Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/59NqM1BmyooG5ltJ4fzqDrlMYxg.roa
File: 59NqM1BmyooG5ltJ4fzqDrlMYxg.roa (raw, json)
Hash identifier: eBphmOO8IGt5AHHlVo8Xd4GHcMQlzlhKH4SgQ0GuwDI=
Subject key identifier: E7:D3:6A:33:50:66:CA:8A:06:E6:5B:49:E1:FC:EA:0E:B9:4C:63:18
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018C9B3C21A4DCDA1F6E5BDDA641A8114FB7
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/59NqM1BmyooG5ltJ4fzqDrlMYxg.roa
Signing time: Sun 24 Dec 2023 09:50:58 +0000
ROA not before: Sun 24 Dec 2023 09:50:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.0.0/19 maxlen: 19
217.60.0.0/18 maxlen: 18
217.60.0.0/16 maxlen: 16
217.60.24.0/21 maxlen: 21
217.60.36.0/23 maxlen: 23
217.60.32.0/22 maxlen: 22
217.60.32.0/20 maxlen: 20
217.60.36.0/22 maxlen: 22
217.60.38.0/23 maxlen: 23
217.60.40.0/21 maxlen: 21
217.60.48.0/20 maxlen: 20
37.148.0.0/18 maxlen: 24
37.148.0.0/17 maxlen: 18
217.60.108.0/22 maxlen: 22
217.60.128.0/18 maxlen: 18
217.60.128.0/19 maxlen: 19
217.60.150.0/24 maxlen: 24
217.60.64.0/20 maxlen: 20
217.60.64.0/18 maxlen: 18
217.60.80.0/20 maxlen: 20
217.60.96.0/21 maxlen: 21
217.60.104.0/22 maxlen: 22
84.241.0.0/18 maxlen: 24
185.73.3.0/24 maxlen: 24
185.73.0.0/22 maxlen: 22
185.73.2.0/24 maxlen: 24
185.73.2.0/23 maxlen: 23
185.73.0.0/23 maxlen: 23
151.240.0.0/13 maxlen: 24
151.247.64.0/18 maxlen: 18
151.245.248.0/22 maxlen: 22
151.245.248.0/21 maxlen: 21
151.245.252.0/22 maxlen: 22
31.57.208.0/20 maxlen: 20
151.244.106.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.128.0/19 maxlen: 19
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
94.183.176.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.216.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
31.56.80.0/20 maxlen: 20
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
31.56.16.0/20 maxlen: 20
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
31.56.0.0/14 maxlen: 24
151.244.192.0/22 maxlen: 22
31.56.32.0/20 maxlen: 20
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.238.0.0/15 maxlen: 24
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
85.15.0.0/18 maxlen: 24
217.60.219.0/24 maxlen: 24
217.60.216.0/21 maxlen: 21
217.60.224.0/20 maxlen: 20
217.60.230.0/24 maxlen: 24
217.60.231.0/24 maxlen: 24
217.60.240.0/20 maxlen: 20
94.182.64.0/20 maxlen: 20
37.202.128.0/18 maxlen: 18
37.202.128.0/17 maxlen: 17
217.60.160.0/19 maxlen: 19
217.60.160.0/21 maxlen: 21
217.60.160.0/20 maxlen: 20
217.60.161.0/24 maxlen: 24
217.60.171.0/24 maxlen: 24
217.60.168.0/23 maxlen: 23
217.60.170.0/24 maxlen: 24
217.60.176.0/21 maxlen: 21
217.60.176.0/24 maxlen: 24
217.60.184.0/22 maxlen: 22
37.148.78.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.192.0/20 maxlen: 20
217.60.192.0/18 maxlen: 18
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
94.182.0.0/15 maxlen: 24
217.60.207.0/24 maxlen: 24
217.60.209.0/24 maxlen: 24
217.60.208.0/20 maxlen: 20
217.60.212.0/22 maxlen: 22
217.60.208.0/23 maxlen: 23
37.202.192.0/18 maxlen: 18
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.80.0/20 maxlen: 20
37.202.136.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.112.0/20 maxlen: 20
94.182.128.0/20 maxlen: 20
2a0e:0:1:3000::/52 maxlen: 52
2a0e:0:1:2000::/52 maxlen: 52
2a0e:0:1:1000::/52 maxlen: 52
2a0e:0:1::/52 maxlen: 52
2a0e::/26 maxlen: 26
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:3c:21:a4:dc:da:1f:6e:5b:dd:a6:41:a8:11:4f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Dec 24 09:50:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7d36a335066ca8a06e65b49e1fcea0eb94c6318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:42:62:98:f2:e1:20:f1:11:24:e2:6f:ae:
