Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/GiO-ckiycesAryWlc8jSdJ4tekw.roa
File: GiO-ckiycesAryWlc8jSdJ4tekw.roa (raw, json)
Hash identifier: xl2Jap4ktSkRNU+LXBWm4Lr2lai+3Dtbp8Up536pWiY=
Subject key identifier: 1A:23:BE:72:48:B2:71:EB:00:AF:25:A5:73:C8:D2:74:9E:2D:7A:4C
Certificate issuer: /CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Certificate serial: 01856DE63AEFFA9CF3A9CCED47A8DCDC0070
Authority key identifier: CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/GiO-ckiycesAryWlc8jSdJ4tekw.roa
Signing time: Sun 01 Jan 2023 15:14:42 +0000
ROA not before: Sun 01 Jan 2023 15:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30968
IP address blocks: 109.120.160.0/23 maxlen: 23
109.120.164.0/23 maxlen: 23
109.120.166.0/24 maxlen: 24
109.120.168.0/22 maxlen: 22
109.120.173.0/24 maxlen: 24
109.120.177.0/24 maxlen: 24
109.120.179.0/24 maxlen: 24
109.120.184.0/22 maxlen: 22
92.243.92.0/24 maxlen: 24
77.221.128.0/23 maxlen: 23
77.221.131.0/24 maxlen: 24
77.221.132.0/22 maxlen: 22
77.221.136.0/21 maxlen: 21
109.120.128.0/21 maxlen: 21
77.221.144.0/20 maxlen: 20
109.120.139.0/24 maxlen: 24
109.120.136.0/23 maxlen: 23
109.120.142.0/23 maxlen: 23
109.120.141.0/24 maxlen: 24
109.120.148.0/22 maxlen: 22
109.120.152.0/24 maxlen: 24
109.120.156.0/22 maxlen: 22
109.120.155.0/24 maxlen: 24
92.243.64.0/22 maxlen: 22
92.243.70.0/24 maxlen: 24
92.243.69.0/24 maxlen: 24
92.243.72.0/21 maxlen: 21
92.243.84.0/23 maxlen: 23
92.243.80.0/23 maxlen: 23
92.243.83.0/24 maxlen: 24
92.243.89.0/24 maxlen: 24
2a02:440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:3a:ef:fa:9c:f3:a9:cc:ed:47:a8:dc:dc:00:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Validity
Not Before: Jan 1 15:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a23be7248b271eb00af25a573c8d2749e2d7a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0f:27:d2:0d:ff:f6:5c:4d:ec:79:93:36:59:
cf:bf:73:de:7c:35:cc:9e:a5:91:d0:3a:63:fa:9c:
39:e2:72:b3:4d:2f:c1:3f:c0:50:f5:13:d7:66:36:
c9:06:e0:e8:0a:45:e4:b6:2b:38:11:b5:06:ae:6c:
39:76:db:1d:4f:f0:70:21:a9:2a:4c:09:cb:7e:5a:
d2:e2:ed:07:1e:72:69:43:cc:3b:dd:77:d5:99:8a:
67:2e:ad:05:27:8f:cc:64:21:92:fc:1b:21:cc:df:
d4:11:19:be:0a:8a:4d:91:75:f0:65:64:9c:a1:35:
f9:e5:c1:99:9b:63:de:1b:b5:e9:ae:53:60:fe:d8:
7a:bc:56:ce:95:89:cf:cf:09:35:cd:82:90:aa:e0:
a8:25:57:83:1b:6a:dd:21:7b:e6:c6:53:b6:60:c1:
0a:25:62:2d:94:cb:e0:c2:6d:94:cd:69:70:31:e2:
9d:97:6c:c7:e8:7b:ae:27:47:8c:21:82:9b:21:6c:
32:7c:95:f0:47:a1:e4:df:a9:c1:53:41:86:11:de:
34:3e:3d:15:9d:0f:cd:77:84:ff:fd:62:fe:aa:2e:
ba:72:09:94:4a:8e:3b:9d:f6:76:de:4d:f5:b1:9d:
db:a3:55:24:41:09:a9:24:02:7d:cd:62:7e:ce:db:
09:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:23:BE:72:48:B2:71:EB:00:AF:25:A5:73:C8:D2:74:9E:2D:7A:4C
X509v3 Authority Key Identifier:
keyid:CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/GiO-ckiycesAryWlc8jSdJ4tekw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/zZIz9qiNCPZVnCIGsb_yZVsSIjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.128.0/23
77.221.131.0-77.221.159.255
