Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/xnI_XpKm2SOVdVgkDDtVT9PBhOo.roa
File: xnI_XpKm2SOVdVgkDDtVT9PBhOo.roa (raw, json)
Hash identifier: 7/KSEWeeH5vpJ4LJrIkwnBirzt5i+qOJoiVtHTYQwtg=
Subject key identifier: C6:72:3F:5E:92:A6:D9:23:95:75:58:24:0C:3B:55:4F:D3:C1:84:EA
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 018558BB350A752517CB8BE533C2C919CEC1
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/xnI_XpKm2SOVdVgkDDtVT9PBhOo.roa
Signing time: Wed 28 Dec 2022 12:35:41 +0000
ROA not before: Wed 28 Dec 2022 12:35:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25145
IP address blocks: 77.92.106.0/24 maxlen: 24
77.92.109.0/24 maxlen: 24
77.92.110.0/24 maxlen: 24
77.92.107.0/24 maxlen: 24
77.92.108.0/24 maxlen: 24
77.92.111.0/24 maxlen: 24
77.92.112.0/24 maxlen: 24
77.92.113.0/24 maxlen: 24
77.92.116.0/24 maxlen: 24
77.92.117.0/24 maxlen: 24
77.92.114.0/24 maxlen: 24
77.92.115.0/24 maxlen: 24
77.92.118.0/24 maxlen: 24
77.92.123.0/24 maxlen: 24
77.92.124.0/24 maxlen: 24
77.92.122.0/24 maxlen: 24
77.92.125.0/24 maxlen: 24
77.92.120.0/24 maxlen: 24
77.92.119.0/24 maxlen: 24
77.92.126.0/24 maxlen: 24
77.92.127.0/24 maxlen: 24
77.92.96.0/24 maxlen: 24
77.92.97.0/24 maxlen: 24
77.92.98.0/24 maxlen: 24
77.92.99.0/24 maxlen: 24
77.92.102.0/24 maxlen: 24
77.92.103.0/24 maxlen: 24
77.92.100.0/24 maxlen: 24
77.92.101.0/24 maxlen: 24
77.92.104.0/24 maxlen: 24
77.92.105.0/24 maxlen: 24
213.144.97.0/24 maxlen: 24
213.144.98.0/24 maxlen: 24
213.144.96.0/24 maxlen: 24
213.144.101.0/24 maxlen: 24
213.144.99.0/24 maxlen: 24
213.144.104.0/24 maxlen: 24
213.144.105.0/24 maxlen: 24
213.144.103.0/24 maxlen: 24
213.144.107.0/24 maxlen: 24
213.144.108.0/24 maxlen: 24
213.144.106.0/24 maxlen: 24
213.144.111.0/24 maxlen: 24
213.144.112.0/24 maxlen: 24
213.144.109.0/24 maxlen: 24
213.144.110.0/24 maxlen: 24
213.144.114.0/24 maxlen: 24
213.144.115.0/24 maxlen: 24
213.144.113.0/24 maxlen: 24
213.144.118.0/24 maxlen: 24
213.144.116.0/24 maxlen: 24
213.144.117.0/24 maxlen: 24
213.144.119.0/24 maxlen: 24
213.144.121.0/24 maxlen: 24
213.144.122.0/24 maxlen: 24
213.144.120.0/24 maxlen: 24
213.144.125.0/24 maxlen: 24
213.144.123.0/24 maxlen: 24
213.144.124.0/24 maxlen: 24
213.144.126.0/24 maxlen: 24
213.144.127.0/24 maxlen: 24
185.115.208.0/24 maxlen: 24
185.115.210.0/24 maxlen: 24
185.115.211.0/24 maxlen: 24
31.40.240.0/24 maxlen: 24
31.40.240.0/22 maxlen: 22
31.40.243.0/24 maxlen: 24
31.40.241.0/24 maxlen: 24
31.40.242.0/24 maxlen: 24
2a02:ac87:ac87::/48 maxlen: 48
2a02:ac80:10::/48 maxlen: 48
2a02:ac81::/32 maxlen: 32
2a02:ac82::/32 maxlen: 32
