Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KT4edFJLUjFj-qQMxQHChooJk9g.roa
File: KT4edFJLUjFj-qQMxQHChooJk9g.roa (raw, json)
Hash identifier: LWKrum22Pv8HZS1iNG4zoye2x4FKZDr7uoqe9g1Mc7U=
Subject key identifier: 29:3E:1E:74:52:4B:52:31:63:FA:A4:0C:C5:01:C2:86:8A:09:93:D8
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018EBC6BA21921F3DF25C975D64D3BEC28BD
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KT4edFJLUjFj-qQMxQHChooJk9g.roa
Signing time: Mon 08 Apr 2024 06:35:54 +0000
ROA not before: Mon 08 Apr 2024 06:35:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205647
IP address blocks: 31.56.0.0/18 maxlen: 18
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.116.0/24 maxlen: 24
31.59.12.0/22 maxlen: 22
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 22
94.182.60.0/22 maxlen: 22
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 23
94.182.234.0/23 maxlen: 23
94.182.240.0/23 maxlen: 23
94.182.244.0/23 maxlen: 23
94.182.248.0/23 maxlen: 23
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.240.240.0/21 maxlen: 21
151.241.224.0/21 maxlen: 21
151.242.0.0/21 maxlen: 21
151.242.8.0/22 maxlen: 22
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.247.0.0/20 maxlen: 20
151.247.16.0/22 maxlen: 22
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.232.0/22 maxlen: 22
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:6b:a2:19:21:f3:df:25:c9:75:d6:4d:3b:ec:28:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 8 06:35:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=293e1e74524b523163faa40cc501c2868a0993d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:02:a7:e4:f7:4b:38:28:91:79:f7:1a:3c:65:
0f:17:84:f5:d1:5f:87:8c:c9:24:93:ac:c3:0b:51:
be:55:23:d6:1a:1c:3d:61:52:96:2c:88:4a:d8:fd:
4f:de:39:11:7c:d5:9a:f3:7f:93:19:6d:46:4a:dc:
a9:18:6d:c9:f8:e3:0c:fd:04:c1:dc:c7:ef:f9:71:
ca:6f:64:82:e6:ba:1d:00:65:51:b8:16:12:66:1a:
11:0d:6d:80:2c:df:eb:24:38:1f:e3:e8:9b:95:5f:
f8:1a:d7:a5:2e:42:8b:8d:7f:88:d1:3a:6a:e0:ac:
dd:f8:38:ca:88:00:3c:dc:3b:57:3d:15:a1:eb:72:
e0:59:53:86:ea:2d:92:78:6f:32:e3:a7:53:f2:2b:
5a:2a:3a:a0:0e:12:ce:84:c4:9d:0d:73:9e:93:9d:
78:be:af:d3:92:5f:15:03:3e:8a:54:e1:5a:95:70:
03:e4:ec:74:77:70:d4:62:80:40:26:b4:3a:90:1c:
5a:fc:fa:5c:79:77:c9:7e:8c:92:a4:f3:59:8b:9b:
5f:b1:9f:47:ed:92:52:1e:1c:0a:67:4e:5d:fe:e4:
44:01:75:d2:4a:01:c2:21:0c:28:47:14:c4:19:3c:
49:fd:9c:11:90:c1:a0:02:6a:71:ce:0e:64:6b:6f:
bf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3E:1E:74:52:4B:52:31:63:FA:A4:0C:C5:01:C2:86:8A:09:93:D8