92.243.64.0/22
92.243.69.0-92.243.70.255
92.243.72.0-92.243.81.255
92.243.83.0-92.243.85.255
92.243.89.0/24
92.243.92.0/24
109.120.128.0-109.120.137.255
109.120.139.0/24
109.120.141.0-109.120.143.255
109.120.148.0-109.120.152.255
109.120.155.0-109.120.161.255
109.120.164.0-109.120.166.255
109.120.168.0/22
109.120.173.0/24
109.120.177.0/24
109.120.179.0/24
109.120.184.0/22
IPv6:
2a02:440::/32
Signature Algorithm: sha256WithRSAEncryption
17:fa:c0:e2:0d:14:57:0d:f5:e5:aa:9c:84:dd:ce:74:19:8d:
cf:ff:b1:35:d5:71:e7:26:ae:ce:89:64:85:65:be:d9:eb:0f:
f0:33:94:5c:3e:65:6d:69:88:0e:3b:b3:3e:c1:7e:1c:a2:e4:
fa:0e:c7:41:52:e4:52:a3:f3:c1:c7:bc:93:e8:fc:c6:d8:30:
ce:82:74:56:93:22:16:e8:ee:ce:d9:db:cf:21:c6:70:ae:2f:
5b:f6:54:3f:33:dd:05:b7:51:7b:0c:5a:27:12:1d:2a:5f:68:
29:41:9b:4c:95:8e:77:74:be:4f:96:85:bb:db:4a:57:ec:87:
f8:75:79:4c:4c:a1:3e:4c:9e:51:15:35:a2:c9:96:28:96:c6:
39:53:23:60:83:e5:62:e5:93:af:7e:49:cc:bb:a5:c8:5f:14:
63:ab:b3:ab:0e:1d:c1:7b:77:8e:c6:b6:b2:b1:f4:f6:99:70:
2c:7c:fc:7f:98:f0:5a:2f:dd:9f:a5:34:ab:b3:29:67:83:50:
56:94:7d:9f:c8:80:2a:42:d9:6c:b8:36:a6:b8:a2:e0:d6:1a:
eb:25:6e:bf:a0:74:95:cc:85:64:46:38:da:63:3d:88:4f:45:
5d:fd:3e:1e:81:20:17:23:eb:15:e0:b1:9a:2f:57:57:16:ad:
be:f2:b7:44
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAYVt5jrv+pzzqcztR6jc3ABwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTIzM2Y2YTg4ZDA4ZjY1NTljMjIwNmIxYmZmMjY1NWIx
MjIyMzEwHhcNMjMwMTAxMTUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTIzYmU3MjQ4YjI3MWViMDBhZjI1YTU3M2M4ZDI3NDllMmQ3YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g8n0g3/9lxN7HmTNlnPv3PefDXM
nqWR0Dpj+pw54nKzTS/BP8BQ9RPXZjbJBuDoCkXktis4EbUGrmw5dtsdT/BwIakq
TAnLflrS4u0HHnJpQ8w73XfVmYpnLq0FJ4/MZCGS/BshzN/UERm+CopNkXXwZWSc
oTX55cGZm2PeG7XprlNg/th6vFbOlYnPzwk1zYKQquCoJVeDG2rdIXvmxlO2YMEK
JWItlMvgwm2UzWlwMeKdl2zH6HuuJ0eMIYKbIWwyfJXwR6Hk36nBU0GGEd40Pj0V
nQ/Nd4T//WL+qi66cgmUSo47nfZ23k31sZ3bo1UkQQmpJAJ9zWJ+ztsJgwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFBojvnJIsnHrAK8lpXPI0nSeLXpMMB8GA1UdIwQY
MBaAFM2SM/aojQj2VZwiBrG/8mVbEiIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQt
YjgzN2JmOWQ0YzVmLzEvR2lPLWNraXljZXNBcnlXbGM4alNkSjR0ZWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQtYjgzN2JmOWQ0YzVm
LzEvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBwQQCAAEwgboDBAFN
3YAwDAMEAE3dgwMEBU3dgAMEAlzzQDAMAwQAXPNFAwQAXPNGMAwDBANc80gDBAFc
81AwDAMEAFzzUwMEAVzzVAMEAFzzWQMEAFzzXDAMAwQHbXiAAwQBbXiIAwQAbXiL
MAwDBABteI0DBARteIAwDAMEAm14lAMEAG14mDAMAwQAbXibAwQBbXigMAwDBAJt
eKQDBABteKYDBAJteKgDBABteK0DBABteLEDBABteLMDBAJteLgwDQQCAAIwBwMF
ACoCBEAwDQYJKoZIhvcNAQELBQADggEBABf6wOINFFcN9eWqnITdznQZjc//sTXV
cecmrs6JZIVlvtnrD/AzlFw+ZW1piA47sz7Bfhyi5PoOx0FS5FKj88HHvJPo/MbY
MM6CdFaTIhbo7s7Z288hxnCuL1v2VD8z3QW3UXsMWicSHSpfaClBm0yVjnd0vk+W
hbvbSlfsh/h1eUxMoT5MnlEVNaLJliiWxjlTI2CD5WLlk69+Scy7pchfFGOrs6sO
HcF7d47GtrKx9PaZcCx8/H+Y8Fov3Z+lNKuzKWeDUFaUfZ/IgCpC2Wy4Nqa4ouDW
Guslbr+gdJXMhWRGONpjPYhPRV39Ph6BIBcj6xXgsZovV1cWrb7yt0Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:30 2024 by rpki-client on console-fra.rpki-client.org