Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/VjWTujUBrzdtN3zp_T245CzClhE.roa
File: VjWTujUBrzdtN3zp_T245CzClhE.roa (raw, json)
Hash identifier: zA0WZgxGBCv+KQV7IpxPRaIp2kIPjW07fSrP2w4+nBc=
Subject key identifier: 56:35:93:BA:35:01:AF:37:6D:37:7C:E9:FD:3D:B8:E4:2C:C2:96:11
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0195231103CA67CB9CD87E49F79E7733CA23
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/VjWTujUBrzdtN3zp_T245CzClhE.roa
Signing time: Thu 20 Feb 2025 11:14:32 +0000
ROA not before: Thu 20 Feb 2025 11:14:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 37.148.64.0/21 maxlen: 24
37.148.72.0/22 maxlen: 24
37.148.76.0/22 maxlen: 24
37.148.80.0/22 maxlen: 24
37.148.84.0/22 maxlen: 24
37.148.88.0/21 maxlen: 24
37.148.96.0/22 maxlen: 24
37.148.100.0/22 maxlen: 24
37.148.104.0/21 maxlen: 24
37.148.112.0/22 maxlen: 24
37.148.116.0/22 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/22 maxlen: 22
37.202.132.0/22 maxlen: 22
37.202.136.0/22 maxlen: 22
37.202.140.0/22 maxlen: 22
37.202.152.0/22 maxlen: 22
37.202.156.0/22 maxlen: 22
37.202.160.0/22 maxlen: 22
37.202.164.0/22 maxlen: 22
37.202.188.0/22 maxlen: 22
37.202.232.0/22 maxlen: 22
37.202.236.0/22 maxlen: 22
37.202.240.0/24 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
37.202.244.0/22 maxlen: 22
37.202.248.0/22 maxlen: 22
37.202.252.0/22 maxlen: 22
94.182.10.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
151.239.120.0/22 maxlen: 24
151.239.124.0/22 maxlen: 24
151.239.128.0/22 maxlen: 24
151.239.132.0/22 maxlen: 24
151.239.136.0/22 maxlen: 24
151.239.140.0/22 maxlen: 24
151.239.144.0/22 maxlen: 24
151.239.148.0/22 maxlen: 24
151.239.152.0/22 maxlen: 24
151.239.156.0/22 maxlen: 24
151.239.160.0/21 maxlen: 24
151.239.168.0/22 maxlen: 24
151.239.172.0/22 maxlen: 24
151.239.176.0/22 maxlen: 24
151.239.180.0/22 maxlen: 24
151.239.184.0/22 maxlen: 24
151.239.188.0/22 maxlen: 24
151.239.192.0/21 maxlen: 24
151.239.200.0/21 maxlen: 24
151.239.208.0/20 maxlen: 24
151.239.224.0/20 maxlen: 24
151.239.240.0/20 maxlen: 24
151.246.0.0/22 maxlen: 22
151.246.4.0/22 maxlen: 22
151.246.8.0/22 maxlen: 22
151.246.12.0/22 maxlen: 22
151.246.16.0/22 maxlen: 22
151.246.20.0/22 maxlen: 22
151.246.24.0/22 maxlen: 22
151.246.28.0/22 maxlen: 22
151.246.32.0/22 maxlen: 22
151.246.36.0/22 maxlen: 22
151.246.40.0/22 maxlen: 22
151.246.44.0/22 maxlen: 22
151.246.48.0/22 maxlen: 22
151.246.52.0/22 maxlen: 22
151.246.56.0/22 maxlen: 22
151.246.60.0/22 maxlen: 22
151.246.160.0/20 maxlen: 24
151.246.176.0/21 maxlen: 21
151.246.184.0/21 maxlen: 21
151.246.192.0/20 maxlen: 24
151.246.208.0/20 maxlen: 24
151.246.224.0/20 maxlen: 20
151.246.248.0/22 maxlen: 24
151.247.0.0/23 maxlen: 24
151.247.2.0/24 maxlen: 24
151.247.3.0/24 maxlen: 24
151.247.4.0/22 maxlen: 24
151.247.8.0/22 maxlen: 24
151.247.12.0/24 maxlen: 24
151.247.13.0/24 maxlen: 24
151.247.14.0/24 maxlen: 24
151.247.15.0/24 maxlen: 24
151.247.16.0/23 maxlen: 24
151.247.18.0/24 maxlen: 24
151.247.19.0/24 maxlen: 24
