Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/m6gDrzuFib2QoxkHU1Y_N4IZtF4.roa
File: m6gDrzuFib2QoxkHU1Y_N4IZtF4.roa (raw, json)
Hash identifier: M47qoRj2gxPFhHuLxChjOudVKJSXCip164sNIYkeuWw=
Subject key identifier: 9B:A8:03:AF:3B:85:89:BD:90:A3:19:07:53:56:3F:37:82:19:B4:5E
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0194171942CD9545BF73465317763C4E5B71
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/m6gDrzuFib2QoxkHU1Y_N4IZtF4.roa
Signing time: Mon 30 Dec 2024 10:25:18 +0000
ROA not before: Mon 30 Dec 2024 10:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.240.240.0/21 maxlen: 21
151.240.240.0/23 maxlen: 23
151.240.242.0/23 maxlen: 23
151.240.244.0/23 maxlen: 23
151.241.216.0/23 maxlen: 23
151.241.218.0/23 maxlen: 23
151.241.220.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:17:19:42:cd:95:45:bf:73:46:53:17:76:3c:4e:5b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Dec 30 10:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ba803af3b8589bd90a3190753563f378219b45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:d7:a8:7f:53:3a:55:30:76:d3:c1:cd:90:
68:d5:2e:16:2d:4b:6e:f6:4c:fe:25:fe:27:6a:59:
a2:cd:3a:78:ba:91:69:47:f1:0e:c8:69:cb:35:8a:
68:f0:cc:e4:d5:cb:02:bc:b1:67:b6:04:09:2d:a1:
60:4f:ed:be:26:2e:fc:71:a5:39:28:a8:35:b7:e0:
39:6b:e8:52:b4:03:09:5b:af:cb:80:98:fb:f4:6e:
30:83:3a:fa:b1:ff:8d:6f:a5:ab:67:d7:e8:bb:5d:
45:0a:4c:83:b3:d5:a4:5b:f5:39:0c:13:59:e3:dc:
3e:99:5d:93:de:8c:c7:63:23:82:3c:0e:e8:78:53:
79:40:e8:00:b4:41:f5:fc:42:43:6e:17:65:70:18:
92:0a:3e:eb:36:a3:84:d4:c3:e0:29:47:c8:d4:0b:
43:bd:50:73:2c:74:62:64:ba:84:bd:67:ac:eb:6e:
ce:73:27:2a:6d:5d:ac:7f:0c:06:3e:c5:19:2b:7f:
b7:e7:b3:72:c8:a6:b2:45:da:da:4d:62:06:e2:74:
61:9d:e2:2b:b4:1f:47:77:d4:0b:d4:28:ef:29:19:
bb:79:4f:52:a2:98:88:3d:04:15:31:af:94:5c:ba:
d6:7a:a1:b4:37:95:3a:82:1f:35:40:08:e7:79:90:
b9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A8:03:AF:3B:85:89:BD:90:A3:19:07:53:56:3F:37:82:19:B4:5E
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/m6gDrzuFib2QoxkHU1Y_N4IZtF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.216.0-151.241.231.255
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:f3:a6:03:e5:94:a3:4b:45:bc:8b:6e:94:59:02:1e:24:0b:
00:56:c5:f6:8c:53:4b:cf:8d:9e:84:8e:2a:dc:1c:20:98:e3:
a8:ac:6f:20:df:a7:bc:08:dc:b4:ad:9b:f1:5b:78:7b:b7:a9:
f7:b9:86:58:b2:af:77:b0:4b:08:60:cc:98:ad:55:c4:b6:28:
59:80:40:f0:9d:90:ef:be:20:7c:8f:77:78:eb:73:97:97:a8:
c6:a8:ca:82:3c:31:7f:47:f5:5c:67:f9:23:6a:4a:67:b3:e3:
a2:4e:8f:a2:34:26:5a:b0:45:3d:fd:f0:90:43:0c:f4:b8:d2:
68:75:ad:0f:f8:8c:51:2f:75:45:42:25:59:8f:85:72:1e:de:
fe:d3:65:20:6a:f0:04:70:0c:7c:50:1c:3d:8b:b7:e1:9d:fd:
40:87:49:17:94:95:50:89:77:1e:ab:db:77:ff:a9:b8:3c:bf:
f7:db:17:de:a6:66:72:1d:41:f1:35:7d:b3:43:f0:d0:e6:86:
87:b7:e5:66:f8:3c:5e:22:de:06:da:f3:99:e3:b3:98:fa:d1:
6a:b9:ab:10:c0:15:e9:44:61:da:9c:fd:e2:1e:8f:04:0c:5b:
ff:b5:f2:64:8e:48:fe:12:ee:50:d3:4e:3a:2a:2b:29:e3:9e:
18:bc:c1:1c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQXGULNlUW/c0ZTF3Y8TltxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQxMjMwMTAyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmE4MDNhZjNiODU4OWJkOTBhMzE5MDc1MzU2M2YzNzgyMTliNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE/XqH9TOlUwdtPBzZBo1S4WLUtu
9kz+Jf4nalmizTp4upFpR/EOyGnLNYpo8Mzk1csCvLFntgQJLaFgT+2+Ji78caU5
KKg1t+A5a+hStAMJW6/LgJj79G4wgzr6sf+Nb6WrZ9fou11FCkyDs9WkW/U5DBNZ
49w+mV2T3ozHYyOCPA7oeFN5QOgAtEH1/EJDbhdlcBiSCj7rNqOE1MPgKUfI1AtD
vVBzLHRiZLqEvWes627OcycqbV2sfwwGPsUZK3+357NyyKayRdraTWIG4nRhneIr
tB9Hd9QL1CjvKRm7eU9SopiIPQQVMa+UXLrWeqG0N5U6gh81QAjneZC5rwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJuoA687hYm9kKMZB1NWPzeCGbReMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvbTZnRHJ6dUZpYjJRb3hrSFUxWV9ONEladEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAyWUeAME
BiXKgAMEAVUPMAMDAV62AwQDl/BQAwQCl/CoAwQDl/DAAwQDl/DwMAwDBAOX8dgD
BAOX8eAwDAMEBJf0MAMEApf04DALAwMBl/YDBAKX9xAwDAMEAZf31gMEAZf38AME
Apf3+DANBgkqhkiG9w0BAQsFAAOCAQEAnPOmA+WUo0tFvItulFkCHiQLAFbF9oxT
S8+NnoSOKtwcIJjjqKxvIN+nvAjctK2b8Vt4e7ep97mGWLKvd7BLCGDMmK1VxLYo
WYBA8J2Q774gfI93eOtzl5eoxqjKgjwxf0f1XGf5I2pKZ7Pjok6PojQmWrBFPf3w
kEMM9LjSaHWtD/iMUS91RUIlWY+Fch7e/tNlIGrwBHAMfFAcPYu34Z39QIdJF5SV
UIl3Hqvbd/+puDy/99sX3qZmch1B8TV9s0Pw0OaGh7flZvg8XiLeBtrzmeOzmPrR
armrEMAV6URh2pz94h6PBAxb/7XyZI5I/hLuUNNOOiorKeOeGLzBHA==
-----END CERTIFICATE-----
Generated at Tue May 13 15:20:05 2025 by rpki-client