2a02:ac80:c0::/48 maxlen: 48
2a02:ac80:40::/48 maxlen: 48
2a02:ac84::/32 maxlen: 32
2a02:ac80::/29 maxlen: 29
2a02:ac80:7370::/48 maxlen: 48
2a02:ac80:70::/48 maxlen: 48
2a02:ac80:f0::/48 maxlen: 48
2a02:ac87:59cb::/48 maxlen: 48
2a02:ac83::/32 maxlen: 32
2a02:ac80:20::/48 maxlen: 48
2a02:ac80:a0::/48 maxlen: 48
2a02:ac87:5900::/48 maxlen: 48
2a02:ac80:d0::/48 maxlen: 48
2a02:ac80:50::/48 maxlen: 48
2a02:ac80:a00::/48 maxlen: 48
2a02:ac80:f000::/48 maxlen: 48
2a02:ac80:d00::/48 maxlen: 48
2a02:ac80:4000::/48 maxlen: 48
2a02:ac80:c000::/48 maxlen: 48
2a02:ac80:700::/48 maxlen: 48
2a02:ac80:e00::/48 maxlen: 48
2a02:ac80:b00::/48 maxlen: 48
2a02:ac80:500::/48 maxlen: 48
2a02:ac80:6000::/48 maxlen: 48
2a02:ac80:e000::/48 maxlen: 48
2a02:ac80:b000::/48 maxlen: 48
2a02:ac80:3000::/48 maxlen: 48
2a02:ac80:1000::/48 maxlen: 48
2a02:ac80:200::/48 maxlen: 48
2a02:ac80:300::/48 maxlen: 48
2a02:ac80:600::/48 maxlen: 48
2a02:ac80:7000::/48 maxlen: 48
2a02:ac80:400::/48 maxlen: 48
2a02:ac80:5000::/48 maxlen: 48
2a02:ac80:a000::/48 maxlen: 48
2a02:ac80:c00::/48 maxlen: 48
2a02:ac80:d000::/48 maxlen: 48
2a02:ac80:2000::/48 maxlen: 48
2a02:ac80:f00::/48 maxlen: 48
2a02:ac80:100::/48 maxlen: 48
2a02:ac85::/32 maxlen: 32
2a02:ac87::/32 maxlen: 32
2a02:ac80:b0::/48 maxlen: 48
2a02:ac80:30::/48 maxlen: 48
2a02:ac80::/32 maxlen: 32
2a02:ac80:60::/48 maxlen: 48
2a02:ac80:e0::/48 maxlen: 48
2a02:ac86::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:bb:35:0a:75:25:17:cb:8b:e5:33:c2:c9:19:ce:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Dec 28 12:35:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6723f5e92a6d923957558240c3b554fd3c184ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:79:da:e7:d2:4c:63:f6:76:83:af:83:d6:
a6:01:fb:80:48:ef:82:19:2d:be:d3:e4:6c:13:a5:
c7:23:8f:1a:12:dd:13:8b:06:f1:1a:be:df:dd:76:
eb:d9:e2:da:8f:75:ce:50:fb:69:56:0f:81:95:a9:
20:64:4b:ba:84:46:a4:9f:4c:18:67:98:04:5e:df:
f9:97:4a:eb:ed:63:24:af:fe:d3:71:a4:9c:f3:dc:
fc:33:26:fe:e0:3d:3f:fb:59:40:a7:da:fe:17:43:
77:f0:81:92:6f:d1:93:54:d0:d1:43:02:78:fd:a4:
04:54:58:6f:5f:6d:10:aa:34:ec:e6:92:95:46:37:
22:1d:aa:7a:22:e1:43:15:35:6f:76:08:c0:e4:78:
a7:db:fb:77:89:45:bf:2b:04:f2:2f:46:e0:dc:df:
d0:4a:bb:c8:48:81:e1:a6:f8:11:fd:ca:ba:ce:c6:
e1:01:aa:9b:8d:64:d1:c7:f9:f5:47:37:64:96:46:
6a:d7:4c:1c:88:a0:77:5e:12:4d:c9:db:1f:5b:f0:
e6:db:79:ac:e6:c5:2f:ae:58:9c:5f:cf:07:4a:75:
34:40:af:0c:62:bd:ab:9d:80:18:ce:fc:87:e4:c1:
a6:89:d9:3e:0a:b7:a9:6b:45:83:d1:4d:53:26:ef:
2f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:72:3F:5E:92:A6:D9:23:95:75:58:24:0C:3B:55:4F:D3:C1:84:EA
