Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/mtCgM8EhSGhei3JWBz00QdISvpQ.roa
File: mtCgM8EhSGhei3JWBz00QdISvpQ.roa (raw, json)
Hash identifier: Uq3XKgupHKsAz28RRlYpcQXTvcsYtmrmMZe3TtixrFE=
Subject key identifier: 9A:D0:A0:33:C1:21:48:68:5E:8B:72:56:07:3D:34:41:D2:12:BE:94
Certificate issuer: /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial: 018F71B9B015F77F1C3F24FF148DC4F03045
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/mtCgM8EhSGhei3JWBz00QdISvpQ.roa
Signing time: Mon 13 May 2024 11:32:25 +0000
ROA not before: Mon 13 May 2024 11:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25229
IP address blocks: 77.120.0.0/20 maxlen: 24
77.120.4.0/24 maxlen: 24
77.120.6.0/24 maxlen: 24
77.120.16.0/20 maxlen: 21
77.120.32.0/20 maxlen: 21
77.120.52.0/22 maxlen: 23
77.120.60.0/22 maxlen: 23
77.120.64.0/21 maxlen: 22
77.120.72.0/21 maxlen: 22
77.120.80.0/20 maxlen: 21
77.120.96.0/19 maxlen: 20
77.120.112.0/22 maxlen: 22
77.120.128.0/18 maxlen: 24
77.120.192.0/21 maxlen: 24
77.120.200.0/21 maxlen: 22
77.120.208.0/21 maxlen: 24
77.120.211.0/24 maxlen: 24
77.120.212.0/23 maxlen: 24
77.120.214.0/23 maxlen: 24
77.120.216.0/22 maxlen: 23
77.120.220.0/22 maxlen: 24
77.120.224.0/20 maxlen: 21
77.120.240.0/20 maxlen: 21
77.120.248.0/21 maxlen: 22
77.121.0.0/21 maxlen: 22
77.121.8.0/22 maxlen: 23
77.121.12.0/24 maxlen: 24
77.121.13.0/24 maxlen: 24
77.121.15.0/24 maxlen: 24
77.121.16.0/24 maxlen: 24
77.121.17.0/24 maxlen: 24
77.121.18.0/24 maxlen: 24
77.121.19.0/24 maxlen: 24
77.121.20.0/24 maxlen: 24
77.121.21.0/24 maxlen: 24
77.121.22.0/24 maxlen: 24
77.121.23.0/24 maxlen: 24
77.121.24.0/24 maxlen: 24
77.121.25.0/24 maxlen: 24
77.121.26.0/24 maxlen: 24
77.121.27.0/24 maxlen: 24
77.121.28.0/24 maxlen: 24
77.121.29.0/24 maxlen: 24
77.121.30.0/24 maxlen: 24
77.121.64.0/21 maxlen: 22
77.121.72.0/21 maxlen: 22
77.121.80.0/20 maxlen: 21
77.121.96.0/19 maxlen: 20
77.121.96.0/20 maxlen: 21
77.121.112.0/20 maxlen: 21
77.121.128.0/20 maxlen: 21
77.121.160.0/19 maxlen: 20
77.122.128.0/17 maxlen: 18
77.123.0.0/18 maxlen: 19
77.123.32.0/19 maxlen: 20
77.123.64.0/19 maxlen: 20
77.123.128.0/19 maxlen: 20
77.123.144.0/22 maxlen: 22
77.123.160.0/20 maxlen: 24
77.244.32.0/20 maxlen: 21
82.144.192.0/19 maxlen: 20
109.201.224.0/24 maxlen: 24
109.201.225.0/24 maxlen: 24
109.201.226.0/24 maxlen: 24
109.201.227.0/24 maxlen: 24
109.201.228.0/22 maxlen: 23
109.201.232.0/22 maxlen: 23
109.201.236.0/23 maxlen: 24
109.201.238.0/23 maxlen: 24
109.201.240.0/20 maxlen: 21
141.170.224.0/23 maxlen: 24
141.170.226.0/23 maxlen: 24
141.170.226.0/24 maxlen: 24
141.170.227.0/24 maxlen: 24
141.170.228.0/24 maxlen: 24
141.170.229.0/24 maxlen: 24
141.170.230.0/24 maxlen: 24
141.170.231.0/24 maxlen: 24
141.170.232.0/24 maxlen: 24
141.170.233.0/24 maxlen: 24
