Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/ZDPhNVUK0sdebgDDFMUHQ_jGmsk.roa
File: ZDPhNVUK0sdebgDDFMUHQ_jGmsk.roa (raw, json)
Hash identifier: g/AXBXk9Xi3MG9XLTn54VYp4E84F+BbqDAWUKrBjtRA=
Subject key identifier: 64:33:E1:35:55:0A:D2:C7:5E:6E:00:C3:14:C5:07:43:F8:C6:9A:C9
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 018BF21F06CD06340BCE8BEEFDA69897D479
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/ZDPhNVUK0sdebgDDFMUHQ_jGmsk.roa
Signing time: Tue 21 Nov 2023 13:43:21 +0000
ROA not before: Tue 21 Nov 2023 13:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.192.0/21 maxlen: 22
77.120.200.0/21 maxlen: 22
77.120.208.0/21 maxlen: 22
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
109.201.232.0/22 maxlen: 23
77.121.17.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
109.201.228.0/22 maxlen: 23
77.121.13.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
77.121.12.0/24 maxlen: 24
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
109.201.238.0/23 maxlen: 24
77.121.21.0/24 maxlen: 24
109.201.236.0/23 maxlen: 24
77.121.20.0/24 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
109.201.240.0/20 maxlen: 21
77.121.26.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
77.121.64.0/21 maxlen: 22
77.120.216.0/22 maxlen: 23
77.120.224.0/20 maxlen: 21
77.120.220.0/22 maxlen: 23
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
109.201.226.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.224.0/24 maxlen: 24
77.121.8.0/22 maxlen: 23
77.120.52.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.60.0/22 maxlen: 23
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.4.0/24 maxlen: 24
77.120.0.0/20 maxlen: 21
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
93.73.0.0/16 maxlen: 17
93.72.0.0/16 maxlen: 17
93.72.0.0/15 maxlen: 16
95.69.232.0/24 maxlen: 24
141.170.244.0/22 maxlen: 23
141.170.250.0/23 maxlen: 24
141.170.248.0/23 maxlen: 24
141.170.248.0/21 maxlen: 22
95.69.240.0/21 maxlen: 22
95.69.253.0/24 maxlen: 24
95.69.252.0/24 maxlen: 24
95.69.255.0/24 maxlen: 24
95.69.254.0/24 maxlen: 24
82.144.192.0/19 maxlen: 20
77.123.64.0/19 maxlen: 20
77.123.0.0/18 maxlen: 19
77.123.32.0/19 maxlen: 20
77.123.160.0/19 maxlen: 20
95.69.192.0/20 maxlen: 21
141.170.226.0/24 maxlen: 24
141.170.226.0/23 maxlen: 24
141.170.224.0/23 maxlen: 24
95.69.208.0/20 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.228.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.236.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.240.0/22 maxlen: 23
141.170.239.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.237.0/24 maxlen: 24
95.69.224.0/21 maxlen: 22
77.123.96.0/21 maxlen: 22
77.123.104.0/21 maxlen: 22
95.69.128.0/20 maxlen: 21
95.69.144.0/21 maxlen: 22
77.123.112.0/21 maxlen: 22
95.69.152.0/22 maxlen: 23
77.123.120.0/21 maxlen: 22
77.123.128.0/19 maxlen: 20
