Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/nYhe5AUc7uzvT4-upQU0K06X-Fk.roa
File: nYhe5AUc7uzvT4-upQU0K06X-Fk.roa (raw, json)
Hash identifier: RaCnAbUaeV6UKsf2c/g0f9XdKW0K/+1cv/DFL5jabdM=
Subject key identifier: 9D:88:5E:E4:05:1C:EE:EC:EF:4F:8F:AE:A5:05:34:2B:4E:97:F8:59
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0194DF4741570E959FF5D6758052D1A435D2
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/nYhe5AUc7uzvT4-upQU0K06X-Fk.roa
Signing time: Fri 07 Feb 2025 07:19:36 +0000
ROA not before: Fri 07 Feb 2025 07:19:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 37.148.64.0/21 maxlen: 24
37.148.72.0/22 maxlen: 24
37.148.76.0/22 maxlen: 24
37.148.80.0/22 maxlen: 24
37.148.84.0/22 maxlen: 24
37.148.88.0/21 maxlen: 24
37.148.96.0/22 maxlen: 24
37.148.100.0/22 maxlen: 24
37.148.104.0/21 maxlen: 24
37.148.112.0/22 maxlen: 24
37.148.116.0/22 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/22 maxlen: 22
37.202.132.0/22 maxlen: 22
37.202.136.0/22 maxlen: 22
37.202.140.0/22 maxlen: 22
37.202.152.0/22 maxlen: 22
37.202.156.0/22 maxlen: 22
37.202.160.0/22 maxlen: 22
37.202.164.0/22 maxlen: 22
37.202.188.0/22 maxlen: 22
37.202.232.0/22 maxlen: 22
37.202.236.0/22 maxlen: 22
37.202.240.0/24 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
37.202.244.0/22 maxlen: 22
37.202.248.0/22 maxlen: 22
37.202.252.0/22 maxlen: 22
94.182.10.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
151.239.120.0/22 maxlen: 24
151.239.124.0/22 maxlen: 24
151.239.128.0/22 maxlen: 24
151.239.132.0/22 maxlen: 24
151.239.136.0/22 maxlen: 24
151.239.140.0/22 maxlen: 24
151.239.144.0/22 maxlen: 24
151.239.148.0/22 maxlen: 24
151.239.152.0/22 maxlen: 24
151.239.156.0/22 maxlen: 24
151.239.160.0/21 maxlen: 24
151.239.168.0/22 maxlen: 24
151.239.172.0/22 maxlen: 24
151.239.176.0/22 maxlen: 24
151.239.180.0/22 maxlen: 24
151.239.184.0/22 maxlen: 24
151.239.188.0/22 maxlen: 24
151.239.192.0/21 maxlen: 24
151.239.200.0/21 maxlen: 24
151.239.208.0/20 maxlen: 24
151.239.224.0/20 maxlen: 24
151.239.240.0/20 maxlen: 24
151.245.128.0/22 maxlen: 22
151.245.132.0/22 maxlen: 22
151.245.136.0/22 maxlen: 22
151.245.140.0/22 maxlen: 22
151.245.144.0/22 maxlen: 22
151.245.148.0/22 maxlen: 22
151.245.152.0/22 maxlen: 22
151.245.156.0/22 maxlen: 22
151.245.160.0/22 maxlen: 22
151.245.164.0/22 maxlen: 22
151.245.168.0/22 maxlen: 22
151.245.172.0/22 maxlen: 22
151.245.176.0/22 maxlen: 22
151.245.180.0/22 maxlen: 22
151.245.184.0/22 maxlen: 22
