Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/f7mnMTriKslGNKoIAxNwZRTD-KU.roa
File: f7mnMTriKslGNKoIAxNwZRTD-KU.roa (raw, json)
Hash identifier: HhnlRqtQ+AC4v/k796O77hwIFNcRoysQwk0hBRjJC+I=
Subject key identifier: 7F:B9:A7:31:3A:E2:2A:C9:46:34:AA:08:03:13:70:65:14:C3:F8:A5
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 018EF001ED39EA68859D975ADD0A03E1F263
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/f7mnMTriKslGNKoIAxNwZRTD-KU.roa
Signing time: Thu 18 Apr 2024 07:00:41 +0000
ROA not before: Thu 18 Apr 2024 07:00:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.0.0/20 maxlen: 21
77.120.4.0/24 maxlen: 24
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
77.120.52.0/22 maxlen: 23
77.120.60.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
77.120.192.0/21 maxlen: 24
77.120.200.0/21 maxlen: 22
77.120.208.0/21 maxlen: 24
77.120.211.0/24 maxlen: 24
77.120.212.0/23 maxlen: 24
77.120.214.0/23 maxlen: 24
77.120.216.0/22 maxlen: 23
77.120.220.0/22 maxlen: 23
77.120.224.0/20 maxlen: 21
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
77.121.8.0/22 maxlen: 23
77.121.12.0/24 maxlen: 24
77.121.13.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.17.0/24 maxlen: 24
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.20.0/24 maxlen: 24
77.121.21.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
77.121.26.0/24 maxlen: 24
77.121.27.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.64.0/21 maxlen: 22
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.96.0/20 maxlen: 21
77.121.112.0/20 maxlen: 21
77.121.128.0/20 maxlen: 21
77.121.144.0/20 maxlen: 21
77.121.160.0/19 maxlen: 20
77.121.192.0/19 maxlen: 20
77.121.192.0/20 maxlen: 21
77.121.208.0/21 maxlen: 22
77.121.216.0/21 maxlen: 22
77.121.224.0/19 maxlen: 20
77.122.128.0/17 maxlen: 18
77.123.0.0/18 maxlen: 19
77.123.32.0/19 maxlen: 20
77.123.64.0/19 maxlen: 20
77.123.128.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
77.123.160.0/19 maxlen: 20
77.244.32.0/20 maxlen: 21
82.144.192.0/19 maxlen: 20
95.69.128.0/20 maxlen: 21
95.69.144.0/21 maxlen: 22
95.69.152.0/22 maxlen: 23
95.69.156.0/22 maxlen: 23
95.69.160.0/19 maxlen: 20
95.69.192.0/20 maxlen: 21
95.69.208.0/20 maxlen: 24
95.69.224.0/21 maxlen: 22
95.69.232.0/24 maxlen: 24
95.69.240.0/21 maxlen: 22
95.69.252.0/24 maxlen: 24
95.69.253.0/24 maxlen: 24
95.69.254.0/24 maxlen: 24
95.69.255.0/24 maxlen: 24
109.201.224.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.226.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
109.201.228.0/22 maxlen: 23
109.201.232.0/22 maxlen: 23
109.201.236.0/23 maxlen: 24
109.201.238.0/23 maxlen: 24
109.201.240.0/20 maxlen: 21
141.170.224.0/23 maxlen: 24
141.170.226.0/23 maxlen: 24
