Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa
File: tu9tMqzNIKMtAWsal6jxI_BmCD0.roa (raw, json)
Hash identifier: vKMVSGtw1BkSG5EJXqAxoK6CXoaWsEpM20yXGH7eKI4=
Subject key identifier: B6:EF:6D:32:AC:CD:20:A3:2D:01:6B:1A:97:A8:F1:23:F0:66:08:3D
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 495E8718
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa
Signing time: Wed 30 Mar 2022 08:20:44 +0000
ROA not before: Wed 30 Mar 2022 08:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.24.0/23 maxlen: 23
5.188.10.0/23 maxlen: 23
5.188.9.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.0.0/23 maxlen: 23
95.215.3.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
46.161.28.0/24 maxlen: 24
95.215.2.0/24 maxlen: 24
46.161.29.0/24 maxlen: 24
95.215.0.0/24 maxlen: 24
46.161.32.0/22 maxlen: 22
46.161.42.0/24 maxlen: 24
46.161.48.0/23 maxlen: 23
46.161.48.0/22 maxlen: 22
46.161.50.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/24 maxlen: 24
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/24 maxlen: 24
5.188.46.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
46.161.2.0/23 maxlen: 24
46.161.11.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.8.0/24 maxlen: 24
5.101.4.0/24 maxlen: 24
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.7.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.188.62.0/24 maxlen: 24
5.188.60.0/23 maxlen: 23
37.139.51.0/24 maxlen: 24
37.139.49.0/24 maxlen: 24
37.139.58.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.56.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.56.0/23 maxlen: 23
37.139.56.0/22 maxlen: 22
37.139.54.0/23 maxlen: 23
37.139.59.0/24 maxlen: 24
31.44.184.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
146.185.244.0/23 maxlen: 23
146.185.196.0/22 maxlen: 22
146.185.224.0/21 maxlen: 21
146.185.223.0/24 maxlen: 24
31.184.192.0/24 maxlen: 24
31.184.192.0/23 maxlen: 23
31.184.192.0/22 maxlen: 22
31.184.193.0/24 maxlen: 24
31.184.196.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.197.0/24 maxlen: 24
31.184.198.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
31.184.231.0/24 maxlen: 24
31.184.232.0/22 maxlen: 24
31.184.228.0/23 maxlen: 23
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.36.0/22 maxlen: 22
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.232.0/23 maxlen: 23
188.143.232.0/22 maxlen: 22
37.9.50.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
37.9.52.0/22 maxlen: 22
91.243.93.0/24 maxlen: 24
5.8.52.0/23 maxlen: 23
5.8.54.0/23 maxlen: 23
5.8.52.0/22 maxlen: 22
5.8.56.0/24 maxlen: 24
5.8.57.0/24 maxlen: 24
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.52.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.62.0/24 maxlen: 24
5.8.59.0/24 maxlen: 24
5.8.65.0/24 maxlen: 24
5.8.8.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.11.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.20.0/22 maxlen: 22
5.189.248.0/22 maxlen: 22