28:0a:00:b7:53:93:8b:41:e8:21:d7:04:ce:9e:e6:
37:03:8c:17:66:b9:5c:fd:63:e1:8f:f4:d7:99:94:
6c:fc:c6:6d:f2:db:77:19:36:88:c8:a3:04:85:67:
ca:43:06:5d:76:cd:dd:36:be:b7:f5:62:d5:0f:42:
9f:86:37:b6:db:d1:3f:eb:01:bf:98:20:1f:4b:a7:
cf:57:3f:c1:bc:e5:20:4a:0c:2c:ce:c3:b8:d4:bf:
cd:df:ef:2b:14:76:d3:95:bb:ef:73:25:57:3d:9a:
66:81:31:51:34:d6:0b:6d:9e:99:46:24:fb:0b:94:
6c:9e:d6:7d:2c:84:e7:b1:cd:58:f5:ad:9b:c6:e7:
e4:67:73:40:43:43:ce:dd:13:ae:88:f8:94:06:9a:
e2:b9:69:a5:cb:21:b0:66:34:b8:76:16:a4:3d:52:
8a:3a:8f:9d:4d:ff:23:0d:a5:a1:b2:73:e0:c0:1b:
a3:06:07:35:fe:fc:40:a2:5d:5c:e3:70:1f:f8:ac:
a2:1e:80:fc:9c:df:c1:75:fa:70:b0:73:8e:18:df:
28:d8:bf:48:3a:49:7e:ac:73:b5:67:b0:f3:0d:44:
b0:eb:2c:6b:28:72:49:87:bc:0d:f6:47:dd:10:5b:
35:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D3:6A:33:50:66:CA:8A:06:E6:5B:49:E1:FC:EA:0E:B9:4C:63:18
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/59NqM1BmyooG5ltJ4fzqDrlMYxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0/14
37.148.0.0/17
37.202.128.0/17
84.241.0.0/18
85.15.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
185.73.0.0/22
217.60.0.0/16
IPv6:
2a0e::/26
Signature Algorithm: sha256WithRSAEncryption
a0:73:ca:b1:ff:03:b0:16:f0:d5:81:39:68:b5:5a:08:57:4d:
f6:2d:3f:70:eb:52:c9:83:29:20:d0:b1:1c:8e:23:ee:ee:c8:
f5:b7:fc:66:a6:b0:d6:88:c4:c7:9c:78:9c:75:5a:47:27:95:
19:14:58:40:f2:4c:7f:bb:2c:90:b7:f9:fd:e5:42:35:e3:a4:
16:43:db:b3:75:a9:97:fe:3b:38:3d:1d:d2:fc:77:04:12:f2:
b0:78:87:27:31:4c:9d:56:cd:e5:fe:f4:f2:aa:1c:ae:eb:b3:
d6:1f:82:00:5e:93:0e:cd:c6:01:c0:0b:70:de:ba:31:5e:40:
e8:2e:5d:03:bb:dc:be:23:68:a0:a4:2c:50:88:1e:8e:dc:99:
ea:a3:71:74:ae:31:b2:8f:1b:92:c6:ee:ef:90:3e:ca:7d:73:
17:d8:9b:bf:68:10:21:d0:a6:ba:16:1b:8a:4d:51:df:5f:9b:
8b:04:03:d8:f5:da:45:b9:0c:3e:13:d0:78:d6:ae:67:a0:4a:
dc:63:00:26:40:b2:d5:85:58:ad:70:76:17:e8:3b:23:b1:7a:
46:fb:a7:d7:34:07:00:54:59:92:ad:39:1b:39:4c:4e:91:b4:
a8:63:11:bf:32:04:3c:a7:81:05:c8:75:96:25:de:4f:48:09:
fc:bf:f4:b7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYybPCGk3NofblvdpkGoEU+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMjI0MDk1MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QzNmEzMzUwNjZjYThhMDZlNjViNDllMWZjZWEwZWI5NGM2MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOVCYpjy4SDxESTib64oCgC3U5OL
Qegh1wTOnuY3A4wXZrlc/WPhj/TXmZRs/MZt8tt3GTaIyKMEhWfKQwZdds3dNr63
9WLVD0Kfhje229E/6wG/mCAfS6fPVz/BvOUgSgwszsO41L/N3+8rFHbTlbvvcyVX
PZpmgTFRNNYLbZ6ZRiT7C5RsntZ9LITnsc1Y9a2bxufkZ3NAQ0PO3ROuiPiUBpri
uWmlyyGwZjS4dhakPVKKOo+dTf8jDaWhsnPgwBujBgc1/vxAol1c43Af+KyiHoD8
nN/BdfpwsHOOGN8o2L9IOkl+rHO1Z7DzDUSw6yxrKHJJh7wN9kfdEFs1AQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOfTajNQZsqKBuZbSeH86g65TGMYMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvNTlOcU0xQm15b29HNWx0SjRmenFEcmxNWXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwMCHzgDBAcl
lAADBAclyoADBAZU8QADBAZVDwADAwFetjAKAwMBl+4DAwOX8AMEArlJAAMDANk8
MA0EAgACMAcDBQYqDgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCgc8qx/wOwFvDVgTlo
tVoIV032LT9w61LJgykg0LEcjiPu7sj1t/xmprDWiMTHnHicdVpHJ5UZFFhA8kx/
uyyQt/n95UI146QWQ9uzdamX/js4PR3S/HcEEvKweIcnMUydVs3l/vTyqhyu67PW
H4IAXpMOzcYBwAtw3roxXkDoLl0Du9y+I2igpCxQiB6O3Jnqo3F0rjGyjxuSxu7v
kD7KfXMX2Ju/aBAh0Ka6FhuKTVHfX5uLBAPY9dpFuQw+E9B41q5noErcYwAmQLLV
hVitcHYX6DsjsXpG+6fXNAcAVFmSrTkbOUxOkbSoYxG/MgQ8p4EFyHWWJd5PSAn8
v/S3
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:10:56 2025 by rpki-client