:ba:80:e0:0e:ec:bf:ba:c1:
bc:10:e6:95:93:fd:75:b3:1c:14:08:c2:63:8e:d5:
e1:7f:62:56:36:4c:40:be:a3:d0:06:96:66:97:9a:
33:8e:fe:c9:9a:f9:28:4b:76:d5:4a:52:67:f2:c9:
1a:47:87:17:16:76:65:78:b3:8f:0d:0e:e0:e5:10:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3A:81:02:DB:01:90:9E:71:8B:C3:96:7A:4F:96:F8:5D:4B:E6:E8
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kDqBAtsBkJ5xi8OWek-W-F1L5ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.61.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/21
5.101.64.0/22
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/23
31.44.188.0/22
31.184.192.0-31.184.203.255
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.26.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.42.0/24
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.44.0-91.243.63.255
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
185.238.152.0/22
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
93:58:a6:a2:95:ea:c0:ba:1b:98:8b:00:7f:9d:0b:60:06:1f:
15:f5:0e:7c:d5:e9:04:30:5b:a9:11:b7:0e:86:b9:1f:21:21:
be:d1:7f:36:ab:71:77:69:4a:70:57:d1:f1:a5:19:8b:69:4c:
e0:6b:86:f7:e9:68:9d:db:38:92:30:cf:a7:8d:48:85:c0:66:
2e:ef:1a:61:ba:bf:5c:66:df:ba:1f:07:35:be:bc:85:3d:4d:
56:43:4c:ae:6e:43:a4:70:fa:0e:6e:9e:a9:da:06:0c:9f:04:
67:d6:b5:83:87:fb:60:b7:89:fa:9d:cc:8d:8f:6b:f9:22:d5:
2f:e9:29:cd:4e:3e:2f:60:1f:1e:56:f0:a1:b3:c5:3a:27:e3:
4f:61:f9:6f:ea:cb:bb:73:58:70:28:29:4b:23:79:61:e9:54:
ef:8b:71:29:ca:28:57:cf:54:23:14:85:71:30:cf:4a:ac:9b:
ad:6c:9c:35:df:7e:ba:04:b6:0a:47:71:bf:37:47:8f:b5:12:
d8:65:9f:05:7a:cc:e5:db:74:05:a5:29:f5:76:9b:b3:97:70:
a1:87:d8:84:4b:1a:88:32:34:e7:d9:c8:8a:33:ad:07:f8:cd:
4c:c2:b7:81:cf:1a:6a:84:b1:e8:e1:e2:71:89:fe:d3:f7:a2:
29:d8:5f:d6
-----BEGIN CERTIFICATE-----
MIIGxjCCBa6gAwIBAgISAYThHzQ9/tXuOHA+nkGxZ/fbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjA1MDcxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNhODEwMmRiMDE5MDllNzE4YmMzOTY3YTRmOTZmODVkNGJlNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN72LGbhfLJVe7nWInLIxFqO/0yj
MwA/2ohMvEKExtdBqxA6jZOlaQ8mSvbJRPwBScyXh9LWnQMUAlKTASKV8/mYwfOv
2wLdPKSuWqJhSVS3UxE5KSrBo1TArt2vFO4bn/JYCqahpjtf8ENt8nDHhIkjfUxl
js7ki0WeaqjRbSmGTE43PK9iIl7mSA0U7TV4WC6c+HbsgR3kEm3lxO5bEBWcpewS
lZHNSXio9EvmyYbUgO3L7YKzstgDuoDgDuy/usG8EOaVk/11sxwUCMJjjtXhf2JW
NkxAvqPQBpZml5ozjv7JmvkoS3bVSlJn8skaR4cXFnZleLOPDQ7g5RDWUwIDAQAB
o4ID0jCCA84wHQYDVR0OBBYEFJA6gQLbAZCecYvDlnpPlvhdS+boMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEva0RxQkF0c0JrSjV4aThPV2VrLVctRjFMNXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5gYIKwYBBQUHAQcBAf8EggHVMIIB0TCCAboEAgABMIIB
sgMEAwUICAMEAgUIFDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEED
BAMFZQADBAMFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQC
BbwsAwQBBbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQA
BbzPAwQCBbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAEfLLgDBAIfLLww
DAMEBh+4wAMEAh+4yAMEAR+45DAMAwQAH7jnAwQCH7joAwQBH7juAwQAH7jzAwQA
JQkwAwQAJQkyAwQCJQk0AwQAJYsxAwQAJYszMAwDBAAlizUDBAIlizgDBAEuoQID
BAAuoQgDBAEuoQoDBAEuoQ4wDAMEAi6hFAMEAC6hGjAMAwQCLqEcAwQALqEeAwQC
LqEgAwQALqEqMAwDBAIuoSwDBAIuoTADBAJb8yAwDAMEAlvzLAMEBlvzAAMEAVvz
WgMEAFvzXQMEAl/XADAMAwQAkrnfAwQDkrngAwQBkrn0AwQCue6YAwQCvI/oAwQB
wwLwMBEEAgACMAsDCQYqAB14AQABwDANBgkqhkiG9w0BAQsFAAOCAQEAk1imopXq
wLobmIsAf50LYAYfFfUOfNXpBDBbqRG3Doa5HyEhvtF/Nqtxd2lKcFfR8aUZi2lM
4GuG9+londs4kjDPp41IhcBmLu8aYbq/XGbfuh8HNb68hT1NVkNMrm5DpHD6Dm6e
qdoGDJ8EZ9a1g4f7YLeJ+p3MjY9r+SLVL+kpzU4+L2AfHlbwobPFOifjT2H5b+rL
u3NYcCgpSyN5YelU74txKcooV89UIxSFcTDPSqybrWycNd9+ugS2CkdxvzdHj7US
2GWfBXrM5dt0BaUp9Xabs5dwoYfYhEsaiDI059nIijOtB/jNTMK3gc8aaoSx6OHi
cYn+0/eiKdhf1g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org