151.245.188.0/22 maxlen: 22
151.245.192.0/22 maxlen: 22
151.245.196.0/22 maxlen: 22
151.245.200.0/22 maxlen: 22
151.245.204.0/22 maxlen: 22
151.245.208.0/21 maxlen: 21
151.245.216.0/21 maxlen: 21
151.245.220.0/22 maxlen: 22
151.245.224.0/22 maxlen: 22
151.245.228.0/22 maxlen: 22
151.245.232.0/22 maxlen: 22
151.245.236.0/22 maxlen: 22
151.245.240.0/22 maxlen: 22
151.245.244.0/22 maxlen: 22
151.245.248.0/22 maxlen: 22
151.245.252.0/22 maxlen: 22
151.246.0.0/22 maxlen: 22
151.246.4.0/22 maxlen: 22
151.246.8.0/22 maxlen: 22
151.246.12.0/22 maxlen: 22
151.246.16.0/22 maxlen: 22
151.246.20.0/22 maxlen: 22
151.246.24.0/22 maxlen: 22
151.246.28.0/22 maxlen: 22
151.246.32.0/22 maxlen: 22
151.246.36.0/22 maxlen: 22
151.246.40.0/22 maxlen: 22
151.246.44.0/22 maxlen: 22
151.246.48.0/22 maxlen: 22
151.246.52.0/22 maxlen: 22
151.246.56.0/22 maxlen: 22
151.246.60.0/22 maxlen: 22
151.246.160.0/20 maxlen: 24
151.246.176.0/21 maxlen: 21
151.246.184.0/21 maxlen: 21
151.246.192.0/20 maxlen: 24
151.246.208.0/20 maxlen: 24
151.246.224.0/20 maxlen: 20
151.246.248.0/22 maxlen: 24
151.247.0.0/23 maxlen: 24
151.247.2.0/24 maxlen: 24
151.247.3.0/24 maxlen: 24
151.247.4.0/22 maxlen: 24
151.247.8.0/22 maxlen: 24
151.247.12.0/24 maxlen: 24
151.247.13.0/24 maxlen: 24
151.247.14.0/24 maxlen: 24
151.247.15.0/24 maxlen: 24
151.247.16.0/23 maxlen: 24
151.247.18.0/24 maxlen: 24
151.247.19.0/24 maxlen: 24
151.247.20.0/23 maxlen: 23
151.247.22.0/24 maxlen: 24
151.247.23.0/24 maxlen: 24
151.247.24.0/22 maxlen: 22
151.247.28.0/22 maxlen: 22
151.247.32.0/22 maxlen: 22
151.247.36.0/22 maxlen: 22
151.247.40.0/22 maxlen: 22
151.247.44.0/22 maxlen: 22
151.247.48.0/22 maxlen: 22
151.247.52.0/22 maxlen: 22
151.247.56.0/22 maxlen: 22
151.247.60.0/22 maxlen: 22
151.247.64.0/23 maxlen: 23
151.247.66.0/23 maxlen: 23
151.247.68.0/23 maxlen: 23
151.247.70.0/23 maxlen: 23
151.247.72.0/22 maxlen: 22
151.247.76.0/23 maxlen: 23
151.247.78.0/23 maxlen: 23
151.247.80.0/23 maxlen: 23
151.247.82.0/23 maxlen: 23
151.247.84.0/23 maxlen: 23
151.247.86.0/23 maxlen: 23
151.247.88.0/22 maxlen: 22
151.247.92.0/22 maxlen: 22
151.247.96.0/22 maxlen: 22
151.247.100.0/22 maxlen: 22
151.247.104.0/22 maxlen: 22
151.247.108.0/22 maxlen: 22
151.247.112.0/22 maxlen: 22
151.247.116.0/22 maxlen: 22
151.247.120.0/22 maxlen: 22
151.247.124.0/22 maxlen: 22
151.247.128.0/22 maxlen: 22
151.247.132.0/22 maxlen: 22
151.247.136.0/22 maxlen: 22
151.247.140.0/22 maxlen: 22