141.170.234.0/23 maxlen: 24
141.170.236.0/24 maxlen: 24
141.170.237.0/24 maxlen: 24
141.170.238.0/24 maxlen: 24
141.170.239.0/24 maxlen: 24
141.170.240.0/22 maxlen: 23
141.170.244.0/22 maxlen: 23
141.170.248.0/21 maxlen: 22
141.170.248.0/23 maxlen: 24
141.170.250.0/23 maxlen: 24
188.230.0.0/21 maxlen: 22
188.230.0.0/22 maxlen: 23
188.230.4.0/23 maxlen: 24
188.230.7.0/24 maxlen: 24
188.230.8.0/21 maxlen: 22
188.230.16.0/21 maxlen: 22
188.230.24.0/23 maxlen: 24
188.230.26.0/23 maxlen: 24
188.230.28.0/22 maxlen: 23
188.230.32.0/21 maxlen: 22
188.230.40.0/21 maxlen: 22
188.230.48.0/21 maxlen: 22
188.230.56.0/21 maxlen: 22
188.230.64.0/21 maxlen: 22
188.230.71.0/24 maxlen: 24
188.230.72.0/24 maxlen: 24
188.230.73.0/24 maxlen: 24
188.230.74.0/23 maxlen: 24
188.230.76.0/24 maxlen: 24
188.230.77.0/24 maxlen: 24
188.230.78.0/23 maxlen: 24
188.230.80.0/21 maxlen: 22
188.230.88.0/22 maxlen: 23
188.230.92.0/23 maxlen: 24
188.230.94.0/24 maxlen: 24
188.230.95.0/24 maxlen: 24
188.230.96.0/23 maxlen: 24
188.230.98.0/24 maxlen: 24
188.230.99.0/24 maxlen: 24
188.230.100.0/24 maxlen: 24
188.230.102.0/24 maxlen: 24
188.230.103.0/24 maxlen: 24
188.230.104.0/24 maxlen: 24
188.230.105.0/24 maxlen: 24
188.230.106.0/24 maxlen: 24
188.230.107.0/24 maxlen: 24
188.230.108.0/24 maxlen: 24
188.230.109.0/24 maxlen: 24
188.230.111.0/24 maxlen: 24
188.230.112.0/24 maxlen: 24
188.230.113.0/24 maxlen: 24
188.230.115.0/24 maxlen: 24
188.230.116.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:b9:b0:15:f7:7f:1c:3f:24:ff:14:8d:c4:f0:30:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Validity
Not Before: May 13 11:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ad0a033c12148685e8b7256073d3441d212be94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:11:7b:48:f5:17:78:6b:d4:cf:d8:97:0b:
64:cd:da:1b:74:e4:76:08:4a:98:5c:34:ec:7b:b5:
aa:b8:24:62:2e:24:42:3d:cd:01:97:6a:29:82:21:
14:c2:2f:25:da:da:a3:e5:f2:eb:f1:96:b2:a7:4b:
a0:89:f4:a2:be:c6:b5:9b:bb:84:cd:6f:c6:98:45:
07:a7:87:7e:08:22:b7:0e:2e:70:e6:a7:a5:8b:45:
62:05:76:5d:7c:42:d0:d0:21:46:14:35:15:23:df:
43:80:de:45:48:cb:cb:cf:a8:6a:e9:b2:50:97:d5:
af:87:1a:1f:be:d1:37:0b:8c:5d:2a:7b:99:db:b1:
5f:96:a9:6a:3c:7e:2a:41:ed:5a:90:a5:55:fc:39:
8c:60:8b:cf:87:9a:e9:07:18:80:cc:7d:60:be:01:
1e:ae:59:b4:15:64:68:0a:39:11:cc:5c:1a:27:1f:
68:32:1e:f1:c6:21:ca:79:94:c3:bb:99:47:6d:d0:
4e:b4:63:c2:fa:d6:55:e0:2d:44:fc:e0:2f:5e:94:
c1:05:0e:23:d3:ff:08:65:7d:a0:50:ff:9f:38:b8:
b7:f5:e8:2e:2a:b3:65:58:cd:72:0f:f6:bf:f3:71:
fd:ee:12:46:94:ea:6a:fe:07:53:df:ae:dd:be:6a:
3e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D0:A0:33:C1:21:48:68:5E:8B:72:56:07:3D:34:41:D2:12:BE:94
X509v3 Authority Key Identifier:
keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/mtCgM8EhSGhei3JWBz00QdISvpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.120.0.0-77.120.47.255
