Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xIf7wWwXfM8QlCBSjkgpTXzXqsI.roa
File: xIf7wWwXfM8QlCBSjkgpTXzXqsI.roa (raw, json)
Hash identifier: FKqp2PLuAzeDjrU0x3W6dNoF9VcjeEpgF/ZOJIWv4C4=
Subject key identifier: C4:87:FB:C1:6C:17:7C:CF:10:94:20:52:8E:48:29:4D:7C:D7:AA:C2
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 019421B1F2D7E7CE0F8C74F552796A950381
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xIf7wWwXfM8QlCBSjkgpTXzXqsI.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.240.240.0/21 maxlen: 21
151.240.240.0/23 maxlen: 23
151.240.242.0/23 maxlen: 23
151.240.244.0/23 maxlen: 23
151.241.216.0/23 maxlen: 23
151.241.218.0/23 maxlen: 23
151.241.220.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 24
151.247.16.0/22 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f2:d7:e7:ce:0f:8c:74:f5:52:79:6a:95:03:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c487fbc16c177ccf109420528e48294d7cd7aac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:53:48:69:9a:85:e1:fd:75:14:cb:82:34:
fc:03:fb:2c:08:ae:46:af:36:96:f3:93:8f:ab:12:
62:0d:aa:80:1d:42:17:7b:de:c3:2c:b8:a1:78:3f:
06:7e:a7:fa:44:ed:98:46:f2:87:23:85:77:87:7b:
05:d9:4b:54:6a:df:75:80:2d:97:7b:bb:cd:e7:60:
14:88:4c:c9:73:c9:fa:86:72:5e:53:f0:fe:ff:40:
70:09:c1:e3:40:e0:35:e5:9a:db:00:13:c6:c5:38:
5e:87:bc:9e:b2:16:2f:41:ec:f2:f4:0d:29:20:c4:
7e:ee:60:0b:20:ad:a5:72:a4:fc:48:11:fb:26:e9:
3c:ef:80:91:d6:64:44:9b:0b:74:20:73:6b:f5:4d:
18:42:6f:9d:60:ca:76:12:eb:3a:ba:2b:4d:0a:8b:
f6:a1:a2:0b:4e:50:6d:ee:7c:09:c3:d8:41:be:58:
5a:00:a5:fd:54:68:b1:17:40:4f:85:44:f6:60:51:
bd:8d:54:78:c0:f9:f1:3f:85:02:26:43:b0:d4:22:
20:cc:e4:75:40:bd:f9:69:9f:6b:37:e8:0e:aa:97:
6f:c0:2c:7a:ab:0f:7e:d9:81:6c:c4:49:19:18:9b:
03:dd:77:5c:62:55:d6:15:65:9e:5a:e6:63:fa:9a:
b9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:87:FB:C1:6C:17:7C:CF:10:94:20:52:8E:48:29:4D:7C:D7:AA:C2
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/xIf7wWwXfM8QlCBSjkgpTXzXqsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.216.0-151.241.231.255
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
75:bf:05:d5:6f:c3:09:3d:02:36:ad:4a:df:c0:cb:7f:66:2a:
73:6f:49:b1:90:8d:4d:e2:1c:7e:16:10:4d:0a:e4:75:3a:8e:
bb:bb:f9:fd:88:ce:35:9a:59:cd:61:72:e4:35:94:03:ae:51:
e0:f5:98:bd:bf:30:3a:0c:e0:25:6b:a7:0a:cb:ce:f8:24:78:
f9:88:f2:22:b5:74:18:d6:ee:24:3d:29:00:46:0d:7c:b0:c2:
19:d8:95:49:86:d8:fc:2b:ac:52:a9:93:03:ae:57:a5:2d:56:
d0:ca:c2:c1:68:e4:cc:94:2d:3c:55:19:58:53:93:d4:16:39:
1f:a1:bd:82:4f:ae:21:03:eb:e3:4e:33:40:4c:a5:aa:43:68:
61:a6:de:b0:40:18:f4:89:6d:e5:da:1e:72:88:c0:d7:95:90:
27:3b:1c:df:a4:16:2c:20:fd:e0:c5:32:64:d2:5b:b7:3e:d4:
10:1e:b5:08:a8:6b:7b:f8:56:15:da:ea:f8:5e:0a:c0:ba:88:
a2:ab:9d:22:53:6a:19:ea:bb:aa:1f:62:73:7e:3e:44:56:93:
97:74:c4:18:c0:66:3b:52:77:42:7c:44:43:94:4b:80:24:9a:
51:34:fc:4e:a9:e1:de:c1:56:1f:7a:a2:2f:a8:6d:75:c3:54:
4c:30:43:2e
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQhsfLX584PjHT1UnlqlQOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg3ZmJjMTZjMTc3Y2NmMTA5NDIwNTI4ZTQ4Mjk0ZDdjZDdhYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiBTSGmaheH9dRTLgjT8A/ssCK5G
rzaW85OPqxJiDaqAHUIXe97DLLiheD8Gfqf6RO2YRvKHI4V3h3sF2UtUat91gC2X
e7vN52AUiEzJc8n6hnJeU/D+/0BwCcHjQOA15ZrbABPGxTheh7yeshYvQezy9A0p
IMR+7mALIK2lcqT8SBH7Juk874CR1mREmwt0IHNr9U0YQm+dYMp2Eus6uitNCov2
oaILTlBt7nwJw9hBvlhaAKX9VGixF0BPhUT2YFG9jVR4wPnxP4UCJkOw1CIgzOR1
QL35aZ9rN+gOqpdvwCx6qw9+2YFsxEkZGJsD3XdcYlXWFWWeWuZj+pq5eQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMSH+8FsF3zPEJQgUo5IKU1816rCMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEveElmN3dXd1hmTThRbENCU2prZ3BUWHpYcXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAyWUeAME
BiXKgAMEAVUPMAMDAV62AwQDl/BQAwQCl/CoAwQDl/DAAwQDl/DwMAwDBAOX8dgD
BAOX8eAwDAMEBJf0MAMEApf04DALAwMBl/YDBAKX9xAwDAMEAZf31gMEAZf38AME
Apf3+DANBgkqhkiG9w0BAQsFAAOCAQEAdb8F1W/DCT0CNq1K38DLf2Yqc29JsZCN
TeIcfhYQTQrkdTqOu7v5/YjONZpZzWFy5DWUA65R4PWYvb8wOgzgJWunCsvO+CR4
+YjyIrV0GNbuJD0pAEYNfLDCGdiVSYbY/CusUqmTA65XpS1W0MrCwWjkzJQtPFUZ
WFOT1BY5H6G9gk+uIQPr404zQEylqkNoYabesEAY9Ilt5doecojA15WQJzsc36QW
LCD94MUyZNJbtz7UEB61CKhre/hWFdrq+F4KwLqIoqudIlNqGeq7qh9ic34+RFaT
l3TEGMBmO1J3QnxEQ5RLgCSaUTT8Tqnh3sFWH3qiL6htdcNUTDBDLg==
-----END CERTIFICATE-----
Generated at Thu May 15 06:51:42 2025 by rpki-client