95.69.156.0/22 maxlen: 23
95.69.160.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
188.230.28.0/22 maxlen: 23
188.230.26.0/23 maxlen: 24
188.230.32.0/21 maxlen: 22
188.230.40.0/21 maxlen: 22
188.230.48.0/21 maxlen: 22
188.230.56.0/21 maxlen: 22
188.230.64.0/21 maxlen: 22
188.230.71.0/24 maxlen: 24
188.230.78.0/23 maxlen: 24
188.230.77.0/24 maxlen: 24
188.230.76.0/24 maxlen: 24
77.122.128.0/17 maxlen: 18
188.230.74.0/23 maxlen: 24
188.230.73.0/24 maxlen: 24
188.230.72.0/24 maxlen: 24
188.230.0.0/21 maxlen: 22
188.230.0.0/22 maxlen: 23
188.230.4.0/23 maxlen: 24
188.230.7.0/24 maxlen: 24
188.230.8.0/21 maxlen: 22
188.230.16.0/21 maxlen: 22
188.230.24.0/23 maxlen: 24
77.244.32.0/20 maxlen: 21
188.230.80.0/21 maxlen: 22
188.230.88.0/22 maxlen: 23
188.230.98.0/24 maxlen: 24
188.230.96.0/23 maxlen: 24
188.230.95.0/24 maxlen: 24
188.230.94.0/24 maxlen: 24
188.230.92.0/23 maxlen: 24
188.230.105.0/24 maxlen: 24
188.230.104.0/24 maxlen: 24
188.230.103.0/24 maxlen: 24
188.230.102.0/24 maxlen: 24
188.230.100.0/24 maxlen: 24
188.230.99.0/24 maxlen: 24
188.230.112.0/24 maxlen: 24
188.230.111.0/24 maxlen: 24
188.230.109.0/24 maxlen: 24
188.230.108.0/24 maxlen: 24
188.230.107.0/24 maxlen: 24
188.230.106.0/24 maxlen: 24
188.230.116.0/23 maxlen: 24
188.230.115.0/24 maxlen: 24
188.230.113.0/24 maxlen: 24
77.121.128.0/20 maxlen: 21
77.121.144.0/20 maxlen: 21
77.121.160.0/19 maxlen: 20
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.112.0/20 maxlen: 21
77.122.0.0/17 maxlen: 18
77.122.0.0/16 maxlen: 17
77.121.192.0/20 maxlen: 21
77.121.192.0/19 maxlen: 20
77.121.208.0/21 maxlen: 22
77.121.216.0/21 maxlen: 22
77.121.224.0/19 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:1f:06:cd:06:34:0b:ce:8b:ee:fd:a6:98:97:d4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Nov 21 13:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6433e135550ad2c75e6e00c314c50743f8c69ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0b:90:63:6c:47:83:dd:43:c7:ef:1a:cf:c6:
1b:80:02:1d:35:8a:b9:29:c9:cd:57:8d:5a:2c:9b:
ad:cd:66:01:e2:0b:ac:ba:a1:eb:20:82:c4:e2:5c:
32:22:85:48:16:fd:7f:9c:39:e7:f9:2e:8f:62:8a:
16:6c:89:fa:ac:76:12:7d:64:9a:29:59:65:6a:bd:
3e:3b:4f:d7:b4:61:38:10:b1:86:ee:f6:7e:e8:d8:
1b:35:23:e6:f9:e3:d1:59:e8:3e:65:48:82:6d:10:
e3:a4:18:18:b7:95:4c:50:c1:ec:bf:27:53:63:93:
06:aa:32:59:0f:c4:cd:f5:89:4e:ba:dd:78:d6:11:
c4:bb:e8:80:3e:e7:6f:53:3a:09:fc:a3:1c:11:bd:
fb:db:06:a0:4d:08:11:f7:44:cc:6f:6c:75:2c:fc:
cd:79:f2:b2:87:af:61:a5:56:95:ab:84:de:3d:b2:
77:3c:51:a0:f0:b1:b7:ae:f2:b5:9c:d3:3f:71:fb:
d6:e9:e0:22:18:5b:42:a2:31:2f:88:00:7b:56:b5:
93:c9:52:ba:58:31:a3:c2:16:ed:37:73:13:e1:e1:
a8:20:0d:50:41:74:9c:32:6f:19:26:25:a2:24:2d:
15:45:bb:5b:df:a0:a2:3a:eb:89:23:f6:77:79:b7:
bd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:33:E1:35:55:0A:D2:C7:5E:6E:00:C3:14:C5:07:43:F8:C6:9A:C9
