Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/1D0x6dPuKqp4ibubIT-xemyrYGY.roa
File: 1D0x6dPuKqp4ibubIT-xemyrYGY.roa (raw, json)
Hash identifier: AZpODPKvHNlc4ZQ46WdeyKSajOx1cUexZyGJrm8FkSQ=
Subject key identifier: D4:3D:31:E9:D3:EE:2A:AA:78:89:BB:9B:21:3F:B1:7A:6C:AB:60:66
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 018BA4CC539C0169C7B3578C85454B4D7387
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/1D0x6dPuKqp4ibubIT-xemyrYGY.roa
Signing time: Mon 06 Nov 2023 13:22:16 +0000
ROA not before: Mon 06 Nov 2023 13:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.192.0/21 maxlen: 22
77.120.200.0/21 maxlen: 22
77.120.208.0/21 maxlen: 22
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
77.121.17.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
77.121.13.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
77.121.12.0/24 maxlen: 24
109.201.232.0/22 maxlen: 23
109.201.228.0/22 maxlen: 23
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
77.121.21.0/24 maxlen: 24
77.121.20.0/24 maxlen: 24
109.201.238.0/23 maxlen: 24
109.201.236.0/23 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
77.121.26.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
109.201.240.0/20 maxlen: 21
93.74.0.0/17 maxlen: 18
93.74.0.0/16 maxlen: 17
77.121.64.0/21 maxlen: 22
77.120.216.0/22 maxlen: 23
77.120.224.0/20 maxlen: 21
77.120.220.0/22 maxlen: 23
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
109.201.226.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.224.0/24 maxlen: 24
77.121.8.0/22 maxlen: 23
77.120.52.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.60.0/22 maxlen: 23
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.0.0/20 maxlen: 21
77.120.4.0/24 maxlen: 24
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
93.73.0.0/16 maxlen: 17
93.72.0.0/16 maxlen: 17
93.72.0.0/15 maxlen: 16
95.69.232.0/24 maxlen: 24
141.170.244.0/22 maxlen: 23
141.170.250.0/23 maxlen: 24
141.170.248.0/23 maxlen: 24
141.170.248.0/21 maxlen: 22
95.69.240.0/21 maxlen: 22
95.69.253.0/24 maxlen: 24
95.69.252.0/24 maxlen: 24
95.69.255.0/24 maxlen: 24
95.69.254.0/24 maxlen: 24
82.144.192.0/19 maxlen: 20
77.123.64.0/19 maxlen: 20
77.123.0.0/18 maxlen: 19
93.75.224.0/19 maxlen: 20
77.123.32.0/19 maxlen: 20
77.123.160.0/19 maxlen: 20
95.69.192.0/20 maxlen: 21
141.170.226.0/23 maxlen: 24
141.170.224.0/23 maxlen: 24
141.170.226.0/24 maxlen: 24
95.69.208.0/20 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.228.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.239.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.237.0/24 maxlen: 24
95.69.224.0/21 maxlen: 22
141.170.236.0/24 maxlen: 24
141.170.240.0/22 maxlen: 23
77.123.96.0/21 maxlen: 22
77.123.104.0/21 maxlen: 22
95.69.128.0/20 maxlen: 21
95.69.144.0/21 maxlen: 22
77.123.112.0/21 maxlen: 22
95.69.152.0/22 maxlen: 23
77.123.120.0/21 maxlen: 22
77.123.128.0/19 maxlen: 20
95.69.156.0/22 maxlen: 23
95.69.160.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
188.230.28.0/22 maxlen: 23
