Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/hVwSsep8DAt1HRKsLDtBupwrJYg.roa
File: hVwSsep8DAt1HRKsLDtBupwrJYg.roa (raw, json)
Hash identifier: nkWQxcfEoQY1E5IJLDVBo3fzhZeuCIn52qyamOa1Smc=
Subject key identifier: 85:5C:12:B1:EA:7C:0C:0B:75:1D:12:AC:2C:3B:41:BA:9C:2B:25:88
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 018F5C6E328695F8EB39DBFA3EC3F631FCC7
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/hVwSsep8DAt1HRKsLDtBupwrJYg.roa
Signing time: Thu 09 May 2024 08:17:56 +0000
ROA not before: Thu 09 May 2024 08:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.0.0/20 maxlen: 24
77.120.4.0/24 maxlen: 24
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
77.120.52.0/22 maxlen: 23
77.120.60.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
77.120.192.0/21 maxlen: 24
77.120.200.0/21 maxlen: 22
77.120.208.0/21 maxlen: 24
77.120.211.0/24 maxlen: 24
77.120.212.0/23 maxlen: 24
77.120.214.0/23 maxlen: 24
77.120.216.0/22 maxlen: 23
77.120.220.0/22 maxlen: 23
77.120.224.0/20 maxlen: 21
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
77.121.8.0/22 maxlen: 23
77.121.12.0/24 maxlen: 24
77.121.13.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.17.0/24 maxlen: 24
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.20.0/24 maxlen: 24
77.121.21.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
77.121.26.0/24 maxlen: 24
77.121.27.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.64.0/21 maxlen: 22
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.96.0/20 maxlen: 21
77.121.112.0/20 maxlen: 21
77.121.128.0/20 maxlen: 21
77.121.144.0/20 maxlen: 21
77.121.160.0/19 maxlen: 20
77.121.192.0/19 maxlen: 20
77.121.192.0/20 maxlen: 21
77.121.208.0/21 maxlen: 22
77.121.216.0/21 maxlen: 22
77.121.224.0/19 maxlen: 20
77.122.128.0/17 maxlen: 18
77.123.0.0/18 maxlen: 19
77.123.32.0/19 maxlen: 20
77.123.64.0/19 maxlen: 20
77.123.128.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
77.123.160.0/20 maxlen: 24
77.244.32.0/20 maxlen: 21
82.144.192.0/19 maxlen: 20
109.201.224.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.226.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
109.201.228.0/22 maxlen: 23
109.201.232.0/22 maxlen: 23
109.201.236.0/23 maxlen: 24
109.201.238.0/23 maxlen: 24
109.201.240.0/20 maxlen: 21
141.170.224.0/23 maxlen: 24
141.170.226.0/23 maxlen: 24
141.170.226.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.228.0/24 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.236.0/24 maxlen: 24
141.170.237.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.239.0/24 maxlen: 24
141.170.240.0/22 maxlen: 23
141.170.244.0/22 maxlen: 23