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.50.0/23 maxlen: 23
5.8.49.0/24 maxlen: 24
5.8.50.0/24 maxlen: 24
5.8.48.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.68.0/22 maxlen: 22
5.188.220.0/23 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.222.0/24 maxlen: 24
5.101.80.0/22 maxlen: 22
5.188.233.0/24 maxlen: 24
5.101.84.0/22 maxlen: 22
5.188.234.0/23 maxlen: 23
5.101.90.0/23 maxlen: 23
5.188.166.0/24 maxlen: 24
5.188.165.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.188.204.0/23 maxlen: 23
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.188.211.0/24 maxlen: 24
5.188.210.0/24 maxlen: 24
5.188.207.0/24 maxlen: 24
5.101.64.0/24 maxlen: 24
5.188.208.0/23 maxlen: 23
91.243.48.0/23 maxlen: 23
91.243.48.0/22 maxlen: 22
91.243.50.0/23 maxlen: 23
91.243.51.0/24 maxlen: 24
91.243.50.0/24 maxlen: 24
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.62.0/23 maxlen: 23
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
91.243.91.0/24 maxlen: 24
91.243.90.0/24 maxlen: 24
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1230931736 (0x495e8718)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Mar 30 08:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6ef6d32accd20a32d016b1a97a8f123f066083d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:77:a4:50:b5:65:48:60:15:47:fa:05:8f:
37:29:fd:17:bf:30:59:e7:d3:5d:fc:7c:07:f6:bf:
09:a9:65:65:d1:05:f6:37:b6:d9:a0:9b:a0:ee:3b:
44:44:1d:c5:e1:4c:db:e7:b6:64:cb:4f:b3:dc:45:
9a:46:ab:23:13:a8:b5:19:88:c2:56:19:92:1a:aa:
5a:f4:d2:8d:16:0f:2e:d1:58:5f:3d:b2:66:0e:57:
44:27:e5:ac:b6:02:3a:62:9b:44:e3:89:2a:48:22:
c6:cd:fa:b4:90:c6:22:70:ef:18:4d:4e:9d:aa:42:
e5:4d:9d:1d:cb:63:49:ff:9b:26:e8:c6:74:fe:a3:
94:ce:7a:bf:aa:5a:89:71:ee:50:53:70:29:04:7c:
64:88:d7:ec:e1:4f:52:c4:cc:29:dd:f1:b8:e0:cb:
21:d4:27:4c:2d:eb:e8:0a:2f:ad:1c:ea:eb:7b:55:
f1:a3:04:dd:f9:64:28:28:25:29:41:fe:8f:e8:74:
21:f8:ca:73:23:02:44:b4:54:12:67:24:f9:11:70:
7c:c2:62:27:42:d8:d4:d3:11:a2:0d:58:d0:cb:9b:
9a:c2:53:8d:00:b7:c9:8b:99:dd:36:bc:4b:9a:88:
5f:9b:12:3a:a7:f4:e2:fb:42:69:61:5e:de:c4:34:
c6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EF:6D:32:AC:CD:20:A3:2D:01:6B:1A:97:A8:F1:23:F0:66:08:3D
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.8.0/21
5.8.20.0/22
5.8.48.0-5.8.57.255
5.8.59.0-5.8.62.255
5.8.65.0/24
5.101.0.0/21
5.101.32.0/22
5.101.64.0/21
5.101.80.0/21
5.101.90.0/23
5.188.9.0-5.188.11.255
5.188.44.0-5.188.49.255
5.188.60.0-5.188.62.255
5.188.165.0-5.188.166.255
5.188.204.0/23
5.188.207.0-5.188.211.255
5.188.220.0/22
5.188.233.0-5.188.235.255
5.189.248.0/22
31.44.184.0/24
31.44.188.0/22
31.184.192.0/21
31.184.228.0/23
31.184.231.0-31.184.235.255
31.184.238.0/23
31.184.243.0/24
37.9.36.0/22
37.9.48.0/24
37.9.50.0/24
37.9.52.0/22
37.139.49.0/24
37.139.51.0/24
37.139.53.0-37.139.59.255
46.161.2.0/23
46.161.8.0/24
46.161.10.0/23
46.161.14.0/23
46.161.20.0-46.161.25.255
46.161.28.0/23