188.230.26.0/23 maxlen: 24
188.230.32.0/21 maxlen: 22
188.230.40.0/21 maxlen: 22
93.75.64.0/21 maxlen: 22
188.230.48.0/21 maxlen: 22
188.230.56.0/21 maxlen: 22
93.75.72.0/21 maxlen: 22
188.230.64.0/21 maxlen: 22
93.75.80.0/21 maxlen: 22
188.230.71.0/24 maxlen: 24
188.230.78.0/23 maxlen: 24
77.122.128.0/17 maxlen: 18
188.230.74.0/23 maxlen: 24
188.230.77.0/24 maxlen: 24
188.230.76.0/24 maxlen: 24
188.230.73.0/24 maxlen: 24
188.230.72.0/24 maxlen: 24
93.75.0.0/19 maxlen: 20
188.230.0.0/21 maxlen: 22
188.230.0.0/22 maxlen: 23
188.230.4.0/23 maxlen: 24
188.230.8.0/21 maxlen: 22
188.230.7.0/24 maxlen: 24
188.230.16.0/21 maxlen: 22
93.75.32.0/19 maxlen: 20
188.230.24.0/23 maxlen: 24
93.75.160.0/21 maxlen: 22
93.75.168.0/21 maxlen: 22
93.75.176.0/21 maxlen: 22
93.75.184.0/21 maxlen: 22
77.244.32.0/20 maxlen: 21
188.230.80.0/21 maxlen: 22
93.75.96.0/19 maxlen: 20
188.230.88.0/22 maxlen: 23
188.230.96.0/23 maxlen: 24
188.230.92.0/23 maxlen: 24
188.230.98.0/24 maxlen: 24
188.230.95.0/24 maxlen: 24
188.230.94.0/24 maxlen: 24
188.230.105.0/24 maxlen: 24
188.230.104.0/24 maxlen: 24
188.230.103.0/24 maxlen: 24
188.230.102.0/24 maxlen: 24
188.230.100.0/24 maxlen: 24
188.230.99.0/24 maxlen: 24
188.230.112.0/24 maxlen: 24
188.230.111.0/24 maxlen: 24
188.230.109.0/24 maxlen: 24
188.230.108.0/24 maxlen: 24
188.230.107.0/24 maxlen: 24
188.230.106.0/24 maxlen: 24
188.230.116.0/23 maxlen: 24
93.75.128.0/19 maxlen: 20
188.230.115.0/24 maxlen: 24
188.230.113.0/24 maxlen: 24
77.121.128.0/20 maxlen: 21
77.121.144.0/20 maxlen: 21
77.121.160.0/19 maxlen: 20
93.74.128.0/17 maxlen: 18
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.112.0/20 maxlen: 21
77.122.0.0/17 maxlen: 18
77.122.0.0/16 maxlen: 17
77.121.192.0/20 maxlen: 21
77.121.192.0/19 maxlen: 20
77.121.208.0/21 maxlen: 22
77.121.216.0/21 maxlen: 22
77.121.224.0/19 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:cc:53:9c:01:69:c7:b3:57:8c:85:45:4b:4d:73:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Nov 6 13:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d43d31e9d3ee2aaa7889bb9b213fb17a6cab6066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e8:ec:d4:ea:e3:6c:3d:71:58:55:99:80:cc:
9b:80:3a:e4:da:a1:2c:23:d4:04:cf:4f:a7:ba:29:
ad:71:9e:12:ee:e0:bf:77:97:1e:69:d1:a5:01:95:
b8:9d:1c:73:ed:e2:ba:d5:67:0b:9e:02:82:a4:45:
e8:f0:fc:b2:ec:2f:ca:63:c0:3e:72:1d:69:68:87:
c5:3c:19:c5:46:b0:83:8b:9b:3f:f2:20:57:44:c8:
fc:00:7e:d8:8a:5d:23:16:5f:2a:f4:38:80:dc:63:
b6:5e:df:15:ae:c9:51:49:ce:52:62:2d:ca:16:55:
03:66:63:f6:6f:3e:fd:50:20:fb:bd:91:5b:7f:dc:
5e:25:ef:fb:d3:24:48:46:fa:1d:0f:55:8b:bc:df:
48:59:e2:98:c1:68:f3:c1:aa:18:4d:be:31:57:28:
77:82:8e:6f:bc:62:70:39:16:59:fd:0b:df:3f:be:
98:79:d9:c3:50:a7:a0:1c:84:f1:e6:66:41:99:80:
9d:da:0d:b4:fd:61:dc:33:70:78:58:a8:e6:4d:dc:
34:00:67:95:79:24:5c:d6:f7:7c:76:ea:43:e6:ca:
e3:bf:d5:9d:1c:db:7b:66:af:cd:21:9a:16:59:20:
2f:32:91:bb:3b:13:58:2b:82:81:ec:1f:10:d7:62:
a8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3D:31:E9:D3:EE:2A:AA:78:89:BB:9B:21:3F:B1:7A:6C:AB:60:66
