Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/pzDSf68Uq686npuIJ7CUqsmDaTY.roa
File: pzDSf68Uq686npuIJ7CUqsmDaTY.roa (raw, json)
Hash identifier: th2RsZVRD0FvN8nLTUAKPMYljtxsCQpnu9zProTvgcw=
Subject key identifier: A7:30:D2:7F:AF:14:AB:AF:3A:9E:9B:88:27:B0:94:AA:C9:83:69:36
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 48B629C8
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/pzDSf68Uq686npuIJ7CUqsmDaTY.roa
Signing time: Thu 20 Jan 2022 17:28:32 +0000
ROA not before: Thu 20 Jan 2022 17:28:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
95.215.0.0/24 maxlen: 24
46.161.30.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.41.0/24 maxlen: 24
46.161.48.0/23 maxlen: 23
46.161.48.0/22 maxlen: 22
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.1.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
5.188.84.0/24 maxlen: 24
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.196.0/22 maxlen: 22
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.36.0/22 maxlen: 22
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.62.0/24 maxlen: 24
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.68.0/22 maxlen: 22
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.48.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1219897800 (0x48b629c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 20 17:28:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a730d27faf14abaf3a9e9b8827b094aac9836936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:df:29:e2:bc:49:59:87:07:4f:21:da:d4:43:
20:bf:d4:d3:d2:8f:96:2d:33:6f:ee:ee:1e:5c:e0:
6b:d3:56:47:09:ae:73:49:14:51:42:d0:69:79:b4:
2c:8a:ea:49:9b:ea:42:b3:73:09:49:58:47:81:5f:
f3:7e:f1:c5:73:02:aa:8f:2d:e7:f6:e2:ca:0d:b2:
c6:66:80:5c:2a:52:0b:de:d6:fa:e8:9a:fe:58:87:
d2:bd:93:64:d8:c8:17:66:26:f5:42:4d:6e:ab:bb:
ec:db:e8:1b:84:62:85:57:13:a8:fe:01:a2:37:86:
9c:a3:63:34:ab:63:82:cb:34:1e:7b:fc:57:b1:70:
91:d6:25:3d:df:e6:c1:e8:4c:0f:4c:87:23:e2:1c:
ff:89:cb:54:cc:ae:c2:bc:9b:94:9f:a1:d6:f6:0b:
8a:33:61:2d:f7:e2:3a:10:7a:01:4e:fb:d5:19:8f:
2a:db:6d:49:a0:86:83:89:41:70:3a:cd:08:af:d6:
8b:ba:a4:eb:51:65:e9:90:ea:cf:b1:57:a3:61:68:
a5:4d:d3:65:30:f4:68:9f:60:39:b5:49:b8:9d:59:
7c:61:e9:6a:0e:3f:ff:45:9a:d3:fe:41:a6:75:03:
1f:ed:01:28:2c:c9:6a:46:9e:d5:4b:5c:47:b8:23:
bb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:30:D2:7F:AF:14:AB:AF:3A:9E:9B:88:27:B0:94:AA:C9:83:69:36
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/pzDSf68Uq686npuIJ7CUqsmDaTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.62.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/21
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.84.0/24
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/24
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.36.0/22
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.1.0-46.161.3.255
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.25.255
46.161.28.0-46.161.30.255