77.120.52.0/22
77.120.60.0-77.121.13.255
77.121.15.0-77.121.30.255
77.121.64.0-77.121.143.255
77.121.160.0/19
77.122.128.0-77.123.95.255
77.123.128.0-77.123.175.255
77.244.32.0/20
82.144.192.0/19
109.201.224.0/19
141.170.224.0/19
188.230.0.0-188.230.100.255
188.230.102.0-188.230.109.255
188.230.111.0-188.230.113.255
188.230.115.0-188.230.117.255
Signature Algorithm: sha256WithRSAEncryption
be:c7:09:e5:f0:5f:ac:24:0f:14:ca:4e:10:48:5d:57:bc:c5:
f4:3c:78:57:1c:5f:db:5a:13:84:c3:42:0c:b3:37:e7:54:ed:
fd:c6:5b:ff:26:5f:df:97:c0:07:c2:5a:00:71:50:19:18:dc:
9f:44:e0:75:63:bf:9d:52:7f:ea:00:4c:60:20:6a:a4:d5:f1:
bf:b7:cc:ce:8c:2a:53:dc:33:0e:ba:91:fd:56:55:c3:d8:15:
24:30:64:e8:ae:a5:a7:d3:2d:b6:99:2c:c2:e9:b6:c5:5f:19:
c7:ba:61:4b:57:64:93:6f:6b:b9:79:70:01:88:00:52:6e:74:
03:0c:98:13:16:8a:ff:24:c9:a7:72:40:5d:3f:e6:1f:e6:a3:
e3:1d:45:06:5e:bd:b9:21:2b:3e:34:62:3e:30:47:1c:18:9e:
0d:71:47:2c:b4:80:4d:d1:44:97:dd:23:ed:c6:71:ee:15:b3:
d8:3d:9f:fe:bc:8a:85:33:e9:8a:78:d9:3b:80:fd:c8:d0:2c:
72:03:2d:cb:0e:4c:82:ea:41:24:e9:34:5d:9d:b7:2d:4f:c7:
26:fc:86:eb:f0:85:04:fd:14:ba:d3:89:6c:f1:61:be:59:e3:
78:f1:37:33:94:f3:57:c7:b3:29:58:a8:8e:de:cf:d3:36:9b:
92:b0:19:b8
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY9xubAV938cPyT/FI3E8DBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjQwNTEzMTEzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQwYTAzM2MxMjE0ODY4NWU4YjcyNTYwNzNkMzQ0MWQyMTJiZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw4Re0j1F3hr1M/YlwtkzdobdOR2
CEqYXDTse7WquCRiLiRCPc0Bl2opgiEUwi8l2tqj5fLr8Zayp0ugifSivsa1m7uE
zW/GmEUHp4d+CCK3Di5w5qeli0ViBXZdfELQ0CFGFDUVI99DgN5FSMvLz6hq6bJQ
l9WvhxofvtE3C4xdKnuZ27FflqlqPH4qQe1akKVV/DmMYIvPh5rpBxiAzH1gvgEe
rlm0FWRoCjkRzFwaJx9oMh7xxiHKeZTDu5lHbdBOtGPC+tZV4C1E/OAvXpTBBQ4j
0/8IZX2gUP+fOLi39eguKrNlWM1yD/a/83H97hJGlOpq/gdT367dvmo+WQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJrQoDPBIUhoXotyVgc9NEHSEr6UMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvbXRDZ004RWhTR2hlaTNKV0J6MDBRZElTdnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4wCwMD
A014AwQETXggAwQCTXg0MAwDBAJNeDwDBAFNeQwwDAMEAE15DwMEAE15HjAMAwQG
TXlAAwQETXmAAwQFTXmgMAwDBAdNeoADBAVNe0AwDAMEB017gAMEBE17oAMEBE30
IAMEBVKQwAMEBW3J4AMEBY2q4DALAwMBvOYDBAC85mQwDAMEAbzmZgMEAbzmbDAM
AwQAvOZvAwQBvOZwMAwDBAC85nMDBAG85nQwDQYJKoZIhvcNAQELBQADggEBAL7H
CeXwX6wkDxTKThBIXVe8xfQ8eFccX9taE4TDQgyzN+dU7f3GW/8mX9+XwAfCWgBx
UBkY3J9E4HVjv51Sf+oATGAgaqTV8b+3zM6MKlPcMw66kf1WVcPYFSQwZOiupafT
LbaZLMLptsVfGce6YUtXZJNva7l5cAGIAFJudAMMmBMWiv8kyadyQF0/5h/mo+Md
RQZevbkhKz40Yj4wRxwYng1xRyy0gE3RRJfdI+3Gce4Vs9g9n/68ioUz6Yp42TuA
/cjQLHIDLcsOTILqQSTpNF2dty1Pxyb8huvwhQT9FLrTiWzxYb5Z43jxNzOU81fH
sylYqI7ez9M2m5KwGbg=
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:52:08 2025 by rpki-client