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/1D0x6dPuKqp4ibubIT-xemyrYGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.121.13.255
77.121.15.0-77.121.26.255
77.121.28.0-77.121.30.255
77.121.64.0-77.123.191.255
77.244.32.0/20
82.144.192.0/19
93.72.0.0-93.75.87.255
93.75.96.0-93.75.191.255
93.75.224.0/19
95.69.128.0-95.69.232.255
95.69.240.0/21
95.69.252.0/22
109.201.224.0/19
141.170.224.0/19
188.230.0.0-188.230.100.255
188.230.102.0-188.230.109.255
188.230.111.0-188.230.113.255
188.230.115.0-188.230.117.255
Signature Algorithm: sha256WithRSAEncryption
be:6e:e7:8e:e1:12:95:42:64:f1:d1:8c:16:74:9e:14:99:ee:
58:e4:be:c2:3f:13:24:23:7d:dd:b9:69:67:81:c1:d2:7b:42:
31:1f:b2:47:52:1d:9b:1a:1d:3b:4b:d7:75:01:a6:91:3b:c4:
13:b4:2e:30:d9:fd:e6:ab:97:b5:5b:da:8b:1b:a1:9d:08:36:
2c:3f:b9:58:66:a3:09:ba:04:f7:ca:e4:0f:72:a7:bb:78:d5:
d8:2b:c4:a5:b6:f5:dd:ad:31:7a:51:00:01:b6:c9:56:2b:23:
d5:b1:55:df:d9:f7:25:e8:ae:62:cc:41:38:1d:7a:3b:7c:d0:
ad:c2:70:2e:f1:43:f0:0d:2f:0c:6b:6c:36:4f:84:06:a8:4e:
f1:81:84:7b:09:4b:2f:43:90:f1:79:a4:2f:fe:ba:c3:80:3d:
34:9e:5b:3e:d3:12:05:54:34:30:e9:2f:0d:a8:8a:10:14:f2:
b7:31:c5:42:c6:28:47:02:0e:3f:e6:94:b1:0f:af:34:8b:b4:
62:34:30:02:75:74:49:43:7b:e8:ec:93:27:e0:fa:67:63:96:
64:63:db:b0:92:63:0c:c6:f5:61:f4:7d:4f:6c:21:bb:98:22:
7a:95:3b:c0:df:61:f0:52:ad:96:5d:a5:bf:97:64:c5:94:80:
61:06:f2:36
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAYukzFOcAWnHs1eMhUVLTXOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjMxMTA2MTMyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNkMzFlOWQzZWUyYWFhNzg4OWJiOWIyMTNmYjE3YTZjYWI2MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOjs1OrjbD1xWFWZgMybgDrk2qEs
I9QEz0+nuimtcZ4S7uC/d5ceadGlAZW4nRxz7eK61WcLngKCpEXo8Pyy7C/KY8A+
ch1paIfFPBnFRrCDi5s/8iBXRMj8AH7Yil0jFl8q9DiA3GO2Xt8VrslRSc5SYi3K
FlUDZmP2bz79UCD7vZFbf9xeJe/70yRIRvodD1WLvN9IWeKYwWjzwaoYTb4xVyh3
go5vvGJwORZZ/QvfP76YednDUKegHITx5mZBmYCd2g20/WHcM3B4WKjmTdw0AGeV
eSRc1vd8dupD5srjv9WdHNt7Zq/NIZoWWSAvMpG7OxNYK4KB7B8Q12KoYQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFNQ9MenT7iqqeIm7myE/sXpsq2BmMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvMUQweDZkUHVLcXA0aWJ1YklULXhlbXlyWUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCB3AQCAAEwgdUwCwMD
A014AwQETXggAwQCTXg0MAwDBAJNeDwDBAFNeQwwDAMEAE15DwMEAE15GjAMAwQC
TXkcAwQATXkeMAwDBAZNeUADBAZNe4ADBARN9CADBAVSkMAwCwMDA11IAwQDXUtQ
MAwDBAVdS2ADBAZdS4ADBAVdS+AwDAMEB19FgAMEAF9F6AMEA19F8AMEAl9F/AME
BW3J4AMEBY2q4DALAwMBvOYDBAC85mQwDAMEAbzmZgMEAbzmbDAMAwQAvOZvAwQB
vOZwMAwDBAC85nMDBAG85nQwDQYJKoZIhvcNAQELBQADggEBAL5u547hEpVCZPHR
jBZ0nhSZ7ljkvsI/EyQjfd25aWeBwdJ7QjEfskdSHZsaHTtL13UBppE7xBO0LjDZ
/earl7Vb2osboZ0INiw/uVhmowm6BPfK5A9yp7t41dgrxKW29d2tMXpRAAG2yVYr
I9WxVd/Z9yXormLMQTgdejt80K3CcC7xQ/ANLwxrbDZPhAaoTvGBhHsJSy9DkPF5
pC/+usOAPTSeWz7TEgVUNDDpLw2oihAU8rcxxULGKEcCDj/mlLEPrzSLtGI0MAJ1
dElDe+jskyfg+mdjlmRj27CSYwzG9WH0fU9sIbuYInqVO8DfYfBSrZZdpb+XZMWU
gGEG8jY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:17 2024 by rpki-client on console-ams.rpki-client.org