Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/6qg9Xml9Mbup4T75x77C8gCj47Q.roa
File: 6qg9Xml9Mbup4T75x77C8gCj47Q.roa (raw, json)
Hash identifier: Iqas/YYL+fv3/BqbZd0PIAWBZsjX+lpDKP2UVn3123Q=
Subject key identifier: EA:A8:3D:5E:69:7D:31:BB:A9:E1:3E:F9:C7:BE:C2:F2:00:A3:E3:B4
Certificate issuer: /CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Certificate serial: 121E1FB4
Authority key identifier: 4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/6qg9Xml9Mbup4T75x77C8gCj47Q.roa
Signing time: Thu 21 Apr 2022 09:03:31 +0000
ROA not before: Thu 21 Apr 2022 09:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51440
IP address blocks: 46.32.219.0/24 maxlen: 24
46.32.218.0/24 maxlen: 24
46.32.217.0/24 maxlen: 24
46.32.216.0/21 maxlen: 21
46.32.216.0/24 maxlen: 24
46.32.215.0/24 maxlen: 24
46.32.214.0/24 maxlen: 24
46.32.223.0/24 maxlen: 24
46.32.222.0/24 maxlen: 24
46.32.221.0/24 maxlen: 24
46.32.220.0/24 maxlen: 24
37.60.145.0/24 maxlen: 24
95.215.131.0/24 maxlen: 24
37.60.144.0/21 maxlen: 21
37.60.144.0/24 maxlen: 24
95.215.130.0/24 maxlen: 24
95.215.129.0/24 maxlen: 24
95.215.128.0/22 maxlen: 22
95.215.128.0/24 maxlen: 24
37.60.151.0/24 maxlen: 24
37.60.150.0/24 maxlen: 24
37.60.149.0/24 maxlen: 24
37.60.148.0/24 maxlen: 24
37.60.147.0/24 maxlen: 24
37.60.146.0/24 maxlen: 24
31.25.78.0/24 maxlen: 24
31.25.77.0/24 maxlen: 24
31.25.76.0/24 maxlen: 24
31.25.75.0/24 maxlen: 24
31.25.74.0/24 maxlen: 24
31.25.73.0/24 maxlen: 24
31.25.72.0/21 maxlen: 21
31.25.72.0/24 maxlen: 24
31.25.79.0/24 maxlen: 24
46.32.192.0/21 maxlen: 21
46.32.192.0/24 maxlen: 24
46.32.192.0/19 maxlen: 19
46.32.199.0/24 maxlen: 24
46.32.198.0/24 maxlen: 24
46.32.197.0/24 maxlen: 24
46.32.196.0/24 maxlen: 24
46.32.195.0/24 maxlen: 24
46.32.194.0/24 maxlen: 24
46.32.193.0/24 maxlen: 24
46.32.206.0/24 maxlen: 24
46.32.205.0/24 maxlen: 24
46.32.204.0/24 maxlen: 24
46.32.203.0/24 maxlen: 24
46.32.202.0/24 maxlen: 24
46.32.201.0/24 maxlen: 24
46.32.200.0/24 maxlen: 24
46.32.200.0/21 maxlen: 21
46.32.213.0/24 maxlen: 24
46.32.212.0/24 maxlen: 24
46.32.211.0/24 maxlen: 24
46.32.210.0/24 maxlen: 24
46.32.209.0/24 maxlen: 24
46.32.208.0/24 maxlen: 24
46.32.208.0/21 maxlen: 21
46.32.207.0/24 maxlen: 24
188.227.233.0/24 maxlen: 24
188.227.232.0/21 maxlen: 21
188.227.232.0/24 maxlen: 24
188.227.239.0/24 maxlen: 24
188.227.238.0/24 maxlen: 24
188.227.237.0/24 maxlen: 24
188.227.236.0/24 maxlen: 24
188.227.235.0/24 maxlen: 24
5.34.166.0/24 maxlen: 24
5.34.165.0/24 maxlen: 24
5.34.164.0/24 maxlen: 24
5.34.163.0/24 maxlen: 24
5.34.162.0/24 maxlen: 24
5.34.161.0/24 maxlen: 24