151.247.144.0/22 maxlen: 22
151.247.148.0/22 maxlen: 22
151.247.148.0/23 maxlen: 23
151.247.150.0/23 maxlen: 23
151.247.152.0/22 maxlen: 22
151.247.156.0/22 maxlen: 22
151.247.160.0/22 maxlen: 22
151.247.164.0/22 maxlen: 22
151.247.168.0/22 maxlen: 22
151.247.172.0/22 maxlen: 22
151.247.176.0/22 maxlen: 22
151.247.180.0/22 maxlen: 22
151.247.184.0/22 maxlen: 22
151.247.188.0/22 maxlen: 24
151.247.192.0/22 maxlen: 22
151.247.196.0/22 maxlen: 22
151.247.200.0/22 maxlen: 22
151.247.204.0/22 maxlen: 22
151.247.204.0/23 maxlen: 23
151.247.206.0/24 maxlen: 24
151.247.207.0/24 maxlen: 24
151.247.208.0/22 maxlen: 22
151.247.212.0/23 maxlen: 23
151.247.228.0/23 maxlen: 24
151.247.230.0/23 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/23 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/23 maxlen: 24
151.247.242.0/24 maxlen: 24
151.247.243.0/24 maxlen: 24
151.247.244.0/22 maxlen: 24
151.247.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:47:41:57:0e:95:9f:f5:d6:75:80:52:d1:a4:35:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 7 07:19:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d885ee4051ceeecef4f8faea505342b4e97f859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:53:4e:b8:b8:03:5b:14:d8:9f:ad:93:13:c5:
07:1b:92:5e:09:de:99:b4:5f:1e:21:17:6a:b6:08:
7d:62:2c:f8:96:d3:a2:36:b6:5b:c2:21:05:86:fe:
3c:3a:59:f8:30:6c:80:87:54:45:cc:c3:f1:08:d8:
95:84:e7:e1:c8:10:85:80:70:c1:77:f8:07:a6:0e:
91:c5:10:79:98:e2:d9:a6:bd:74:94:27:11:5a:20:
4e:a4:b5:3c:1f:d4:ea:cf:9c:a0:aa:7c:11:5d:ff:
8e:bf:07:ef:38:37:31:c1:e5:8d:62:88:af:76:65:
be:39:8f:ee:e7:91:b5:c7:3f:03:d1:e6:a4:b9:93:
52:76:82:ab:a1:80:73:88:b3:08:7d:e3:d4:ba:82:
49:9f:89:73:43:60:d5:56:5f:32:06:8f:11:cc:86:
02:5f:86:0a:27:14:71:45:85:fc:1a:ba:14:53:da:
25:2d:c8:96:4b:21:ef:e2:92:0a:62:a7:67:1e:78:
1e:ad:33:f3:9b:fd:5b:9a:b2:6a:b9:2c:e9:d6:fa:
0e:59:04:0c:73:3a:6d:b8:34:6c:a7:68:d2:95:ac:
c6:7e:78:4f:ff:13:aa:62:4b:e8:aa:6b:44:c9:b8:
30:d7:e2:a3:5b:48:ba:e3:f1:85:76:c1:24:11:5b:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:88:5E:E4:05:1C:EE:EC:EF:4F:8F:AE:A5:05:34:2B:4E:97:F8:59
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/nYhe5AUc7uzvT4-upQU0K06X-Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.64.0/18
37.202.128.0/20
37.202.152.0-37.202.167.255
37.202.188.0/22
37.202.232.0-37.202.242.255
37.202.244.0-37.202.255.255
94.182.10.0/24
94.182.204.0/22
151.239.120.0-151.239.255.255
151.245.128.0-151.246.63.255