141.170.248.0/21 maxlen: 22
141.170.248.0/23 maxlen: 24
141.170.250.0/23 maxlen: 24
188.230.0.0/21 maxlen: 22
188.230.0.0/22 maxlen: 23
188.230.4.0/23 maxlen: 24
188.230.7.0/24 maxlen: 24
188.230.8.0/21 maxlen: 22
188.230.16.0/21 maxlen: 22
188.230.24.0/23 maxlen: 24
188.230.26.0/23 maxlen: 24
188.230.28.0/22 maxlen: 23
188.230.32.0/21 maxlen: 22
188.230.40.0/21 maxlen: 22
188.230.48.0/21 maxlen: 22
188.230.56.0/21 maxlen: 22
188.230.64.0/21 maxlen: 22
188.230.71.0/24 maxlen: 24
188.230.72.0/24 maxlen: 24
188.230.73.0/24 maxlen: 24
188.230.74.0/23 maxlen: 24
188.230.76.0/24 maxlen: 24
188.230.77.0/24 maxlen: 24
188.230.78.0/23 maxlen: 24
188.230.80.0/21 maxlen: 22
188.230.88.0/22 maxlen: 23
188.230.92.0/23 maxlen: 24
188.230.94.0/24 maxlen: 24
188.230.95.0/24 maxlen: 24
188.230.96.0/23 maxlen: 24
188.230.98.0/24 maxlen: 24
188.230.99.0/24 maxlen: 24
188.230.100.0/24 maxlen: 24
188.230.102.0/24 maxlen: 24
188.230.103.0/24 maxlen: 24
188.230.104.0/24 maxlen: 24
188.230.105.0/24 maxlen: 24
188.230.106.0/24 maxlen: 24
188.230.107.0/24 maxlen: 24
188.230.108.0/24 maxlen: 24
188.230.109.0/24 maxlen: 24
188.230.111.0/24 maxlen: 24
188.230.112.0/24 maxlen: 24
188.230.113.0/24 maxlen: 24
188.230.115.0/24 maxlen: 24
188.230.116.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:6e:32:86:95:f8:eb:39:db:fa:3e:c3:f6:31:fc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: May 9 08:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=855c12b1ea7c0c0b751d12ac2c3b41ba9c2b2588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6f:50:c6:d4:7c:ea:53:66:44:64:85:b6:3a:
1e:2f:07:51:8f:ca:e3:9b:da:7e:70:d9:09:11:db:
ee:1c:2a:dc:d6:5b:39:0b:45:2c:18:ec:d6:c9:21:
68:55:66:f5:1f:e5:4a:e3:d7:76:fc:49:b5:9c:ba:
5f:a0:74:b4:59:74:65:1d:8a:5d:16:d2:30:a4:6a:
0d:c2:d8:eb:6e:dd:48:0b:ef:52:8c:fb:4f:99:d5:
de:ac:e1:a0:02:e5:d0:ef:f0:da:dd:dd:ee:8d:58:
28:f9:08:be:aa:de:1e:8c:17:87:4b:71:a7:87:34:
49:1a:c4:14:a3:ee:dc:cd:93:74:1a:10:42:9c:ef:
5e:69:10:c5:e8:1b:23:a8:ab:4f:64:6c:97:bf:95:
4b:03:10:ad:fb:76:f8:a3:aa:20:24:d9:69:3c:33:
e9:03:29:ed:18:28:ac:98:a0:0a:15:bf:ae:5e:26:
f9:a6:db:d1:69:1e:1f:c8:0c:77:08:da:af:f3:11:
25:78:39:5f:5d:ed:d7:58:de:ce:7f:b5:3e:49:05:
d3:63:44:f4:78:e0:97:d2:68:d4:d2:ee:16:37:62:
f5:ae:16:c5:20:94:36:a5:d7:f0:c8:ff:3f:96:2f:
c3:4c:a5:64:9e:39:30:8c:6e:22:4b:c0:70:d4:bc:
e6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5C:12:B1:EA:7C:0C:0B:75:1D:12:AC:2C:3B:41:BA:9C:2B:25:88
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/hVwSsep8DAt1HRKsLDtBupwrJYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.121.13.255
77.121.15.0-77.121.30.255
77.121.64.0-77.121.255.255