141.170.226.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.228.0/24 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.236.0/24 maxlen: 24
141.170.237.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.239.0/24 maxlen: 24
141.170.240.0/22 maxlen: 23
141.170.244.0/22 maxlen: 23
141.170.248.0/21 maxlen: 22
141.170.248.0/23 maxlen: 24
141.170.250.0/23 maxlen: 24
188.230.0.0/21 maxlen: 22
188.230.0.0/22 maxlen: 23
188.230.4.0/23 maxlen: 24
188.230.7.0/24 maxlen: 24
188.230.8.0/21 maxlen: 22
188.230.16.0/21 maxlen: 22
188.230.24.0/23 maxlen: 24
188.230.26.0/23 maxlen: 24
188.230.28.0/22 maxlen: 23
188.230.32.0/21 maxlen: 22
188.230.40.0/21 maxlen: 22
188.230.48.0/21 maxlen: 22
188.230.56.0/21 maxlen: 22
188.230.64.0/21 maxlen: 22
188.230.71.0/24 maxlen: 24
188.230.72.0/24 maxlen: 24
188.230.73.0/24 maxlen: 24
188.230.74.0/23 maxlen: 24
188.230.76.0/24 maxlen: 24
188.230.77.0/24 maxlen: 24
188.230.78.0/23 maxlen: 24
188.230.80.0/21 maxlen: 22
188.230.88.0/22 maxlen: 23
188.230.92.0/23 maxlen: 24
188.230.94.0/24 maxlen: 24
188.230.95.0/24 maxlen: 24
188.230.96.0/23 maxlen: 24
188.230.98.0/24 maxlen: 24
188.230.99.0/24 maxlen: 24
188.230.100.0/24 maxlen: 24
188.230.102.0/24 maxlen: 24
188.230.103.0/24 maxlen: 24
188.230.104.0/24 maxlen: 24
188.230.105.0/24 maxlen: 24
188.230.106.0/24 maxlen: 24
188.230.107.0/24 maxlen: 24
188.230.108.0/24 maxlen: 24
188.230.109.0/24 maxlen: 24
188.230.111.0/24 maxlen: 24
188.230.112.0/24 maxlen: 24
188.230.113.0/24 maxlen: 24
188.230.115.0/24 maxlen: 24
188.230.116.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:01:ed:39:ea:68:85:9d:97:5a:dd:0a:03:e1:f2:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: Apr 18 07:00:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fb9a7313ae22ac94634aa080313706514c3f8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2c:ea:54:c6:a2:2e:92:91:ee:e8:6d:82:38:
b6:a8:4a:c0:a9:01:1c:4a:11:a4:b8:6d:f7:83:86:
5c:16:93:e3:31:fc:0e:02:1e:c9:b3:f6:67:a9:34:
22:2d:08:18:cc:bf:8c:65:94:6c:26:5b:d7:85:e3:
16:73:4c:96:d5:86:8c:10:25:55:8e:6c:da:e6:c4:
22:ac:90:3e:fa:50:a5:f1:e0:2a:a5:a9:1c:43:d6:
c7:52:43:8a:56:d6:cc:66:d5:15:ad:be:3e:e9:1a:
94:cd:92:be:0a:81:8f:52:f6:f9:67:79:f9:7f:1c:
13:66:32:9a:03:cc:76:95:c5:90:0e:40:16:cf:7d:
28:ed:f1:26:24:54:aa:77:5d:35:fb:ee:48:b0:3e:
99:e4:95:6c:bc:ea:16:62:e2:07:fb:ce:4e:94:8b:
86:b9:c8:ac:e6:43:64:dc:52:c2:df:f9:bc:be:96:
3f:5f:50:7b:0a:bf:c7:92:31:36:59:99:5c:4a:57:
a9:30:2d:26:ed:e3:db:28:da:9b:06:06:38:3a:68:
46:1d:be:f2:46:b7:cd:c3:c3:e3:d1:96:bd:b3:6f:
9c:5d:70:58:b2:81:e2:02:54:1a:f4:05:10:e3:5e:
47:74:fb:dd:a7:fd:dc:3f:3a:dc:5e:e7:f3:07:0c:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B9:A7:31:3A:E2:2A:C9:46:34:AA:08:03:13:70:65:14:C3:F8:A5
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/f7mnMTriKslGNKoIAxNwZRTD-KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.121.13.255
