Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qZ2aVTL-9JohDONwg9Iom6pH1A8.roa
File: qZ2aVTL-9JohDONwg9Iom6pH1A8.roa (raw, json)
Hash identifier: gptjidTtz24I1gEWYwfX8bvvshOsZq2BfRDXMMtbmO0=
Subject key identifier: A9:9D:9A:55:32:FE:F4:9A:21:0C:E3:70:83:D2:28:9B:AA:47:D4:0F
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 01914183D5B60708B22348150F017CFDC65C
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qZ2aVTL-9JohDONwg9Iom6pH1A8.roa
Signing time: Sun 11 Aug 2024 12:57:24 +0000
ROA not before: Sun 11 Aug 2024 12:57:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205647
IP address blocks: 85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.17.0/24 maxlen: 24
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 22
94.182.60.0/22 maxlen: 22
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.199.196/30 maxlen: 30
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 23
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 23
94.182.244.0/22 maxlen: 22
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 22
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
94.183.192.0/18 maxlen: 18
151.240.80.0/21 maxlen: 21
151.240.168.0/22 maxlen: 22
151.240.192.0/21 maxlen: 21
151.240.240.0/21 maxlen: 21
151.240.240.0/23 maxlen: 23
151.240.242.0/23 maxlen: 23
151.240.244.0/23 maxlen: 23
151.241.216.0/23 maxlen: 23
151.241.218.0/23 maxlen: 23
151.241.220.0/22 maxlen: 22
151.241.224.0/21 maxlen: 21
151.242.0.0/21 maxlen: 21
151.242.8.0/22 maxlen: 22
151.244.48.0/21 maxlen: 21
151.244.48.0/22 maxlen: 22
151.244.52.0/22 maxlen: 22
151.244.56.0/21 maxlen: 21
151.244.64.0/21 maxlen: 21
151.244.72.0/22 maxlen: 22
151.244.76.0/22 maxlen: 22
151.244.80.0/21 maxlen: 21
151.244.88.0/21 maxlen: 21
151.244.96.0/23 maxlen: 23
151.244.98.0/23 maxlen: 23
151.244.100.0/23 maxlen: 23
151.244.102.0/23 maxlen: 23
151.244.104.0/23 maxlen: 23
151.244.106.0/23 maxlen: 23
151.244.108.0/23 maxlen: 23
151.244.110.0/23 maxlen: 23
151.244.112.0/23 maxlen: 23
151.244.114.0/23 maxlen: 23
151.244.116.0/23 maxlen: 23
151.244.118.0/23 maxlen: 23
151.244.120.0/23 maxlen: 23
151.244.122.0/23 maxlen: 23
151.244.124.0/23 maxlen: 23
151.244.126.0/23 maxlen: 23
151.244.128.0/22 maxlen: 22
151.244.132.0/22 maxlen: 22
151.244.136.0/22 maxlen: 22
151.244.140.0/22 maxlen: 22
151.244.144.0/22 maxlen: 22
151.244.148.0/22 maxlen: 22
151.244.152.0/22 maxlen: 22
151.244.156.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.244.180.0/22 maxlen: 22
151.244.184.0/22 maxlen: 22
151.244.188.0/22 maxlen: 22
151.244.192.0/22 maxlen: 22
151.244.196.0/22 maxlen: 22
151.244.200.0/22 maxlen: 22
151.244.204.0/22 maxlen: 22
151.244.208.0/22 maxlen: 22
151.244.212.0/22 maxlen: 22
151.244.216.0/23 maxlen: 23
151.244.218.0/23 maxlen: 23
151.244.220.0/23 maxlen: 23
151.244.222.0/23 maxlen: 23
151.244.224.0/23 maxlen: 23
151.244.226.0/23 maxlen: 23
151.246.0.0/18 maxlen: 18
151.246.64.0/18 maxlen: 18
151.246.128.0/18 maxlen: 18
151.246.192.0/18 maxlen: 18
151.246.248.0/22 maxlen: 22
151.247.0.0/20 maxlen: 20
151.247.16.0/22 maxlen: 22
151.247.214.0/23 maxlen: 23
151.247.216.0/21 maxlen: 21
151.247.224.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/23 maxlen: 23
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.248.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:83:d5:b6:07:08:b2:23:48:15:0f:01:7c:fd:c6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Aug 11 12:57:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a99d9a5532fef49a210ce37083d2289baa47d40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c7:ae:c4:03:89:e8:df:ae:7b:90:12:6f:8b:
7a:2c:37:59:22:76:e0:65:47:70:41:b5:39:c2:7e:
8c:12:1d:cd:c9:d7:23:03:a5:8f:19:ca:12:3f:64:
f8:f3:5d:87:fa:88:b0:a0:13:97:cd:f7:ea:b1:c6:
b4:ac:00:f6:52:ba:04:42:d5:37:9c:85:f3:76:74:
59:cf:c3:9e:85:73:dc:0e:60:b2:09:5b:8b:49:10:
c4:5d:be:f7:4e:09:76:58:02:a0:7e:f8:bd:d0:4f:
21:53:96:f4:b5:f8:fe:3b:62:9b:91:19:7a:20:ca:
5d:e8:a7:da:5a:10:5e:65:77:ec:6b:c5:97:93:5f:
7d:db:24:15:9b:c4:a1:12:d8:c6:0c:90:98:10:0d:
58:a1:3a:78:48:b4:5c:80:df:c8:12:ac:09:e9:27:
b1:01:81:75:82:3e:3a:2b:f5:9b:0e:8e:e1:02:de:
d0:7d:30:b1:17:b4:15:dc:24:98:0b:53:63:72:77:
34:36:1f:c7:c2:23:f2:d8:65:35:32:01:66:09:d0:
f6:05:6b:01:14:41:97:8f:db:52:b0:8a:28:fb:51:
0e:d2:74:5f:9c:4f:2a:12:72:eb:06:02:9e:85:6a:
59:23:3c:db:8f:f1:c9:54:e0:84:3a:14:c3:d1:cb:
f8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:9D:9A:55:32:FE:F4:9A:21:0C:E3:70:83:D2:28:9B:AA:47:D4:0F
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qZ2aVTL-9JohDONwg9Iom6pH1A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.15.48.0/23
94.182.0.0/15
151.240.80.0/21
151.240.168.0/22
151.240.192.0/21
151.240.240.0/21
151.241.216.0-151.241.231.255
151.242.0.0-151.242.11.255
151.244.48.0-151.244.227.255
151.246.0.0-151.247.19.255
151.247.214.0-151.247.241.255
151.247.248.0/22
Signature Algorithm: sha256WithRSAEncryption
60:35:1f:e2:75:74:6d:37:bd:65:db:89:67:00:f7:46:da:79:
67:b4:fb:5f:d6:15:81:55:6d:69:5a:5f:ed:58:8f:88:39:63:
3e:33:2a:51:9e:de:9f:85:8d:48:e8:55:9c:0c:45:96:8b:7b:
5a:99:14:0d:8d:c2:72:81:bd:cd:62:72:8c:99:53:51:c6:5f:
3d:47:d4:63:32:80:b3:1b:b7:b5:e0:32:e4:aa:94:a8:02:d2:
86:11:68:52:cb:9c:73:44:b4:cc:5f:46:56:51:93:13:a6:18:
ec:02:c6:d8:34:b4:21:67:81:48:68:0e:ce:fe:0b:ba:aa:2c:
c9:94:af:1c:6a:f9:80:3f:00:1c:18:f3:97:de:40:43:55:d5:
d8:89:ec:67:1c:17:b6:1f:4d:52:e9:34:8a:e9:ac:51:de:ba:
12:e5:aa:80:ea:30:09:1e:15:6c:8d:b2:49:9b:56:69:86:14:
14:02:80:0b:66:a5:50:b5:43:be:92:d7:57:18:74:f7:08:6d:
fb:15:6a:34:01:df:9e:bb:d7:40:4d:ea:8f:ad:a0:79:78:5c:
bb:68:a5:6a:89:71:d4:60:46:a7:b7:a6:79:c2:76:e6:a3:26:
00:9d:20:58:96:0a:35:3f:7d:03:cb:9d:a8:58:52:35:87:7e:
d2:fd:90:90
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZFBg9W2BwiyI0gVDwF8/cZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwODExMTI1NzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTlkOWE1NTMyZmVmNDlhMjEwY2UzNzA4M2QyMjg5YmFhNDdkNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnceuxAOJ6N+ue5ASb4t6LDdZInbg
ZUdwQbU5wn6MEh3NydcjA6WPGcoSP2T4812H+oiwoBOXzffqsca0rAD2UroEQtU3
nIXzdnRZz8OehXPcDmCyCVuLSRDEXb73Tgl2WAKgfvi90E8hU5b0tfj+O2KbkRl6
IMpd6KfaWhBeZXfsa8WXk1992yQVm8ShEtjGDJCYEA1YoTp4SLRcgN/IEqwJ6Sex
AYF1gj46K/WbDo7hAt7QfTCxF7QV3CSYC1Njcnc0Nh/HwiPy2GU1MgFmCdD2BWsB
FEGXj9tSsIoo+1EO0nRfnE8qEnLrBgKehWpZIzzbj/HJVOCEOhTD0cv4IQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFKmdmlUy/vSaIQzjcIPSKJuqR9QPMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvcVoyYVZUTC05Sm9oRE9Od2c5SW9tNnBIMUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbQMEAVUPMAMD
AV62AwQDl/BQAwQCl/CoAwQDl/DAAwQDl/DwMAwDBAOX8dgDBAOX8eAwCwMDAZfy
AwQCl/IIMAwDBASX9DADBAKX9OAwCwMDAZf2AwQCl/cQMAwDBAGX99YDBAGX9/AD
BAKX9/gwDQYJKoZIhvcNAQELBQADggEBAGA1H+J1dG03vWXbiWcA90baeWe0+1/W
FYFVbWlaX+1Yj4g5Yz4zKlGe3p+FjUjoVZwMRZaLe1qZFA2NwnKBvc1icoyZU1HG
Xz1H1GMygLMbt7XgMuSqlKgC0oYRaFLLnHNEtMxfRlZRkxOmGOwCxtg0tCFngUho
Ds7+C7qqLMmUrxxq+YA/ABwY85feQENV1diJ7GccF7YfTVLpNIrprFHeuhLlqoDq
MAkeFWyNskmbVmmGFBQCgAtmpVC1Q76S11cYdPcIbfsVajQB356710BN6o+toHl4
XLtopWqJcdRgRqe3pnnCduajJgCdIFiWCjU/fQPLnahYUjWHftL9kJA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:04:02 2025 by rpki-client