Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NPDR6fVEhAJWzJnUTgBIMaBtxr8.roa
File: NPDR6fVEhAJWzJnUTgBIMaBtxr8.roa (raw, json)
Hash identifier: G4Y3WHz/oEtYsUsW4R8pXJzlMF/nCcAa3M6wTzQZNPs=
Subject key identifier: 34:F0:D1:E9:F5:44:84:02:56:CC:99:D4:4E:00:48:31:A0:6D:C6:BF
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0194CBB41EB0E37DA3848E823F3BB59DA327
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NPDR6fVEhAJWzJnUTgBIMaBtxr8.roa
Signing time: Mon 03 Feb 2025 12:06:06 +0000
ROA not before: Mon 03 Feb 2025 12:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.0.0/19 maxlen: 24
37.148.32.0/20 maxlen: 24
37.148.48.0/23 maxlen: 24
37.148.56.0/21 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/21 maxlen: 24
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/15 maxlen: 24
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:b4:1e:b0:e3:7d:a3:84:8e:82:3f:3b:b5:9d:a3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 3 12:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34f0d1e9f544840256cc99d44e004831a06dc6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:11:20:25:a8:62:fd:b2:12:86:0a:8f:0c:
99:03:3b:d0:c7:e4:3a:51:14:db:9e:a5:a4:24:17:
e5:01:9d:76:86:2f:45:ab:97:d2:4a:49:87:ff:f5:
f3:67:28:be:ff:be:d4:ac:b6:4f:8c:51:b8:61:a6:
c4:30:1d:e3:ee:17:b8:76:73:f8:a7:28:b4:6e:52:
44:0e:97:11:4b:c0:3b:cd:3e:3f:8e:10:26:8b:0f:
f4:3c:ac:db:a1:07:38:a4:52:ad:7d:a5:af:db:86:
96:dc:1d:80:fc:ee:a7:b8:21:c0:9e:34:b5:1c:b2:
ba:48:61:10:82:c8:14:be:4a:5d:3e:c9:df:95:ce:
c6:66:38:32:56:19:03:89:56:45:81:59:55:e0:3b:
a0:44:c9:d4:50:08:69:5c:e2:73:4b:81:f7:59:f3:
e5:21:71:7c:33:cb:ac:45:82:29:ab:2d:64:31:06:
27:b2:d3:68:5c:c7:ce:6f:53:3f:b7:b0:0b:7c:81:
6f:ab:12:83:9a:f5:8f:f7:97:4f:6d:b9:92:45:3a:
11:74:e3:35:db:b5:01:95:5c:c3:a2:1e:88:90:0a:
3a:ff:a7:71:f8:e8:ee:44:02:20:ad:97:01:74:71:
29:54:36:e0:f5:5f:e8:a7:c8:1a:f7:c8:d1:1a:75:
ea:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F0:D1:E9:F5:44:84:02:56:CC:99:D4:4E:00:48:31:A0:6D:C6:BF
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/NPDR6fVEhAJWzJnUTgBIMaBtxr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.0.0-37.148.49.255
37.148.56.0/21
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0/15
151.244.48.0-151.244.227.255
151.246.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:6b:b1:77:6a:42:20:0d:ff:34:ce:5e:4c:90:8c:4e:d9:b4:
de:14:dc:90:62:86:d8:32:9d:75:ae:29:21:44:fd:82:be:a7:
da:e5:5a:08:a8:66:01:78:de:c3:44:a5:f4:85:96:d0:84:ed:
5b:32:fe:69:85:91:ee:1c:90:76:b4:19:f3:5b:47:f1:d2:d6:
08:dd:3a:8b:74:3b:ab:88:54:a4:4b:52:00:97:0f:c1:a4:48:
46:ce:ba:29:c4:b4:9d:1d:70:82:d5:02:63:ff:49:bd:6f:ab:
49:6c:7a:45:db:bc:84:b4:71:8e:c3:58:f3:af:27:24:a8:00:
f0:b1:cf:77:4b:4f:26:fa:67:e0:5e:cc:80:25:2e:4a:78:a1:
ff:16:93:f5:ff:00:dc:4c:e0:7e:2b:c8:c1:08:91:99:2a:ad:
da:58:73:4b:ae:41:68:7e:24:b5:0f:70:35:5b:35:83:f1:2c:
12:d5:f6:d5:21:0a:b3:9c:90:1c:a9:0f:8c:02:20:1e:f0:92:
7a:ff:b2:7b:9c:77:7b:d7:4d:4d:f9:8b:94:b6:01:c2:15:58:
ec:c5:97:44:ea:18:d2:52:2a:73:be:7d:9f:d6:0b:a9:21:16:
a0:f9:c0:79:22:e4:41:15:77:db:fc:31:35:c7:3a:a4:91:59:
4b:23:08:13
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZTLtB6w432jhI6CPzu1naMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMjAzMTIwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYwZDFlOWY1NDQ4NDAyNTZjYzk5ZDQ0ZTAwNDgzMWEwNmRjNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqgRICWoYv2yEoYKjwyZAzvQx+Q6
URTbnqWkJBflAZ12hi9Fq5fSSkmH//XzZyi+/77UrLZPjFG4YabEMB3j7he4dnP4
pyi0blJEDpcRS8A7zT4/jhAmiw/0PKzboQc4pFKtfaWv24aW3B2A/O6nuCHAnjS1
HLK6SGEQgsgUvkpdPsnflc7GZjgyVhkDiVZFgVlV4DugRMnUUAhpXOJzS4H3WfPl
IXF8M8usRYIpqy1kMQYnstNoXMfOb1M/t7ALfIFvqxKDmvWP95dPbbmSRToRdOM1
27UBlVzDoh6IkAo6/6dx+OjuRAIgrZcBdHEpVDbg9V/op8ga98jRGnXqzwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFDTw0en1RIQCVsyZ1E4ASDGgbca/MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvTlBEUjZmVkVoQUpXekpuVVRnQklNYUJ0eHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9MAsDAwIllAME
ASWUMAMEAyWUOAMEAyWUeAMEBiXKgAMEAVUPMAMDAV62MAwDBASX9DADBAKX9OAD
AwGX9jANBgkqhkiG9w0BAQsFAAOCAQEATmuxd2pCIA3/NM5eTJCMTtm03hTckGKG
2DKdda4pIUT9gr6n2uVaCKhmAXjew0Sl9IWW0ITtWzL+aYWR7hyQdrQZ81tH8dLW
CN06i3Q7q4hUpEtSAJcPwaRIRs66KcS0nR1wgtUCY/9JvW+rSWx6Rdu8hLRxjsNY
868nJKgA8LHPd0tPJvpn4F7MgCUuSnih/xaT9f8A3EzgfivIwQiRmSqt2lhzS65B
aH4ktQ9wNVs1g/EsEtX21SEKs5yQHKkPjAIgHvCSev+ye5x3e9dNTfmLlLYBwhVY
7MWXROoY0lIqc759n9YLqSEWoPnAeSLkQRV32/wxNcc6pJFZSyMIEw==
-----END CERTIFICATE-----
Generated at Sat May 10 23:05:53 2025 by rpki-client