77.121.15.0-77.121.30.255
77.121.64.0-77.121.255.255
77.122.128.0-77.123.95.255
77.123.128.0/18
77.244.32.0/20
82.144.192.0/19
95.69.128.0-95.69.232.255
95.69.240.0/21
95.69.252.0/22
109.201.224.0/19
141.170.224.0/19
188.230.0.0-188.230.100.255
188.230.102.0-188.230.109.255
188.230.111.0-188.230.113.255
188.230.115.0-188.230.117.255
Signature Algorithm: sha256WithRSAEncryption
79:fe:17:e2:bf:a0:38:a1:80:ab:c8:7f:56:0d:a6:16:b1:0f:
e2:c2:f5:13:c3:5a:51:b7:b8:0f:83:fb:b4:47:9e:1c:05:82:
b2:4d:75:ae:5b:6e:31:f8:a7:81:5b:23:e7:84:6d:27:e4:be:
1b:63:76:34:b2:47:4f:5f:71:4a:60:f7:e2:71:01:3e:c2:c8:
03:12:1a:96:bd:4b:06:40:36:06:ce:2d:7e:b0:9e:ef:c1:fa:
57:f8:34:41:2a:a2:24:e5:1b:88:ed:18:bb:e1:28:21:b9:79:
36:8e:0e:47:3c:d5:f1:f1:09:7b:82:a7:97:c1:87:8d:ab:2b:
88:44:b2:be:80:6a:88:24:51:21:e6:3e:11:14:28:b9:06:66:
20:31:41:26:0e:6b:48:c2:5d:8a:10:b8:7b:05:68:4d:97:c8:
97:61:8a:08:b0:7a:bb:25:6e:80:89:56:8c:e8:a4:2e:66:fc:
fc:98:8c:af:09:fe:d7:65:1d:80:ec:f8:4d:5f:b7:0b:a7:24:
f9:bb:42:88:ba:6f:9a:75:29:bf:80:91:aa:05:66:8d:a9:6c:
90:87:22:b8:6f:e7:27:f1:78:63:24:82:01:dc:bb:9c:cd:63:
0c:c1:4b:7a:a5:8b:df:55:f5:f8:75:67:33:71:8c:5c:9b:86:
b2:15:64:11
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY7wAe056miFnZda3QoD4fJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjQwNDE4MDcwMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmI5YTczMTNhZTIyYWM5NDYzNGFhMDgwMzEzNzA2NTE0YzNmOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkizqVMaiLpKR7uhtgji2qErAqQEc
ShGkuG33g4ZcFpPjMfwOAh7Js/ZnqTQiLQgYzL+MZZRsJlvXheMWc0yW1YaMECVV
jmza5sQirJA++lCl8eAqpakcQ9bHUkOKVtbMZtUVrb4+6RqUzZK+CoGPUvb5Z3n5
fxwTZjKaA8x2lcWQDkAWz30o7fEmJFSqd101++5IsD6Z5JVsvOoWYuIH+85OlIuG
ucis5kNk3FLC3/m8vpY/X1B7Cr/HkjE2WZlcSlepMC0m7ePbKNqbBgY4OmhGHb7y
RrfNw8Pj0Za9s2+cXXBYsoHiAlQa9AUQ415HdPvdp/3cPzrcXufzBwygXQIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFH+5pzE64irJRjSqCAMTcGUUw/ilMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvZjdtbk1UcmlLc2xHTktvSUF4TndaUlRELUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBwAQCAAEwgbkwCwMD
A014AwQETXggAwQCTXg0MAwDBAJNeDwDBAFNeQwwDAMEAE15DwMEAE15HjALAwQG
TXlAAwMBTXgwDAMEB016gAMEBU17QAMEBk17gAMEBE30IAMEBVKQwDAMAwQHX0WA
AwQAX0XoAwQDX0XwAwQCX0X8AwQFbcngAwQFjargMAsDAwG85gMEALzmZDAMAwQB
vOZmAwQBvOZsMAwDBAC85m8DBAG85nAwDAMEALzmcwMEAbzmdDANBgkqhkiG9w0B
AQsFAAOCAQEAef4X4r+gOKGAq8h/Vg2mFrEP4sL1E8NaUbe4D4P7tEeeHAWCsk11
rltuMfingVsj54RtJ+S+G2N2NLJHT19xSmD34nEBPsLIAxIalr1LBkA2Bs4tfrCe
78H6V/g0QSqiJOUbiO0Yu+EoIbl5No4ORzzV8fEJe4Knl8GHjasriESyvoBqiCRR
IeY+ERQouQZmIDFBJg5rSMJdihC4ewVoTZfIl2GKCLB6uyVugIlWjOikLmb8/JiM
rwn+12UdgOz4TV+3C6ck+btCiLpvmnUpv4CRqgVmjalskIciuG/nJ/F4YySCAdy7
nM1jDMFLeqWL31X1+HVnM3GMXJuGshVkEQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:50:37 2025 by rpki-client