5.34.160.0/24 maxlen: 24
5.34.160.0/21 maxlen: 21
5.34.167.0/24 maxlen: 24
46.28.139.0/24 maxlen: 24
46.28.138.0/24 maxlen: 24
46.28.137.0/24 maxlen: 24
46.28.136.0/21 maxlen: 21
46.28.136.0/24 maxlen: 24
46.28.143.0/24 maxlen: 24
46.28.142.0/24 maxlen: 24
46.28.141.0/24 maxlen: 24
46.28.140.0/24 maxlen: 24
195.35.85.0/24 maxlen: 24
37.122.159.0/24 maxlen: 24
37.122.158.0/24 maxlen: 24
37.122.158.0/23 maxlen: 23
31.13.166.0/24 maxlen: 24
31.13.165.0/24 maxlen: 24
31.13.164.0/24 maxlen: 24
31.13.161.0/24 maxlen: 24
31.13.167.0/24 maxlen: 24
185.7.123.0/24 maxlen: 24
185.7.122.0/24 maxlen: 24
185.7.121.0/24 maxlen: 24
185.7.120.0/22 maxlen: 22
185.7.120.0/24 maxlen: 24
2a03:2940::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303964084 (0x121e1fb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b57725b0a605d4ddcc464b70dcb3a162a5f055b
Validity
Not Before: Apr 21 09:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eaa83d5e697d31bba9e13ef9c7bec2f200a3e3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1a:31:a6:98:d3:d1:32:b2:d3:ec:e1:72:1c:
2a:72:b5:c1:80:79:ea:96:dc:2a:47:46:3b:97:1c:
3e:b5:a5:0b:db:a0:5d:55:95:e9:99:6e:19:dd:8b:
18:fb:07:a8:49:3d:60:2a:2e:9f:3a:7d:95:d2:78:
ea:10:21:55:78:55:82:f3:29:2f:a5:fe:47:db:8d:
01:c8:97:c6:d2:2e:9f:10:b0:73:fe:e9:bd:83:09:
52:f8:07:94:4d:6d:ce:10:c5:6d:73:ec:e7:5e:fa:
4d:6d:1a:cb:e6:86:08:43:6f:8e:ba:56:fd:9a:ec:
4f:3b:a0:76:cd:c1:cb:4d:c0:1c:42:56:2b:9a:2d:
1a:72:d2:6a:25:92:c5:3b:b8:14:74:07:a1:85:38:
08:36:e8:07:4f:0f:8a:5c:76:6c:39:38:6b:d5:c1:
34:43:a5:54:4c:0d:e0:7c:d5:dc:a6:6b:4d:e2:b6:
25:5a:59:90:13:65:5b:58:de:d2:8f:43:e8:bc:fa:
e7:9b:6f:b0:b2:04:26:ec:70:fe:cc:ec:de:56:8e:
60:ee:5b:96:4b:8f:91:2f:e7:e1:38:e2:13:12:33:
06:c8:99:79:44:95:12:70:1a:84:34:2d:63:bf:d6:
75:81:49:50:3e:ec:8a:19:01:8d:3f:65:73:7d:6c:
09:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A8:3D:5E:69:7D:31:BB:A9:E1:3E:F9:C7:BE:C2:F2:00:A3:E3:B4
X509v3 Authority Key Identifier:
keyid:4B:57:72:5B:0A:60:5D:4D:DC:C4:64:B7:0D:CB:3A:16:2A:5F:05:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1dyWwpgXU3cxGS3Dcs6FipfBVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/6qg9Xml9Mbup4T75x77C8gCj47Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e005c2-affa-458f-aaf8-8af56e733600/1/S1dyWwpgXU3cxGS3Dcs6FipfBVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.160.0/21
31.13.161.0/24
31.13.164.0/22
31.25.72.0/21
37.60.144.0/21
37.122.158.0/23
46.28.136.0/21
46.32.192.0/19
95.215.128.0/22
185.7.120.0/22
188.227.232.0/21
195.35.85.0/24
IPv6:
2a03:2940::/32
Signature Algorithm: sha256WithRSAEncryption
