Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/379mHg8rPRNlGo-XLgWngLY28qA.roa
File: 379mHg8rPRNlGo-XLgWngLY28qA.roa (raw, json)
Hash identifier: axZKlE32E0+52j7V07MLUo6NopWj1s2lcCC+8yYMBC4=
Subject key identifier: DF:BF:66:1E:0F:2B:3D:13:65:1A:8F:97:2E:05:A7:80:B6:36:F2:A0
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 01937D1A83FCC1B89B70DBD3311B39CE78D4
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/379mHg8rPRNlGo-XLgWngLY28qA.roa
Signing time: Sat 30 Nov 2024 12:45:09 +0000
ROA not before: Sat 30 Nov 2024 12:45:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205647
IP address blocks: 37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.240.240.0/21 maxlen: 21
151.240.240.0/23 maxlen: 23
151.240.242.0/23 maxlen: 23
151.240.244.0/23 maxlen: 23
151.241.216.0/23 maxlen: 23
151.241.218.0/23 maxlen: 23
151.241.220.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.242.0.0/21 maxlen: 21
151.242.8.0/22 maxlen: 22
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7d:1a:83:fc:c1:b8:9b:70:db:d3:31:1b:39:ce:78:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 30 12:45:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfbf661e0f2b3d13651a8f972e05a780b636f2a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:64:fd:90:f1:90:78:60:b8:4b:86:25:6b:17:
c3:82:d4:68:33:cb:af:d7:74:b1:97:00:23:b6:6d:
1e:f1:1f:0f:cd:51:11:d6:94:e5:0f:5a:32:e2:21:
0e:00:5b:0d:29:aa:bd:6d:83:2c:83:f6:ed:18:25:
c7:b9:ce:ed:da:c7:ab:ba:16:12:eb:80:08:5c:af:
14:8e:b8:a1:b8:cc:21:f9:0c:ba:86:23:3a:5a:f2:
8d:aa:4e:4b:1d:33:b2:63:72:da:17:c1:5d:9e:eb:
3e:a9:69:c1:72:6e:e5:6a:19:1e:8a:77:b7:af:e1:
34:42:bd:cb:41:ca:fb:bb:19:5b:55:67:46:61:27:
50:34:9f:df:88:70:35:db:c9:43:e4:e9:08:f6:d5:
50:b0:c7:ea:c8:b9:96:7b:cd:fd:8e:ed:32:c4:6a:
4c:13:e5:29:27:9c:aa:d5:00:27:4d:7d:3f:15:33:
23:21:d3:06:02:da:d4:03:ec:10:97:63:74:94:94:
34:f4:f1:3e:87:4f:8c:5b:63:5e:45:e4:5e:8d:14:
b7:ae:6e:e0:73:d0:7d:d6:b0:29:3f:c5:0d:ee:b7:
49:40:1e:49:8c:55:7a:89:f3:50:55:4c:81:ed:53:
85:f0:4e:b3:4e:cc:67:c0:84:64:e1:fd:93:40:e2:
41:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BF:66:1E:0F:2B:3D:13:65:1A:8F:97:2E:05:A7:80:B6:36:F2:A0
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/379mHg8rPRNlGo-XLgWngLY28qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.128.0-37.202.183.255
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.216.0-151.241.231.255
151.242.0.0-151.242.11.255
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
03:6b:50:31:88:b2:23:b8:79:14:45:fd:c9:01:bd:a8:ed:ba:
bd:48:26:ff:14:d6:70:13:b0:91:d1:76:94:83:36:8a:bc:43:
e2:b3:f2:05:7e:f4:05:84:97:c2:e4:42:85:23:36:8d:60:4a:
d0:1b:36:b3:74:33:b6:fa:49:da:6f:33:ef:27:25:33:b0:8e:
ca:2f:a1:17:cd:6e:42:1c:d4:56:7d:b1:0c:7a:3d:fe:fe:f5:
ea:98:06:26:d2:7b:c5:c9:df:49:ff:04:87:9b:8f:78:64:eb:
2c:88:2c:89:c0:66:b1:ed:f7:dd:f9:fc:96:b6:ab:10:8d:c9:
dc:de:13:ab:f3:0b:6a:db:bc:d7:7b:e4:96:39:c8:47:d9:4a:
7b:13:c4:6b:45:f3:19:c5:34:bc:ca:18:31:1b:20:08:6f:93:
26:21:1e:ee:dd:6d:9c:b8:0d:f5:4c:d0:3d:35:be:02:db:c2:
c9:06:29:f4:bf:d0:3c:42:75:df:20:be:d6:4d:de:98:ab:4f:
2c:ab:48:ee:b5:bc:1a:c2:11:61:7e:0b:11:63:f0:26:84:23:
d7:25:32:9f:79:5e:50:04:c0:03:41:5a:51:58:47:8a:b5:77:
98:43:0e:ad:e4:e0:06:cd:80:c6:0e:26:cf:79:f1:0f:33:85:
67:bc:2c:5d
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZN9GoP8wbibcNvTMRs5znjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQxMTMwMTI0NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmJmNjYxZTBmMmIzZDEzNjUxYThmOTcyZTA1YTc4MGI2MzZmMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2T9kPGQeGC4S4YlaxfDgtRoM8uv
13SxlwAjtm0e8R8PzVER1pTlD1oy4iEOAFsNKaq9bYMsg/btGCXHuc7t2seruhYS
64AIXK8UjrihuMwh+Qy6hiM6WvKNqk5LHTOyY3LaF8Fdnus+qWnBcm7lahkeine3
r+E0Qr3LQcr7uxlbVWdGYSdQNJ/fiHA128lD5OkI9tVQsMfqyLmWe839ju0yxGpM
E+UpJ5yq1QAnTX0/FTMjIdMGAtrUA+wQl2N0lJQ09PE+h0+MW2NeReRejRS3rm7g
c9B91rApP8UN7rdJQB5JjFV6ifNQVUyB7VOF8E6zTsxnwIRk4f2TQOJBVwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFN+/Zh4PKz0TZRqPly4Fp4C2NvKgMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvMzc5bUhnOHJQUk5sR28tWExnV25nTFkyOHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDCBgQQCAAEwezAMAwQH
JcqAAwQDJcqwAwQBVQ8wAwMBXrYDBAOX8FADBAKX8KgDBAOX8MADBAOX8PAwDAME
A5fx2AMEA5fx4DALAwMBl/IDBAKX8ggwDAMEBJf0MAMEApf04DALAwMBl/YDBAKX
9xAwDAMEAZf31gMEAZf38AMEApf3+DANBgkqhkiG9w0BAQsFAAOCAQEAA2tQMYiy
I7h5FEX9yQG9qO26vUgm/xTWcBOwkdF2lIM2irxD4rPyBX70BYSXwuRChSM2jWBK
0Bs2s3QztvpJ2m8z7yclM7COyi+hF81uQhzUVn2xDHo9/v716pgGJtJ7xcnfSf8E
h5uPeGTrLIgsicBmse333fn8lrarEI3J3N4Tq/MLatu813vkljnIR9lKexPEa0Xz
GcU0vMoYMRsgCG+TJiEe7t1tnLgN9UzQPTW+AtvCyQYp9L/QPEJ13yC+1k3emKtP
LKtI7rW8GsIRYX4LEWPwJoQj1yUyn3leUATAA0FaUVhHirV3mEMOreTgBs2Axg4m
z3nxDzOFZ7wsXQ==
-----END CERTIFICATE-----
Generated at Wed May 14 13:02:34 2025 by rpki-client