46.161.32.0/22
46.161.42.0/24
46.161.48.0/22
91.243.48.0/21
91.243.60.0/22
91.243.90.0/23
91.243.93.0/24
95.215.0.0/22
146.185.196.0/22
146.185.223.0-146.185.231.255
146.185.244.0/23
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
d1:e7:6a:7a:ed:2f:bc:3b:6d:bb:c4:4f:c3:97:64:c8:ea:72:
c1:e2:ae:58:2c:a7:81:8c:fc:54:ab:de:8f:db:dc:b1:88:66:
2b:04:3b:10:dd:56:9b:b6:0e:db:7e:d1:c7:ab:a0:69:d2:2e:
8a:16:5d:53:f3:6f:7a:9d:56:58:1c:13:1a:a2:d1:c7:c5:69:
76:de:12:04:7d:b7:51:88:fc:b6:6d:9b:ab:91:99:39:29:6b:
7a:68:d4:d7:d2:07:e9:20:c5:9d:ce:1f:4b:d3:85:7f:12:85:
5a:9e:3f:56:8e:5b:46:3c:e0:c6:54:c1:4d:fb:a1:87:82:5a:
e9:d1:7c:09:a7:1d:b5:33:82:3d:aa:6f:b9:c5:68:cc:d2:3a:
48:d4:b4:5d:e8:08:3b:f0:f0:14:17:a4:a1:5a:31:24:3a:e2:
cc:4c:b0:dc:99:1c:a5:99:f0:35:b1:4c:7c:79:93:10:66:5d:
8e:34:91:69:eb:5e:ab:72:aa:d9:69:ae:eb:97:1a:24:16:ae:
e9:ce:f8:62:4a:6c:99:66:b0:9b:43:ff:e4:70:3f:a7:66:10:
ab:fd:84:03:a0:5d:dd:17:5e:58:58:31:c2:40:39:2c:21:fe:
33:8f:fa:43:c7:55:88:23:c9:fe:96:ca:c0:f0:01:0f:1a:22:
f2:b7:ff:0c
-----BEGIN CERTIFICATE-----
MIIGnjCCBYagAwIBAgIESV6HGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDMz
MDA4MjA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZlZjZkMzJhY2Nk
MjBhMzJkMDE2YjFhOTdhOGYxMjNmMDY2MDgzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdzd6RQtWVIYBVH+gWPNyn9F78wWefTXfx8B/a/CallZdEF
9je22aCboO47REQdxeFM2+e2ZMtPs9xFmkarIxOotRmIwlYZkhqqWvTSjRYPLtFY
Xz2yZg5XRCflrLYCOmKbROOJKkgixs36tJDGInDvGE1OnapC5U2dHctjSf+bJujG
dP6jlM56v6paiXHuUFNwKQR8ZIjX7OFPUsTMKd3xuODLIdQnTC3r6AovrRzq63tV
8aME3flkKCglKUH+j+h0IfjKcyMCRLRUEmck+RFwfMJiJ0LY1NMRog1Y0MubmsJT
jQC3yYuZ3Ta8S5qIX5sSOqf04vtCaWFe3sQ0xmMCAwEAAaOCA7gwggO0MB0GA1Ud
DgQWBBS2720yrM0goy0BaxqXqPEj8GYIPTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L3R1OXRNcXpOSUtNdEFXc2FsNmp4SV9CbUNEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AcwGCCsGAQUFBwEHAQH/BIIBuzCCAbcwggGgBAIAATCCAZgDBAMFCAgDBAIFCBQw
DAMEBAUIMAMEAQUIODAMAwQABQg7AwQABQg+AwQABQhBAwQDBWUAAwQCBWUgAwQD
BWVAAwQDBWVQAwQBBWVaMAwDBAAFvAkDBAIFvAgwDAMEAgW8LAMEAQW8MDAMAwQC
Bbw8AwQABbw+MAwDBAAFvKUDBAAFvKYDBAEFvMwwDAMEAAW8zwMEAgW80AMEAgW8
3DAMAwQABbzpAwQCBbzoAwQCBb34AwQAHyy4AwQCHyy8AwQDH7jAAwQBH7jkMAwD
BAAfuOcDBAIfuOgDBAEfuO4DBAAfuPMDBAIlCSQDBAAlCTADBAAlCTIDBAIlCTQD
BAAlizEDBAAlizMwDAMEACWLNQMEAiWLOAMEAS6hAgMEAC6hCAMEAS6hCgMEAS6h
DjAMAwQCLqEUAwQBLqEYAwQBLqEcAwQCLqEgAwQALqEqAwQCLqEwAwQDW/MwAwQC
W/M8AwQBW/NaAwQAW/NdAwQCX9cAAwQCkrnEMAwDBACSud8DBAOSueADBAGSufQD
BAK8j+gDBAHDAvAwEQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IB
AQDR52p67S+8O227xE/Dl2TI6nLB4q5YLKeBjPxUq96P29yxiGYrBDsQ3Vabtg7b
ftHHq6Bp0i6KFl1T8296nVZYHBMaotHHxWl23hIEfbdRiPy2bZurkZk5KWt6aNTX
0gfpIMWdzh9L04V/EoVanj9WjltGPODGVMFN+6GHglrp0XwJpx21M4I9qm+5xWjM
0jpI1LRd6Ag78PAUF6ShWjEkOuLMTLDcmRylmfA1sUx8eZMQZl2ONJFp616rcqrZ
aa7rlxokFq7pzvhiSmyZZrCbQ//kcD+nZhCr/YQDoF3dF15YWDHCQDksIf4zj/pD
x1WII8n+lsrA8AEPGiLyt/8M
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org