Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/dQwPjFHwUJlKotOpqPPKLrtOZmU.roa
File: dQwPjFHwUJlKotOpqPPKLrtOZmU.roa (raw, json)
Hash identifier: BVZecLwj1pL9nLZO5q+8elt3lZiRL+eSGxNgktm8hgg=
Subject key identifier: 75:0C:0F:8C:51:F0:50:99:4A:A2:D3:A9:A8:F3:CA:2E:BB:4E:66:65
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 019423D71DE101E440C10C9244E5374AF7A6
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/dQwPjFHwUJlKotOpqPPKLrtOZmU.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 77.237.64.0/19 maxlen: 19
77.237.64.0/20 maxlen: 20
77.237.65.0/24 maxlen: 24
77.237.68.0/24 maxlen: 24
77.237.69.0/24 maxlen: 24
77.237.70.0/24 maxlen: 24
77.237.71.0/24 maxlen: 24
77.237.72.0/24 maxlen: 24
77.237.73.0/24 maxlen: 24
77.237.74.0/24 maxlen: 24
77.237.75.0/24 maxlen: 24
77.237.76.0/24 maxlen: 24
77.237.77.0/24 maxlen: 24
77.237.78.0/23 maxlen: 23
77.237.78.0/24 maxlen: 24
77.237.79.0/24 maxlen: 24
77.237.80.0/20 maxlen: 20
77.237.80.0/22 maxlen: 22
77.237.80.0/24 maxlen: 24
77.237.81.0/24 maxlen: 24
77.237.82.0/24 maxlen: 24
77.237.83.0/24 maxlen: 24
77.237.84.0/24 maxlen: 24
77.237.85.0/24 maxlen: 24
77.237.87.0/24 maxlen: 24
77.237.88.0/24 maxlen: 24
77.237.89.0/24 maxlen: 24
77.237.90.0/24 maxlen: 24
77.237.91.0/24 maxlen: 24
77.237.92.0/24 maxlen: 24
77.237.94.0/24 maxlen: 24
77.237.95.0/24 maxlen: 24
92.242.192.0/19 maxlen: 19
92.242.192.0/23 maxlen: 23
92.242.192.0/24 maxlen: 24
92.242.193.0/24 maxlen: 24
92.242.194.0/24 maxlen: 24
92.242.195.0/24 maxlen: 24
92.242.196.0/23 maxlen: 23
92.242.198.0/24 maxlen: 24
92.242.200.0/21 maxlen: 21
92.242.201.0/24 maxlen: 24
92.242.202.0/23 maxlen: 23
92.242.202.0/24 maxlen: 24
92.242.203.0/24 maxlen: 24
92.242.204.0/24 maxlen: 24
92.242.205.0/24 maxlen: 24
92.242.206.0/23 maxlen: 23
92.242.206.0/24 maxlen: 24
92.242.207.0/24 maxlen: 24
92.242.208.0/20 maxlen: 20
92.242.208.0/24 maxlen: 24
92.242.209.0/24 maxlen: 24
92.242.210.0/23 maxlen: 23
92.242.210.0/24 maxlen: 24
92.242.211.0/24 maxlen: 24
92.242.212.0/22 maxlen: 22
92.242.212.0/24 maxlen: 24
92.242.215.0/24 maxlen: 24
92.242.216.0/23 maxlen: 23
92.242.218.0/23 maxlen: 23
92.242.218.0/24 maxlen: 24
92.242.219.0/24 maxlen: 24
92.242.220.0/24 maxlen: 24
92.242.221.0/24 maxlen: 24
92.242.223.0/24 maxlen: 24
185.14.160.0/22 maxlen: 22
185.14.160.0/24 maxlen: 24
185.14.162.0/24 maxlen: 24
185.14.163.0/24 maxlen: 24
185.225.240.0/22 maxlen: 24
185.225.240.0/24 maxlen: 24
185.225.241.0/24 maxlen: 24
185.225.242.0/23 maxlen: 23
185.225.242.0/24 maxlen: 24
2a00:15c8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1d:e1:01:e4:40:c1:0c:92:44:e5:37:4a:f7:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=750c0f8c51f050994aa2d3a9a8f3ca2ebb4e6665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:66:75:a2:88:ae:25:e1:6a:52:40:a3:68:
46:2b:3e:aa:c6:e5:d2:01:3e:b8:ec:f6:00:bd:5e:
c5:17:a1:02:17:f8:97:69:b2:e2:d9:e5:14:cf:69:
a5:d7:6a:9c:22:b1:76:32:26:bf:56:e3:f1:b7:f6:
a7:30:c1:61:a8:f4:a7:39:bf:ad:1f:40:8c:37:83:
e1:48:2a:24:18:ad:82:92:5d:23:84:fb:55:35:71:
d3:33:69:6e:66:6e:08:15:c3:42:ae:36:90:8a:07:
02:a7:35:2a:d9:c4:1b:ea:d7:2c:81:76:37:95:2e:
ca:ae:1d:04:71:e9:56:f8:cd:a0:d8:a4:98:1c:cb:
5d:dc:67:43:a8:ff:63:53:e8:56:26:3f:61:34:40:
be:44:25:45:d6:68:f8:33:10:b0:50:21:4d:b9:b1:
92:c5:84:f0:7e:31:49:38:c8:b2:74:c7:fb:60:b5:
fb:73:01:28:a5:3a:3e:75:3f:8e:67:40:7d:ba:0a:
c0:9b:74:d8:26:3f:f9:ed:dc:28:9a:06:91:a7:4a:
3a:1d:94:c7:de:c1:c1:57:25:ae:ab:48:3e:e4:1e:
7f:68:90:61:d3:06:b2:98:f4:ca:6f:d7:ea:0d:d3:
70:48:8a:1a:2c:c5:6e:13:74:f8:47:12:4b:5f:97:
98:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0C:0F:8C:51:F0:50:99:4A:A2:D3:A9:A8:F3:CA:2E:BB:4E:66:65
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/dQwPjFHwUJlKotOpqPPKLrtOZmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.64.0/19
92.242.192.0/19
185.14.160.0/22
185.225.240.0/22
IPv6:
2a00:15c8::/29
Signature Algorithm: sha256WithRSAEncryption
a3:fe:aa:93:04:ee:bf:54:a1:6c:80:82:4c:40:ed:6f:52:32:
18:3a:07:0e:6f:3c:da:af:6d:62:4d:4f:95:43:72:7f:39:87:
96:a4:91:ee:f6:11:5e:a0:1f:b5:83:7b:5b:56:26:84:ed:27:
64:94:47:ae:0a:e9:25:7f:68:00:fa:79:af:89:6a:95:cb:6e:
87:75:c1:8d:dd:32:ab:04:d5:bd:a4:d7:fd:f2:66:75:8a:82:
b1:9d:3e:b0:fd:0b:5b:86:c5:04:56:1c:f7:75:63:20:24:d5:
b6:6f:b3:72:e5:be:e8:8a:90:d9:3b:7e:1f:1d:ce:83:84:8d:
9d:b5:2f:db:9e:b5:be:a2:cd:44:d9:61:3e:7d:f7:c4:0d:b4:
69:e2:86:b2:c6:5c:5e:f0:1b:93:93:40:69:57:ee:80:c1:6b:
85:b2:b3:91:01:ff:ac:bc:a5:9e:1f:5b:23:d2:c3:ec:23:8e:
e0:83:21:67:ae:3a:5c:ea:38:2f:c4:8a:ee:57:31:87:54:26:
86:21:7a:ff:84:9c:8f:64:57:70:44:9c:e0:91:cf:95:e2:72:
50:47:a3:56:bd:bc:31:0c:3a:62:58:d8:5c:33:92:9f:69:3f:
22:93:46:ee:b8:3d:a3:10:c4:c0:46:49:f8:f2:56:6d:6b:35:
82:ac:d7:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj1x3hAeRAwQySROU3SvemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBjMGY4YzUxZjA1MDk5NGFhMmQzYTlhOGYzY2EyZWJiNGU2NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMhmdaKIriXhalJAo2hGKz6qxuXS
AT647PYAvV7FF6ECF/iXabLi2eUUz2ml12qcIrF2Mia/VuPxt/anMMFhqPSnOb+t
H0CMN4PhSCokGK2Ckl0jhPtVNXHTM2luZm4IFcNCrjaQigcCpzUq2cQb6tcsgXY3
lS7Krh0EcelW+M2g2KSYHMtd3GdDqP9jU+hWJj9hNEC+RCVF1mj4MxCwUCFNubGS
xYTwfjFJOMiydMf7YLX7cwEopTo+dT+OZ0B9ugrAm3TYJj/57dwomgaRp0o6HZTH
3sHBVyWuq0g+5B5/aJBh0waymPTKb9fqDdNwSIoaLMVuE3T4RxJLX5eY7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHUMD4xR8FCZSqLTqajzyi67TmZlMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvZFF3UGpGSHdVSmxLb3RPcHFQUEtMcnRPWm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFTe1AAwQF
XPLAAwQCuQ6gAwQCueHwMA0EAgACMAcDBQMqABXIMA0GCSqGSIb3DQEBCwUAA4IB
AQCj/qqTBO6/VKFsgIJMQO1vUjIYOgcObzzar21iTU+VQ3J/OYeWpJHu9hFeoB+1
g3tbViaE7SdklEeuCuklf2gA+nmviWqVy26HdcGN3TKrBNW9pNf98mZ1ioKxnT6w
/QtbhsUEVhz3dWMgJNW2b7Ny5b7oipDZO34fHc6DhI2dtS/bnrW+os1E2WE+fffE
DbRp4oayxlxe8BuTk0BpV+6AwWuFsrORAf+svKWeH1sj0sPsI47ggyFnrjpc6jgv
xIruVzGHVCaGIXr/hJyPZFdwRJzgkc+V4nJQR6NWvbwxDDpiWNhcM5KfaT8ik0bu
uD2jEMTARkn48lZtazWCrNdN
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:39:03 2025 by rpki-client