0e:cf:96:91:24:9e:6a:4a:79:87:ba:3f:bf:36:a7:92:9d:f1:
c9:5f:19:98:95:55:f3:a8:b8:58:51:b8:7a:b2:cc:5b:5c:a0:
9b:87:48:0b:f7:80:28:4b:fe:1c:87:08:56:9f:97:7f:ee:34:
50:4e:fa:53:c3:21:5e:d8:0b:c8:0c:61:73:15:1a:45:86:52:
a8:fb:3a:b8:cb:4f:41:ec:a7:6c:35:16:68:b8:a9:5a:76:ee:
9c:33:63:fb:0e:38:4c:e1:b5:33:91:06:ae:cb:de:fa:ff:d0:
b3:9b:5e:85:62:a0:8d:cd:6c:ed:96:a9:fb:94:ab:0e:3d:a3:
d0:d6:32:3d:5f:ff:51:b2:a8:3c:cd:87:9e:78:5c:46:59:72:
bc:c9:0e:48:42:22:ca:25:65:e1:ab:83:93:04:2f:51:55:5f:
a2:80:e7:8b:f3:6b:fa:1d:0f:26:47:43:9f:09:2c:3d:9a:4c:
8d:e9:16:a1:18:a3:11:ff:42:f6:b0:95:6f:4e:c2:09:63:d5:
26:14:3e:af:ba:d4:f0:05:3f:36:65:fa:6d:87:9e:f8:fe:df:
4e:4a:8a:8b:4e:d7:20:4f:a6:67:ea:22:3d:35:3b:3b:1c:a0:
21:92:62:bf:51:53:8c:1e:51:e9:cc:75:46:09:94:63:9e:99:
ce:20:9e:f1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEEh4ftDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjU3NzI1YjBhNjA1ZDRkZGNjNDY0YjcwZGNiM2ExNjJhNWYwNTViMB4XDTIyMDQy
MTA5MDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFhODNkNWU2OTdk
MzFiYmE5ZTEzZWY5YzdiZWMyZjIwMGEzZTNiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsaMaaY09EystPs4XIcKnK1wYB56pbcKkdGO5ccPrWlC9ug
XVWV6ZluGd2LGPsHqEk9YCounzp9ldJ46hAhVXhVgvMpL6X+R9uNAciXxtIunxCw
c/7pvYMJUvgHlE1tzhDFbXPs5176TW0ay+aGCENvjrpW/ZrsTzugds3By03AHEJW
K5otGnLSaiWSxTu4FHQHoYU4CDboB08Pilx2bDk4a9XBNEOlVEwN4HzV3KZrTeK2
JVpZkBNlW1je0o9D6Lz655tvsLIEJuxw/szs3laOYO5blkuPkS/n4TjiExIzBsiZ
eUSVEnAahDQtY7/WdYFJUD7sihkBjT9lc31sCc0CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBTqqD1eaX0xu6nhPvnHvsLyAKPjtDAfBgNVHSMEGDAWgBRLV3JbCmBdTdzE
ZLcNyzoWKl8FWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxZHlXd3BnWFUzY3hHUzNEY3M2RmlwZkJWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8x
LzZxZzlYbWw5TWJ1cDRUNzV4NzdDOGdDajQ3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
ZTAwNWMyLWFmZmEtNDU4Zi1hYWY4LThhZjU2ZTczMzYwMC8xL1MxZHlXd3BnWFUz
Y3hHUzNEY3M2RmlwZkJWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAwUioAMEAB8NoQMEAh8NpAMEAx8Z
SAMEAyU8kAMEASV6ngMEAy4ciAMEBS4gwAMEAl/XgAMEArkHeAMEA7zj6AMEAMMj
VTANBAIAAjAHAwUAKgMpQDANBgkqhkiG9w0BAQsFAAOCAQEADs+WkSSeakp5h7o/
vzankp3xyV8ZmJVV86i4WFG4erLMW1ygm4dIC/eAKEv+HIcIVp+Xf+40UE76U8Mh
XtgLyAxhcxUaRYZSqPs6uMtPQeynbDUWaLipWnbunDNj+w44TOG1M5EGrsve+v/Q
s5tehWKgjc1s7Zap+5SrDj2j0NYyPV//UbKoPM2HnnhcRllyvMkOSEIiyiVl4auD
kwQvUVVfooDni/Nr+h0PJkdDnwksPZpMjekWoRijEf9C9rCVb07CCWPVJhQ+r7rU
8AU/NmX6bYee+P7fTkqKi07XIE+mZ+oiPTU7OxygIZJiv1FTjB5R6cx1RgmUY56Z
ziCe8Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:13 2023 by rpki-client on console-fra.rpki-client.org