Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/PdrSxx94Asq0zCQ51nED7HUSMDk.roa
File: PdrSxx94Asq0zCQ51nED7HUSMDk.roa (raw, json)
Hash identifier: CmcWKMdbqsCAIMuBos8tXVaapvNmWrKVg0vKg8nrFB4=
Subject key identifier: 3D:DA:D2:C7:1F:78:02:CA:B4:CC:24:39:D6:71:03:EC:75:12:30:39
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018CC64B371E7D00E5653390846BAEB6B9AB
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/PdrSxx94Asq0zCQ51nED7HUSMDk.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.0.0/19 maxlen: 19
217.60.0.0/18 maxlen: 18
217.60.0.0/16 maxlen: 16
217.60.24.0/21 maxlen: 21
217.60.36.0/23 maxlen: 23
217.60.32.0/22 maxlen: 22
217.60.32.0/20 maxlen: 20
217.60.36.0/22 maxlen: 22
217.60.38.0/23 maxlen: 23
217.60.40.0/21 maxlen: 21
217.60.48.0/20 maxlen: 20
37.148.0.0/18 maxlen: 24
37.148.0.0/17 maxlen: 18
217.60.108.0/22 maxlen: 22
217.60.128.0/18 maxlen: 18
217.60.128.0/19 maxlen: 19
217.60.150.0/24 maxlen: 24
217.60.64.0/20 maxlen: 20
217.60.64.0/18 maxlen: 18
217.60.80.0/20 maxlen: 20
217.60.96.0/21 maxlen: 21
217.60.104.0/22 maxlen: 22
84.241.0.0/18 maxlen: 24
185.73.3.0/24 maxlen: 24
185.73.0.0/22 maxlen: 22
185.73.2.0/24 maxlen: 24
185.73.2.0/23 maxlen: 23
185.73.0.0/23 maxlen: 23
151.240.0.0/13 maxlen: 24
151.247.64.0/18 maxlen: 18
151.245.248.0/22 maxlen: 22
151.245.248.0/21 maxlen: 21
151.245.252.0/22 maxlen: 22
31.57.208.0/20 maxlen: 20
151.244.106.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.128.0/19 maxlen: 19
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
94.183.176.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.216.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
31.56.80.0/20 maxlen: 20
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
31.56.16.0/20 maxlen: 20
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
31.56.0.0/14 maxlen: 24
151.244.192.0/22 maxlen: 22
31.56.32.0/20 maxlen: 20
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.238.0.0/15 maxlen: 24
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
85.15.0.0/18 maxlen: 24
217.60.219.0/24 maxlen: 24
217.60.216.0/21 maxlen: 21
217.60.224.0/20 maxlen: 20
217.60.230.0/24 maxlen: 24
217.60.231.0/24 maxlen: 24
217.60.240.0/20 maxlen: 20
94.182.64.0/20 maxlen: 20
37.202.128.0/18 maxlen: 18
37.202.128.0/17 maxlen: 17
217.60.160.0/19 maxlen: 19
217.60.160.0/21 maxlen: 21
217.60.160.0/20 maxlen: 20
217.60.161.0/24 maxlen: 24
217.60.171.0/24 maxlen: 24
217.60.168.0/23 maxlen: 23
217.60.170.0/24 maxlen: 24
217.60.176.0/21 maxlen: 21
217.60.176.0/24 maxlen: 24
217.60.184.0/22 maxlen: 22
37.148.78.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.192.0/20 maxlen: 20
217.60.192.0/18 maxlen: 18
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
94.182.0.0/15 maxlen: 24
217.60.207.0/24 maxlen: 24
217.60.209.0/24 maxlen: 24
217.60.208.0/20 maxlen: 20
217.60.212.0/22 maxlen: 22
217.60.208.0/23 maxlen: 23
37.202.192.0/18 maxlen: 18
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.80.0/20 maxlen: 20
37.202.136.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.112.0/20 maxlen: 20
94.182.128.0/20 maxlen: 20
2a0e:0:1:3000::/52 maxlen: 52
2a0e:0:1:2000::/52 maxlen: 52
2a0e:0:1:1000::/52 maxlen: 52
2a0e:0:1::/52 maxlen: 52
2a0e::/26 maxlen: 26
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:37:1e:7d:00:e5:65:33:90:84:6b:ae:b6:b9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ddad2c71f7802cab4cc2439d67103ec75123039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bf:29:dc:c9:79:9a:79:29:94:b7:67:f0:22:
3f:15:e9:95:16:e6:e2:04:e8:48:5a:d3:df:3f:5d:
89:15:4c:56:c4:d4:b2:32:e4:d3:3f:2d:b5:fd:29:
26:8d:2c:a5:6c:71:c5:59:8a:50:50:38:ea:2c:fd:
ac:d5:fa:5c:de:8e:58:3b:0c:0a:df:b1:46:14:32:
ed:40:d8:fe:97:38:f6:e9:ea:6e:50:8a:60:e7:f1:
00:0f:c8:3d:41:fb:5a:b6:be:7a:b9:d4:bb:17:a6:
7b:c1:f3:d9:0b:07:b2:16:3f:79:5a:f6:48:c3:7f:
db:ec:a7:c0:93:28:51:4c:a4:29:ff:ba:2e:87:10:
95:ad:29:91:91:24:26:36:10:dd:a4:00:36:d0:7b:
87:18:fe:5f:26:a2:b9:ba:09:c7:0e:7b:70:4d:20:
86:b0:48:d8:21:8e:95:36:51:76:8e:48:3f:e8:5f:
6a:bd:d3:69:20:bc:53:fc:05:47:27:33:4a:f5:cf:
7f:8f:59:8a:ae:d4:62:eb:4e:08:b2:c7:19:f4:17:
16:71:17:40:66:9f:78:f8:2e:e8:bb:42:6c:35:35:
c1:d5:cd:96:d2:a3:8f:f4:1b:24:94:a1:d1:23:64:
b3:59:e6:a9:c5:fc:73:a9:20:a1:4a:75:f4:96:14:
b6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:DA:D2:C7:1F:78:02:CA:B4:CC:24:39:D6:71:03:EC:75:12:30:39
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/PdrSxx94Asq0zCQ51nED7HUSMDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0/14
37.148.0.0/17
37.202.128.0/17
84.241.0.0/18
85.15.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
185.73.0.0/22
217.60.0.0/16
IPv6:
2a0e::/26
Signature Algorithm: sha256WithRSAEncryption
9a:81:bf:38:a3:8a:17:84:0a:ef:51:d8:06:55:5f:26:7e:79:
06:30:47:34:a4:7a:63:ca:0f:9e:31:8b:a8:bc:72:c5:d9:e4:
7a:f0:66:80:79:5c:02:6e:c4:d5:a8:fd:1a:b7:6b:cc:6c:73:
5c:1a:a0:d2:34:08:54:28:10:d5:98:89:a6:24:16:74:5b:c4:
13:82:5a:e5:c0:32:6b:52:30:91:4c:cf:8a:7d:c5:d6:bc:79:
7b:eb:c1:bb:58:2c:e0:55:99:08:fb:c5:b1:3d:9e:5d:97:86:
28:44:25:d6:48:0a:76:e3:67:c3:7a:cc:7b:b2:ad:a6:c5:0d:
d1:e5:f4:4e:af:81:24:a1:5e:7a:3a:08:b9:16:6b:4b:ca:55:
b9:c0:06:00:29:7b:3e:97:83:d8:1c:a2:bc:ee:ac:84:66:e5:
79:99:bf:81:e8:6d:e2:55:9c:7c:9b:10:18:1e:ab:d9:cb:5c:
27:f5:22:b5:39:20:ed:eb:10:aa:1a:00:77:4d:0b:bc:68:4d:
13:14:32:7d:6a:06:e3:be:7c:e5:62:a1:12:ba:76:33:77:39:
24:d0:7b:c6:a6:b5:fd:05:14:81:7b:e5:24:d1:cb:a1:6b:a2:
f1:fa:2e:6d:05:d8:b9:82:20:2e:dd:cf:57:88:cf:0e:80:40:
03:f0:1e:91
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzGSzcefQDlZTOQhGuutrmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGRhZDJjNzFmNzgwMmNhYjRjYzI0MzlkNjcxMDNlYzc1MTIzMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL8p3Ml5mnkplLdn8CI/FemVFubi
BOhIWtPfP12JFUxWxNSyMuTTPy21/SkmjSylbHHFWYpQUDjqLP2s1fpc3o5YOwwK
37FGFDLtQNj+lzj26epuUIpg5/EAD8g9Qftatr56udS7F6Z7wfPZCweyFj95WvZI
w3/b7KfAkyhRTKQp/7ouhxCVrSmRkSQmNhDdpAA20HuHGP5fJqK5ugnHDntwTSCG
sEjYIY6VNlF2jkg/6F9qvdNpILxT/AVHJzNK9c9/j1mKrtRi604IsscZ9BcWcRdA
Zp94+C7ou0JsNTXB1c2W0qOP9BsklKHRI2SzWeapxfxzqSChSnX0lhS2lQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFD3a0scfeALKtMwkOdZxA+x1EjA5MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvUGRyU3h4OTRBc3EwekNRNTFuRUQ3SFVTTURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwMCHzgDBAcl
lAADBAclyoADBAZU8QADBAZVDwADAwFetjAKAwMBl+4DAwOX8AMEArlJAAMDANk8
MA0EAgACMAcDBQYqDgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCagb84o4oXhArvUdgG
VV8mfnkGMEc0pHpjyg+eMYuovHLF2eR68GaAeVwCbsTVqP0at2vMbHNcGqDSNAhU
KBDVmImmJBZ0W8QTglrlwDJrUjCRTM+KfcXWvHl768G7WCzgVZkI+8WxPZ5dl4Yo
RCXWSAp242fDesx7sq2mxQ3R5fROr4EkoV56Ogi5FmtLylW5wAYAKXs+l4PYHKK8
7qyEZuV5mb+B6G3iVZx8mxAYHqvZy1wn9SK1OSDt6xCqGgB3TQu8aE0TFDJ9agbj
vnzlYqESunYzdzkk0HvGprX9BRSBe+Uk0cuha6Lx+i5tBdi5giAu3c9XiM8OgEAD
8B6R
-----END CERTIFICATE-----
Generated at Sun May 11 10:17:14 2025 by rpki-client