151.246.160.0-151.246.239.255
151.246.248.0/22
151.247.0.0-151.247.213.255
151.247.228.0-151.247.247.255
151.247.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:34:b1:0f:34:42:5d:7b:3b:70:94:cb:e9:fb:0d:89:6e:22:
2a:f4:20:48:95:d3:90:02:55:46:bf:ae:2b:4f:0f:2d:eb:59:
f0:f8:77:a5:c5:2d:54:4f:32:8d:2f:8a:58:96:56:c3:a8:41:
9a:22:0b:84:62:ff:e6:f2:7b:fa:3f:bb:44:ce:53:a1:32:c1:
79:88:d7:a8:26:37:79:d9:65:99:a4:60:ee:bd:44:8a:0e:62:
1f:69:8e:ce:ab:b0:5a:31:81:37:d1:83:4e:7a:6d:b4:1e:62:
c9:97:5c:b4:b0:5e:93:1e:cf:a8:0b:12:8c:99:bd:40:83:17:
47:f6:52:86:63:c9:d8:bf:33:d7:eb:a5:8f:d3:64:25:a1:f6:
58:9a:e5:e5:18:d2:88:04:84:7c:b7:53:d1:15:ef:82:64:0d:
1a:f2:f6:8b:d7:a6:b5:18:b5:04:27:45:1e:03:53:1c:a6:de:
60:c9:4e:82:f1:aa:00:a5:91:6c:84:68:55:54:82:5d:15:d7:
47:f9:4b:e7:19:ec:ce:0d:1f:6d:40:a7:d2:bd:4f:98:71:a3:
23:6c:2f:12:b3:eb:53:b1:06:05:e8:7e:d0:fa:d5:ff:0e:09:
fd:9c:37:43:ed:39:04:76:01:9d:c2:bb:1d:3a:14:a4:d3:da:
62:79:3d:f8
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZTfR0FXDpWf9dZ1gFLRpDXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMjA3MDcxOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDg4NWVlNDA1MWNlZWVjZWY0ZjhmYWVhNTA1MzQyYjRlOTdmODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFNOuLgDWxTYn62TE8UHG5JeCd6Z
tF8eIRdqtgh9Yiz4ltOiNrZbwiEFhv48Oln4MGyAh1RFzMPxCNiVhOfhyBCFgHDB
d/gHpg6RxRB5mOLZpr10lCcRWiBOpLU8H9Tqz5ygqnwRXf+OvwfvODcxweWNYoiv
dmW+OY/u55G1xz8D0eakuZNSdoKroYBziLMIfePUuoJJn4lzQ2DVVl8yBo8RzIYC
X4YKJxRxRYX8GroUU9olLciWSyHv4pIKYqdnHngerTPzm/1bmrJquSzp1voOWQQM
czptuDRsp2jSlazGfnhP/xOqYkvoqmtEybgw1+KjW0i64/GFdsEkEVtA/wIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJ2IXuQFHO7s70+PrqUFNCtOl/hZMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvblloZTVBVWM3dXp2VDQtdXBRVTBLMDZYLUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDBAYl
lEADBAQlyoAwDAMEAyXKmAMEAyXKoAMEAiXKvDAMAwQDJcroAwQAJcryMAsDBAIl
yvQDAwAlygMEAF62CgMEAl62zDALAwQDl+94AwMEl+AwDAMEB5f1gAMEBpf2ADAM
AwQFl/agAwQEl/bgAwQCl/b4MAsDAwCX9wMEAZf31DAMAwQCl/fkAwQDl/fwAwQC
l/f8MA0GCSqGSIb3DQEBCwUAA4IBAQAvNLEPNEJdeztwlMvp+w2JbiIq9CBIldOQ
AlVGv64rTw8t61nw+HelxS1UTzKNL4pYllbDqEGaIguEYv/m8nv6P7tEzlOhMsF5
iNeoJjd52WWZpGDuvUSKDmIfaY7Oq7BaMYE30YNOem20HmLJl1y0sF6THs+oCxKM
mb1AgxdH9lKGY8nYvzPX66WP02QlofZYmuXlGNKIBIR8t1PRFe+CZA0a8vaL16a1
GLUEJ0UeA1Mcpt5gyU6C8aoApZFshGhVVIJdFddH+UvnGezODR9tQKfSvU+YcaMj
bC8Ss+tTsQYF6H7Q+tX/Dgn9nDdD7TkEdgGdwrsdOhSk09pieT34
-----END CERTIFICATE-----
Generated at Sun May 11 19:06:41 2025 by rpki-client