151.247.20.0/23 maxlen: 23
151.247.22.0/24 maxlen: 24
151.247.23.0/24 maxlen: 24
151.247.24.0/22 maxlen: 22
151.247.28.0/22 maxlen: 22
151.247.32.0/22 maxlen: 22
151.247.36.0/22 maxlen: 22
151.247.40.0/22 maxlen: 22
151.247.44.0/22 maxlen: 22
151.247.48.0/22 maxlen: 22
151.247.52.0/22 maxlen: 22
151.247.56.0/22 maxlen: 22
151.247.60.0/22 maxlen: 22
151.247.64.0/23 maxlen: 23
151.247.66.0/23 maxlen: 23
151.247.68.0/23 maxlen: 23
151.247.70.0/23 maxlen: 23
151.247.72.0/22 maxlen: 22
151.247.76.0/23 maxlen: 23
151.247.78.0/23 maxlen: 23
151.247.80.0/23 maxlen: 23
151.247.82.0/23 maxlen: 23
151.247.84.0/23 maxlen: 23
151.247.86.0/23 maxlen: 23
151.247.88.0/22 maxlen: 22
151.247.92.0/22 maxlen: 22
151.247.96.0/22 maxlen: 22
151.247.100.0/22 maxlen: 22
151.247.104.0/22 maxlen: 22
151.247.108.0/22 maxlen: 22
151.247.112.0/22 maxlen: 22
151.247.116.0/22 maxlen: 22
151.247.120.0/22 maxlen: 22
151.247.124.0/22 maxlen: 22
151.247.128.0/22 maxlen: 22
151.247.132.0/22 maxlen: 22
151.247.136.0/22 maxlen: 22
151.247.140.0/22 maxlen: 22
151.247.144.0/22 maxlen: 22
151.247.148.0/22 maxlen: 22
151.247.148.0/23 maxlen: 23
151.247.150.0/23 maxlen: 23
151.247.152.0/22 maxlen: 22
151.247.156.0/22 maxlen: 22
151.247.160.0/22 maxlen: 22
151.247.164.0/22 maxlen: 22
151.247.168.0/22 maxlen: 22
151.247.172.0/22 maxlen: 22
151.247.176.0/22 maxlen: 22
151.247.180.0/22 maxlen: 22
151.247.184.0/22 maxlen: 22
151.247.188.0/22 maxlen: 24
151.247.192.0/22 maxlen: 22
151.247.196.0/22 maxlen: 22
151.247.200.0/22 maxlen: 22
151.247.204.0/22 maxlen: 22
151.247.204.0/23 maxlen: 23
151.247.206.0/24 maxlen: 24
151.247.207.0/24 maxlen: 24
151.247.208.0/22 maxlen: 22
151.247.212.0/23 maxlen: 23
151.247.228.0/23 maxlen: 24
151.247.230.0/23 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.236.0/23 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/23 maxlen: 24
151.247.242.0/24 maxlen: 24
151.247.243.0/24 maxlen: 24
151.247.244.0/22 maxlen: 24
151.247.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:11:03:ca:67:cb:9c:d8:7e:49:f7:9e:77:33:ca:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 20 11:14:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=563593ba3501af376d377ce9fd3db8e42cc29611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ff:1e:38:2a:cf:c9:a7:d4:9a:1d:16:0e:09:
d4:bb:56:8e:eb:5a:d4:b3:04:c5:7d:f2:06:b4:af:
85:e1:c1:56:20:90:7d:a3:d1:97:92:f2:e2:6a:5c:
e3:8e:87:58:9f:1f:a0:ff:6c:6d:db:a2:f5:e2:3b:
9f:d9:4a:48:7a:8f:e7:c2:d3:1a:6d:93:af:11:be:
a2:98:4b:fe:e9:0d:80:df:02:8a:d3:0d:e6:af:68:
c8:16:2d:4c:5d:64:5d:70:5e:d6:f3:9a:94:c0:8d:
52:68:80:d2:0e:20:e5:07:1d:26:81:0b:9b:14:19:
b5:a5:a6:4d:a2:9b:42:43:66:d7:2a:a9:b7:a3:a5:
cd:53:1f:dc:c9:b8:2c:f1:39:63:1f:74:db:c5:1a:
55:eb:ad:03:fb:bf:af:51:50:17:49:9c:72:18:e0:
e9:75:3c:ac:57:22:a6:e8:b5:05:c1:3c:c3:83:73:
87:bd:ec:4f:5d:af:87:9d:8a:b9:77:e3:31:2b:4c:
98:2e:00:47:4b:fb:b4:d1:a2:c5:c9:aa:a6:1e:48:
61:a3:99:fb:af:c1:f1:c9:53:91:05:18:d3:db:9e:
2c:6c:4d:a7:ab:fc:98:a0:40:67:90:e6:c5:78:84:
cf:57:71:ac:a3:cf:95:4b:20:ed:ee:ec:39:fa:bf:
ff:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:35:93:BA:35:01:AF:37:6D:37:7C:E9:FD:3D:B8:E4:2C:C2:96:11
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/VjWTujUBrzdtN3zp_T245CzClhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.64.0/18
37.202.128.0/20
37.202.152.0-37.202.167.255
37.202.188.0/22
37.202.232.0-37.202.242.255
37.202.244.0-37.202.255.255
94.182.10.0/24
94.182.204.0/22
151.239.120.0-151.239.255.255
151.246.0.0/18
151.246.160.0-151.246.239.255
151.246.248.0/22
151.247.0.0-151.247.213.255
151.247.228.0-151.247.247.255
151.247.252.0/22
Signature Algorithm: sha256WithRSAEncryption
20:30:2e:b7:e4:f6:bd:28:0b:5d:a8:6e:7a:af:99:3d:85:b8:
a3:6e:ee:57:0c:64:ce:c7:1c:82:1a:a7:9f:9d:58:d5:f4:0e:
fb:12:dd:fd:7d:cd:90:26:07:68:26:c6:b8:72:8a:ba:d9:88:
7d:d0:0a:ad:3f:9d:4c:75:4a:f3:66:a8:6a:e0:00:de:86:1a:
8a:11:7c:3f:05:bf:0b:ff:b3:6e:2c:ed:c2:4f:a7:e0:09:4d:
84:45:6a:e4:a1:0a:00:eb:18:a3:84:39:80:68:eb:fb:6d:5c:
1a:ab:ac:be:fb:e6:a5:2b:02:2d:46:99:45:94:83:09:b2:ac:
4a:4e:5f:07:37:62:eb:f1:9e:30:e4:67:91:51:70:50:da:88:
e8:5c:4b:db:00:36:57:ca:1e:af:ac:45:72:cb:8e:5c:5b:32:
49:41:89:7c:b2:b0:6a:d5:89:73:b2:4c:69:eb:1a:2e:c8:bc:
0d:46:07:ff:07:10:78:7c:f1:65:85:8b:b7:6c:99:a4:0b:17:
43:5e:a2:5d:a4:3d:85:84:d0:0f:f2:39:c4:d9:d1:4f:b0:5c:
6e:01:53:33:d4:8b:c0:ab:b8:03:9e:f1:26:fd:84:83:87:a0:
1f:3c:85:1c:e0:24:be:9d:d1:87:34:ee:4b:e2:e0:6f:fa:0f:
fe:2a:94:40
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZUjEQPKZ8uc2H5J9553M8ojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwMjIwMTExNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjM1OTNiYTM1MDFhZjM3NmQzNzdjZTlmZDNkYjhlNDJjYzI5NjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/8eOCrPyafUmh0WDgnUu1aO61rU
swTFffIGtK+F4cFWIJB9o9GXkvLialzjjodYnx+g/2xt26L14juf2UpIeo/nwtMa
bZOvEb6imEv+6Q2A3wKK0w3mr2jIFi1MXWRdcF7W85qUwI1SaIDSDiDlBx0mgQub
FBm1paZNoptCQ2bXKqm3o6XNUx/cybgs8TljH3TbxRpV660D+7+vUVAXSZxyGODp
dTysVyKm6LUFwTzDg3OHvexPXa+HnYq5d+MxK0yYLgBHS/u00aLFyaqmHkhho5n7
r8HxyVORBRjT254sbE2nq/yYoEBnkObFeITPV3Gso8+VSyDt7uw5+r//PQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFFY1k7o1Aa83bTd86f09uOQswpYRMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvVmpXVHVqVUJyemR0TjN6cF9UMjQ1Q3pDbGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBlgQCAAEwgY8DBAYl
lEADBAQlyoAwDAMEAyXKmAMEAyXKoAMEAiXKvDAMAwQDJcroAwQAJcryMAsDBAIl
yvQDAwAlygMEAF62CgMEAl62zDALAwQDl+94AwMEl+ADBAaX9gAwDAMEBZf2oAME
BJf24AMEApf2+DALAwMAl/cDBAGX99QwDAMEApf35AMEA5f38AMEApf3/DANBgkq
hkiG9w0BAQsFAAOCAQEAIDAut+T2vSgLXahueq+ZPYW4o27uVwxkzsccghqnn51Y
1fQO+xLd/X3NkCYHaCbGuHKKutmIfdAKrT+dTHVK82aoauAA3oYaihF8PwW/C/+z
biztwk+n4AlNhEVq5KEKAOsYo4Q5gGjr+21cGqusvvvmpSsCLUaZRZSDCbKsSk5f
Bzdi6/GeMORnkVFwUNqI6FxL2wA2V8oer6xFcsuOXFsySUGJfLKwatWJc7JMaesa
Lsi8DUYH/wcQeHzxZYWLt2yZpAsXQ16iXaQ9hYTQD/I5xNnRT7BcbgFTM9SLwKu4
A57xJv2Eg4egHzyFHOAkvp3RhzTuS+Lgb/oP/iqUQA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:37:33 2025 by rpki-client