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/xnI_XpKm2SOVdVgkDDtVT9PBhOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.240.0/22
77.92.96.0-77.92.120.255
77.92.122.0-77.92.127.255
185.115.208.0/24
185.115.210.0/23
213.144.96.0/22
213.144.101.0/24
213.144.103.0-213.144.127.255
IPv6:
2a02:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:74:f8:39:95:13:da:ad:ed:e2:2e:e0:bf:9c:3d:3c:91:51:
18:9d:82:e0:9e:be:9d:42:82:a2:2e:88:0f:ae:54:4e:9c:4d:
0d:56:72:32:ff:ce:cb:71:f0:9f:b4:c0:b7:f7:71:0a:f6:97:
9e:90:95:a4:d0:de:e1:9f:01:41:d3:9b:98:cf:1f:82:df:81:
43:c8:01:7d:c6:f9:63:dd:21:31:d6:12:2b:83:d1:56:c8:77:
6d:32:9a:2d:2d:53:79:65:20:43:6b:b5:3b:8f:68:b6:b7:39:
41:f9:1d:12:e9:00:c5:d2:ee:f4:6b:23:39:d0:c5:13:48:8a:
6a:55:97:ea:3b:21:bd:22:a9:d0:66:70:2f:b4:9f:ee:ff:c5:
d8:2d:7c:19:34:17:06:f4:66:27:3e:f1:2f:91:89:1d:01:b4:
11:5d:f7:83:c1:75:42:55:97:54:f8:4b:5f:ad:1c:f4:a1:8d:
b6:7f:33:33:bd:96:45:4a:ae:aa:c1:15:19:3b:5f:98:74:d6:
21:3f:00:87:c1:83:2b:21:b2:d9:c7:f2:14:49:ed:db:5a:4e:
c1:fc:dc:76:3d:0c:18:32:2c:d7:4f:8f:32:65:32:4e:9d:8a:
43:3f:e6:a0:55:2a:de:68:e5:e4:58:b8:6e:bc:91:a8:7f:83:
5b:ef:92:b5
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVYuzUKdSUXy4vlM8LJGc7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjIxMjI4MTIzNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjcyM2Y1ZTkyYTZkOTIzOTU3NTU4MjQwYzNiNTU0ZmQzYzE4NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZd52ufSTGP2doOvg9amAfuASO+C
GS2+0+RsE6XHI48aEt0TiwbxGr7f3Xbr2eLaj3XOUPtpVg+BlakgZEu6hEakn0wY
Z5gEXt/5l0rr7WMkr/7TcaSc89z8Myb+4D0/+1lAp9r+F0N38IGSb9GTVNDRQwJ4
/aQEVFhvX20QqjTs5pKVRjciHap6IuFDFTVvdgjA5Hin2/t3iUW/KwTyL0bg3N/Q
SrvISIHhpvgR/cq6zsbhAaqbjWTRx/n1RzdklkZq10wciKB3XhJNydsfW/Dm23ms
5sUvrlicX88HSnU0QK8MYr2rnYAYzvyH5MGmidk+Crepa0WD0U1TJu8vIwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFMZyP16SptkjlXVYJAw7VU/TwYTqMB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEveG5JX1hwS20yU09WZFZna0REdFZUOVBCaE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCHyjwMAwD
BAVNXGADBABNXHgwDAMEAU1cegMEB01cAAMEALlz0AMEAblz0gMEAtWQYAMEANWQ
ZTAMAwQA1ZBnAwQH1ZAAMA0EAgACMAcDBQMqAqyAMA0GCSqGSIb3DQEBCwUAA4IB
AQBqdPg5lRPare3iLuC/nD08kVEYnYLgnr6dQoKiLogPrlROnE0NVnIy/87LcfCf
tMC393EK9peekJWk0N7hnwFB05uYzx+C34FDyAF9xvlj3SEx1hIrg9FWyHdtMpot
LVN5ZSBDa7U7j2i2tzlB+R0S6QDF0u70ayM50MUTSIpqVZfqOyG9IqnQZnAvtJ/u
/8XYLXwZNBcG9GYnPvEvkYkdAbQRXfeDwXVCVZdU+EtfrRz0oY22fzMzvZZFSq6q
wRUZO1+YdNYhPwCHwYMrIbLZx/IUSe3bWk7B/Nx2PQwYMizXT48yZTJOnYpDP+ag
VSreaOXkWLhuvJGof4Nb75K1
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:19:36 2025 by rpki-client