46.161.32.0/22
46.161.41.0-46.161.42.255
46.161.48.0/22
91.243.48.0/21
91.243.60.0/22
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.196.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
2e:8f:59:8c:8b:ff:7e:f1:46:e8:80:c7:6c:9a:8b:ef:6c:61:
4c:b5:9f:cf:1d:e0:a2:8a:8c:28:ee:a7:25:22:93:6a:a3:f1:
76:d1:6a:93:4b:07:65:86:4c:2d:4d:eb:f4:94:f9:bc:49:69:
16:8a:29:7a:d3:aa:2d:1b:36:aa:16:69:7a:01:f0:82:85:6d:
4a:c9:78:45:45:cb:62:94:a5:37:a8:e3:98:ae:6c:b7:18:36:
33:60:26:6a:8f:b2:3a:79:2a:ba:b1:e9:60:fd:78:d9:be:b4:
5f:d2:9c:68:a6:0c:a1:54:8d:7a:f3:11:8b:7c:ad:63:86:39:
ff:f5:42:cf:40:d8:af:a4:cf:92:53:71:69:70:cb:f4:e8:19:
aa:eb:01:6c:d0:0f:5b:51:ee:02:c2:e8:b7:6a:1e:ee:32:bc:
b5:23:4b:c1:a1:03:b9:2f:3d:e1:ce:12:1d:f1:3e:29:10:66:
7f:db:5a:f2:59:a0:5a:33:95:de:33:80:a1:bb:a8:25:51:2b:
ae:68:81:0c:38:56:8f:0b:c9:14:3a:d8:ff:88:9d:3f:06:8f:
12:80:5e:b9:12:9a:38:7d:76:0d:f7:80:2a:92:8d:2c:6c:38:
3c:4f:eb:8d:df:ed:49:f7:91:29:bf:da:e7:7f:4f:87:8d:b4:
65:05:a3:bb
-----BEGIN CERTIFICATE-----
MIIGvDCCBaSgAwIBAgIESLYpyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEy
MDE3MjgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTczMGQyN2ZhZjE0
YWJhZjNhOWU5Yjg4MjdiMDk0YWFjOTgzNjkzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjfKeK8SVmHB08h2tRDIL/U09KPli0zb+7uHlzga9NWRwmu
c0kUUULQaXm0LIrqSZvqQrNzCUlYR4Ff837xxXMCqo8t5/biyg2yxmaAXCpSC97W
+uia/liH0r2TZNjIF2Ym9UJNbqu77NvoG4RihVcTqP4BojeGnKNjNKtjgss0Hnv8
V7FwkdYlPd/mwehMD0yHI+Ic/4nLVMyuwryblJ+h1vYLijNhLffiOhB6AU771RmP
KtttSaCGg4lBcDrNCK/Wi7qk61Fl6ZDqz7FXo2FopU3TZTD0aJ9gObVJuJ1ZfGHp
ag4//0Wa0/5BpnUDH+0BKCzJakae1UtcR7gju4MCAwEAAaOCA9YwggPSMB0GA1Ud
DgQWBBSnMNJ/rxSrrzqem4gnsJSqyYNpNjAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L3B6RFNmNjhVcTY4Nm5wdUlKN0NVcXNtRGFUWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AeoGCCsGAQUFBwEHAQH/BIIB2TCCAdUwggG+BAIAATCCAbYDBAMFCAgDBAIFCBQw
DAMEBAUIMAMEAQUIODAMAwQABQg7AwQABQg+AwQABQhBAwQDBWUAAwQCBWUgAwQD
BWVAAwQDBWVQAwQBBWVaMAwDBAAFvAkDBAIFvAgwDAMEAgW8LAMEAQW8MDAMAwQC
Bbw8AwQABbw+AwQABbxUMAwDBAAFvKUDBAAFvKYDBAEFvMwwDAMEAAW8zwMEAgW8
0AMEAgW83DAMAwQABbzpAwQCBbzoAwQCBb34AwQAHyy4AwQCHyy8AwQDH7jAAwQB
H7jkMAwDBAAfuOcDBAIfuOgDBAEfuO4DBAAfuPMDBAIlCSQDBAAlCTADBAAlCTID
BAIlCTQDBAAlizEDBAAlizMwDAMEACWLNQMEAiWLODAMAwQALqEBAwQCLqEAAwQA
LqEIAwQBLqEKAwQBLqEOMAwDBAIuoRQDBAEuoRgwDAMEAi6hHAMEAC6hHgMEAi6h
IDAMAwQALqEpAwQALqEqAwQCLqEwAwQDW/MwAwQCW/M8AwQBW/NaAwQAW/NdAwQC
X9cAAwQCkrnEMAwDBACSud8DBAOSueADBAGSufQDBAK8j+gDBAHDAvAwEQQCAAIw
CwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQAuj1mMi/9+8UbogMdsmovv
bGFMtZ/PHeCiiowo7qclIpNqo/F20WqTSwdlhkwtTev0lPm8SWkWiil606otGzaq
Fml6AfCChW1KyXhFRctilKU3qOOYrmy3GDYzYCZqj7I6eSq6selg/XjZvrRf0pxo
pgyhVI168xGLfK1jhjn/9ULPQNivpM+SU3FpcMv06Bmq6wFs0A9bUe4Cwui3ah7u
Mry1I0vBoQO5Lz3hzhId8T4pEGZ/21ryWaBaM5XeM4Chu6glUSuuaIEMOFaPC8kU
Otj/iJ0/Bo8SgF65Epo4fXYN94Aqko0sbDg8T+uN3+1J95Epv9rnf0+HjbRlBaO7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org