Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Oi5ehab61UCGmDnrnkHg-5rMmWk.roa
File: Oi5ehab61UCGmDnrnkHg-5rMmWk.roa (raw, json)
Hash identifier: +eJFbReUJF0yO0U3vsuvL7/hpFvXHZfkHXvwK+V6868=
Subject key identifier: 3A:2E:5E:85:A6:FA:D5:40:86:98:39:EB:9E:41:E0:FB:9A:CC:99:69
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019440A81ED4FE53946E92C5763CB0B8D422
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Oi5ehab61UCGmDnrnkHg-5rMmWk.roa
Signing time: Tue 07 Jan 2025 12:05:47 +0000
ROA not before: Tue 07 Jan 2025 12:05:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:a8:1e:d4:fe:53:94:6e:92:c5:76:3c:b0:b8:d4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 7 12:05:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a2e5e85a6fad540869839eb9e41e0fb9acc9969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fe:d2:b8:20:13:ab:5c:fc:42:18:48:35:1d:
e3:42:5d:95:9c:0b:d6:b8:13:29:90:d7:2d:82:f2:
8a:15:b8:f6:15:1a:40:56:63:f5:c1:cd:15:19:35:
6c:ef:e1:9a:cf:11:7f:cb:93:b8:b4:05:fe:88:88:
84:f6:ff:23:a0:33:8e:f2:19:96:43:b4:c4:dc:0f:
44:45:41:d6:67:d5:81:ee:dc:38:5a:20:a0:ee:8a:
6a:af:09:4a:94:20:9c:4c:cf:22:7a:8f:cc:70:56:
fd:20:cb:a8:40:34:a2:ff:f8:14:8c:08:3a:7a:5a:
aa:93:66:c4:c2:fc:20:af:97:6d:b1:72:45:58:8b:
7d:9f:7c:ed:4a:f7:17:7b:0b:e5:6e:6f:ca:e2:2a:
cf:e6:b5:5c:50:44:b5:2a:a7:30:52:d7:99:8f:f6:
5f:22:8d:d3:28:ce:6f:ad:b8:5e:83:83:9b:a7:b4:
50:e2:8c:1f:50:1b:92:fa:82:e1:31:58:5a:db:75:
14:e4:75:f6:1a:4c:59:5c:e1:93:df:62:d0:c9:0b:
57:71:cd:61:55:47:00:5a:34:d9:25:0e:95:4f:43:
4f:94:9d:e0:76:74:9b:85:98:59:5f:1d:fe:19:a2:
69:13:f7:dc:99:37:a6:00:6c:c3:ea:99:50:1c:94:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2E:5E:85:A6:FA:D5:40:86:98:39:EB:9E:41:E0:FB:9A:CC:99:69
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Oi5ehab61UCGmDnrnkHg-5rMmWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0/15
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
13:a2:10:f5:69:ee:93:5d:d1:16:e3:ae:e1:7d:f6:6b:5c:e9:
88:e1:34:d0:ac:99:1a:92:fb:23:b6:a0:12:54:f7:12:5b:94:
4f:df:3f:4d:30:8b:9e:c4:02:f7:d5:3f:20:29:bd:24:68:ed:
63:c1:cd:36:21:c1:49:00:07:05:30:d3:6f:2d:75:ff:aa:3c:
27:f6:8f:0b:af:bb:32:eb:36:13:1d:3e:19:3c:ac:30:78:ea:
54:eb:b4:15:f6:70:5e:31:72:d7:e0:1b:f2:9c:ab:83:0a:b9:
0c:56:f2:52:dd:3c:b9:56:5c:d2:05:45:84:f9:a1:db:a4:24:
ca:e2:48:b1:c6:d3:dd:ad:96:1f:af:15:c5:ae:17:8b:d3:5a:
93:67:05:7a:f7:d9:f7:bb:4a:9b:96:ff:a9:cf:e3:8e:49:65:
bf:94:25:20:65:1c:a3:e7:43:7e:1f:c9:21:f1:34:47:bf:c2:
38:8c:a8:b6:a8:df:6d:af:0e:fe:1f:78:fe:66:5a:d4:a7:05:
d7:31:a4:a7:1b:82:28:32:5a:ca:be:d6:b6:14:9f:4c:e2:30:
dd:09:a2:1b:42:86:fd:a1:76:22:91:93:cd:30:8d:a9:1e:46:
9c:5a:9b:bd:4b:74:9f:0b:2b:22:0f:ff:36:28:01:a0:01:1a:
be:29:70:4e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZRAqB7U/lOUbpLFdjywuNQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMTA3MTIwNTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTJlNWU4NWE2ZmFkNTQwODY5ODM5ZWI5ZTQxZTBmYjlhY2M5OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/7SuCATq1z8QhhINR3jQl2VnAvW
uBMpkNctgvKKFbj2FRpAVmP1wc0VGTVs7+GazxF/y5O4tAX+iIiE9v8joDOO8hmW
Q7TE3A9ERUHWZ9WB7tw4WiCg7opqrwlKlCCcTM8ieo/McFb9IMuoQDSi//gUjAg6
elqqk2bEwvwgr5dtsXJFWIt9n3ztSvcXewvlbm/K4irP5rVcUES1KqcwUteZj/Zf
Io3TKM5vrbheg4Obp7RQ4owfUBuS+oLhMVha23UU5HX2GkxZXOGT32LQyQtXcc1h
VUcAWjTZJQ6VT0NPlJ3gdnSbhZhZXx3+GaJpE/fcmTemAGzD6plQHJRAYwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDouXoWm+tVAhpg5655B4PuazJlpMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvT2k1ZWhhYjYxVUNHbURucm5rSGctNXJNbVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDJZR4AwQG
JcqAAwQBVQ8wAwMBXrYwDAMEBJf0MAMEApf04DALAwMBl/YDBAKX9xAwDAMEAZf3
1gMEAZf38AMEApf3+DANBgkqhkiG9w0BAQsFAAOCAQEAE6IQ9Wnuk13RFuOu4X32
a1zpiOE00KyZGpL7I7agElT3EluUT98/TTCLnsQC99U/ICm9JGjtY8HNNiHBSQAH
BTDTby11/6o8J/aPC6+7Mus2Ex0+GTysMHjqVOu0FfZwXjFy1+Ab8pyrgwq5DFby
Ut08uVZc0gVFhPmh26QkyuJIscbT3a2WH68Vxa4Xi9Nak2cFevfZ97tKm5b/qc/j
jkllv5QlIGUco+dDfh/JIfE0R7/COIyotqjfba8O/h94/mZa1KcF1zGkpxuCKDJa
yr7WthSfTOIw3QmiG0KG/aF2IpGTzTCNqR5GnFqbvUt0nwsrIg//NigBoAEavilw
Tg==
-----END CERTIFICATE-----
Generated at Wed May 14 14:10:35 2025 by rpki-client