77.122.128.0-77.123.95.255
77.123.128.0-77.123.175.255
77.244.32.0/20
82.144.192.0/19
109.201.224.0/19
141.170.224.0/19
188.230.0.0-188.230.100.255
188.230.102.0-188.230.109.255
188.230.111.0-188.230.113.255
188.230.115.0-188.230.117.255
Signature Algorithm: sha256WithRSAEncryption
68:e4:3e:b9:f6:1f:a1:f7:c1:ff:4e:2a:b3:14:e3:91:05:17:
e3:ea:13:22:a2:85:28:ea:42:6e:fa:d4:09:85:86:00:e1:8e:
28:a7:1c:40:eb:3b:19:0e:1c:5a:31:de:b4:33:4d:42:bf:0a:
e8:d7:72:a0:a4:b8:37:5f:a8:2c:d3:0e:e2:64:2b:c2:6e:1c:
85:da:78:bc:2e:8c:62:d0:c9:de:ee:d1:7e:22:0c:df:fa:ac:
4e:a0:ef:77:82:13:8f:25:69:af:f5:ca:7b:4a:f3:ae:7d:14:
cc:19:3d:c0:f9:cb:80:84:8d:bc:63:d2:f5:02:d9:33:f7:08:
8d:0f:fb:44:3a:d4:78:c5:de:21:9d:a2:d6:c4:1b:87:2b:2d:
79:7a:c3:c0:05:67:90:4d:d1:45:be:f9:0c:4e:1c:1b:05:d6:
d2:fa:43:39:7f:2f:ba:d5:75:df:2d:7e:d0:0d:0e:c9:a3:d6:
c4:64:57:79:c3:ae:1a:1e:c5:75:98:66:ee:b4:3d:57:c9:f5:
47:5f:ee:fa:40:15:74:25:48:a2:6a:c4:95:59:62:90:ae:a7:
b5:f6:ed:f0:06:05:a0:05:07:b0:34:0c:2f:1a:c4:a1:8c:fa:
1b:9b:1a:01:c4:c4:91:c7:81:8b:bf:86:6f:9c:c9:f5:60:5d:
a4:90:1f:fa
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY9cbjKGlfjrOdv6PsP2MfzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjQwNTA5MDgxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTVjMTJiMWVhN2MwYzBiNzUxZDEyYWMyYzNiNDFiYTljMmIyNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA029QxtR86lNmRGSFtjoeLwdRj8rj
m9p+cNkJEdvuHCrc1ls5C0UsGOzWySFoVWb1H+VK49d2/Em1nLpfoHS0WXRlHYpd
FtIwpGoNwtjrbt1IC+9SjPtPmdXerOGgAuXQ7/Da3d3ujVgo+Qi+qt4ejBeHS3Gn
hzRJGsQUo+7czZN0GhBCnO9eaRDF6BsjqKtPZGyXv5VLAxCt+3b4o6ogJNlpPDPp
AyntGCismKAKFb+uXib5ptvRaR4fyAx3CNqv8xEleDlfXe3XWN7Of7U+SQXTY0T0
eOCX0mjU0u4WN2L1rhbFIJQ2pdfwyP8/li/DTKVknjkwjG4iS8Bw1LzmPQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFIVcErHqfAwLdR0SrCw7QbqcKyWIMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvaFZ3U3NlcDhEQXQxSFJLc0xEdEJ1cHdySllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBrgQCAAEwgacwCwMD
A014AwQETXggAwQCTXg0MAwDBAJNeDwDBAFNeQwwDAMEAE15DwMEAE15HjALAwQG
TXlAAwMBTXgwDAMEB016gAMEBU17QDAMAwQHTXuAAwQETXugAwQETfQgAwQFUpDA
AwQFbcngAwQFjargMAsDAwG85gMEALzmZDAMAwQBvOZmAwQBvOZsMAwDBAC85m8D
BAG85nAwDAMEALzmcwMEAbzmdDANBgkqhkiG9w0BAQsFAAOCAQEAaOQ+ufYfoffB
/04qsxTjkQUX4+oTIqKFKOpCbvrUCYWGAOGOKKccQOs7GQ4cWjHetDNNQr8K6Ndy
oKS4N1+oLNMO4mQrwm4chdp4vC6MYtDJ3u7RfiIM3/qsTqDvd4ITjyVpr/XKe0rz
rn0UzBk9wPnLgISNvGPS9QLZM/cIjQ/7RDrUeMXeIZ2i1sQbhysteXrDwAVnkE3R
Rb75DE4cGwXW0vpDOX8vutV13y1+0A0OyaPWxGRXecOuGh7FdZhm7rQ9V8n1R1/u
+kAVdCVIomrElVlikK6ntfbt8AYFoAUHsDQMLxrEoYz6G5saAcTEkceBi7+Gb5zJ
9WBdpJAf+g==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:52:08 2025 by rpki-client