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/ZDPhNVUK0sdebgDDFMUHQ_jGmsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.121.13.255
77.121.15.0-77.121.26.255
77.121.28.0-77.121.30.255
77.121.64.0-77.123.191.255
77.244.32.0/20
82.144.192.0/19
93.72.0.0/15
95.69.128.0-95.69.232.255
95.69.240.0/21
95.69.252.0/22
109.201.224.0/19
141.170.224.0/19
188.230.0.0-188.230.100.255
188.230.102.0-188.230.109.255
188.230.111.0-188.230.113.255
188.230.115.0-188.230.117.255
Signature Algorithm: sha256WithRSAEncryption
0c:ab:95:4d:06:96:14:68:5b:0f:1f:d0:70:c5:ef:1c:d6:82:
65:4d:a6:0a:ee:c6:4d:89:03:b6:ca:5d:de:33:36:61:6c:4e:
6c:1c:f6:40:9b:34:5f:3a:ae:2b:de:d1:ed:b8:16:c5:0d:b9:
42:e6:d0:26:f2:a9:85:48:30:34:1b:28:7b:ef:05:17:21:05:
80:d8:b2:62:6a:81:a7:d6:bb:4c:d7:bc:a4:5d:f3:61:e2:b0:
1b:ff:ea:3d:69:17:20:b6:15:34:95:1f:da:31:40:ea:20:50:
34:25:8b:6b:da:58:93:37:eb:bb:41:8a:18:0e:ae:2b:61:0e:
c1:77:59:8d:7c:2e:fa:20:e0:9b:1a:19:18:80:47:67:62:77:
95:12:85:2d:90:08:b4:59:f7:2a:16:eb:2e:48:38:be:c2:e0:
ee:55:3f:a2:31:e6:f0:55:f5:5a:90:f2:7c:ca:01:a0:e4:73:
9a:dd:d8:5d:0a:4c:45:5f:fb:33:1c:81:bc:39:50:9f:02:28:
be:4c:72:d2:88:32:12:aa:31:a2:47:91:66:ce:12:92:84:10:
11:83:50:34:5b:08:65:f0:b7:37:8c:f7:c0:4c:71:9b:70:4e:
2e:6c:6f:15:38:11:68:5c:2c:6b:47:e1:7b:ad:63:48:09:9f:
14:c9:8f:6c
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYvyHwbNBjQLzovu/aaYl9R5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjMxMTIxMTM0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMzZTEzNTU1MGFkMmM3NWU2ZTAwYzMxNGM1MDc0M2Y4YzY5YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAuQY2xHg91Dx+8az8YbgAIdNYq5
KcnNV41aLJutzWYB4gusuqHrIILE4lwyIoVIFv1/nDnn+S6PYooWbIn6rHYSfWSa
KVllar0+O0/XtGE4ELGG7vZ+6NgbNSPm+ePRWeg+ZUiCbRDjpBgYt5VMUMHsvydT
Y5MGqjJZD8TN9YlOut141hHEu+iAPudvUzoJ/KMcEb372wagTQgR90TMb2x1LPzN
efKyh69hpVaVq4TePbJ3PFGg8LG3rvK1nNM/cfvW6eAiGFtCojEviAB7VrWTyVK6
WDGjwhbtN3MT4eGoIA1QQXScMm8ZJiWiJC0VRbtb36CiOuuJI/Z3ebe9/wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFGQz4TVVCtLHXm4AwxTFB0P4xprJMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvWkRQaE5WVUswc2RlYmdEREZNVUhRX2pHbXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBwAQCAAEwgbkwCwMD
A014AwQETXggAwQCTXg0MAwDBAJNeDwDBAFNeQwwDAMEAE15DwMEAE15GjAMAwQC
TXkcAwQATXkeMAwDBAZNeUADBAZNe4ADBARN9CADBAVSkMADAwFdSDAMAwQHX0WA
AwQAX0XoAwQDX0XwAwQCX0X8AwQFbcngAwQFjargMAsDAwG85gMEALzmZDAMAwQB
vOZmAwQBvOZsMAwDBAC85m8DBAG85nAwDAMEALzmcwMEAbzmdDANBgkqhkiG9w0B
AQsFAAOCAQEADKuVTQaWFGhbDx/QcMXvHNaCZU2mCu7GTYkDtspd3jM2YWxObBz2
QJs0XzquK97R7bgWxQ25QubQJvKphUgwNBsoe+8FFyEFgNiyYmqBp9a7TNe8pF3z
YeKwG//qPWkXILYVNJUf2jFA6iBQNCWLa9pYkzfru0GKGA6uK2EOwXdZjXwu+iDg
mxoZGIBHZ2J3lRKFLZAItFn3KhbrLkg4vsLg7lU/ojHm8FX1WpDyfMoBoORzmt3Y
XQpMRV/7MxyBvDlQnwIovkxy0ogyEqoxokeRZs4SkoQQEYNQNFsIZfC3N4z3wExx
m3BOLmxvFTgRaFwsa0fhe61jSAmfFMmPbA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:43:34 2025 by rpki-client