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/KT4edFJLUjFj-qQMxQHChooJk9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
31.59.12.0/22
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.224.0/21
151.242.0.0-151.242.11.255
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:52:45:18:ed:f5:aa:76:7d:0a:2a:9d:c5:7c:4b:2a:b3:c9:
d8:65:99:b2:55:fd:f2:07:94:38:1b:12:e2:61:5a:5b:e4:a3:
f7:1e:dc:b0:b4:99:20:1f:d7:f8:2b:21:69:51:cb:01:a8:f4:
79:56:74:79:33:2e:24:c3:6d:88:af:03:44:3e:63:c5:76:f6:
69:3c:1e:8a:d3:24:c2:04:26:7c:8e:5e:63:64:c2:54:56:38:
0b:76:29:d7:2c:ff:a9:bf:f0:4b:63:24:8d:83:c6:cc:e0:b0:
47:18:42:7f:83:f8:a8:55:44:c6:49:5b:31:d0:85:ad:45:a2:
7d:a3:13:cd:77:a1:2b:62:c2:bf:0d:bb:44:7d:16:f3:19:b9:
9a:61:80:5a:89:8a:e5:6e:b6:49:d6:b0:a2:a9:cc:5c:1b:a7:
dc:bb:9c:30:1b:83:b4:fd:d6:3f:91:23:1e:43:6a:2a:d0:c3:
3a:a8:25:f5:45:07:8e:da:ef:04:66:63:09:92:9a:11:e5:29:
e8:8d:19:01:9b:22:db:ae:94:65:ff:ee:81:95:f2:1c:1e:59:
9d:df:35:4d:35:6a:53:f7:dc:25:6b:b5:82:92:9d:9e:33:26:
18:02:da:a3:46:65:d8:46:0d:29:8b:4b:09:33:ce:68:32:b0:
00:b5:f5:4e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY68a6IZIfPfJcl11k077Ci9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDA4MDYzNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNlMWU3NDUyNGI1MjMxNjNmYWE0MGNjNTAxYzI4NjhhMDk5M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwKn5PdLOCiRefcaPGUPF4T10V+H
jMkkk6zDC1G+VSPWGhw9YVKWLIhK2P1P3jkRfNWa83+TGW1GStypGG3J+OMM/QTB
3Mfv+XHKb2SC5rodAGVRuBYSZhoRDW2ALN/rJDgf4+iblV/4GtelLkKLjX+I0Tpq
4Kzd+DjKiAA83DtXPRWh63LgWVOG6i2SeG8y46dT8itaKjqgDhLOhMSdDXOek514
vq/Tkl8VAz6KVOFalXAD5Ox0d3DUYoBAJrQ6kBxa/PpceXfJfoySpPNZi5tfsZ9H
7ZJSHhwKZ05d/uREAXXSSgHCIQwoRxTEGTxJ/ZwRkMGgAmpxzg5ka2+/mQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCk+HnRSS1IxY/qkDMUBwoaKCZPYMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvS1Q0ZWRGSkxVakZqLXFRTXhRSENob29KazlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjALAwMD
HzgDBAQfOGADBAAfOHQDBAIfOwwDBAFVDzADAwFetgMEA5fwUAMEApfwqAMEA5fw
wAMEA5fw8AMEA5fx4DALAwMBl/IDBAKX8ggwDAMEBJf0MAMEApf04DALAwMBl/YD
BAKX9xAwDAMEAZf31gMEAZf38AMEApf3+DANBgkqhkiG9w0BAQsFAAOCAQEAfVJF
GO31qnZ9CiqdxXxLKrPJ2GWZslX98geUOBsS4mFaW+Sj9x7csLSZIB/X+CshaVHL
Aaj0eVZ0eTMuJMNtiK8DRD5jxXb2aTweitMkwgQmfI5eY2TCVFY4C3Yp1yz/qb/w
S2MkjYPGzOCwRxhCf4P4qFVExklbMdCFrUWifaMTzXehK2LCvw27RH0W8xm5mmGA
WomK5W62SdawoqnMXBun3LucMBuDtP3WP5EjHkNqKtDDOqgl9UUHjtrvBGZjCZKa
EeUp6I0ZAZsi266UZf/ugZXyHB5Znd81TTVqU/fcJWu1gpKdnjMmGALao0Zl2EYN
KYtLCTPOaDKwALX1Tg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:05:20 2025 by rpki-client