Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/QnD-YO7NRK9ErOBBqasVLscR9UE.roa
File: QnD-YO7NRK9ErOBBqasVLscR9UE.roa (raw, json)
Hash identifier: A3o3j8l1rr+KjFvQx4shBjkWG4JTYLAqthSNc++fEB4=
Subject key identifier: 42:70:FE:60:EE:CD:44:AF:44:AC:E0:41:A9:AB:15:2E:C7:11:F5:41
Certificate issuer: /CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Certificate serial: 018834742A30DF23E92BF39816477CD45C66
Authority key identifier: CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/QnD-YO7NRK9ErOBBqasVLscR9UE.roa
Signing time: Fri 19 May 2023 14:40:08 +0000
ROA not before: Fri 19 May 2023 14:40:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30968
IP address blocks: 109.120.160.0/23 maxlen: 23
109.120.164.0/23 maxlen: 23
109.120.166.0/24 maxlen: 24
109.120.168.0/22 maxlen: 22
109.120.173.0/24 maxlen: 24
109.120.177.0/24 maxlen: 24
109.120.179.0/24 maxlen: 24
109.120.184.0/22 maxlen: 22
77.221.128.0/23 maxlen: 23
77.221.131.0/24 maxlen: 24
77.221.132.0/22 maxlen: 22
77.221.136.0/21 maxlen: 21
109.120.128.0/21 maxlen: 21
77.221.144.0/20 maxlen: 20
109.120.139.0/24 maxlen: 24
109.120.136.0/23 maxlen: 23
109.120.142.0/23 maxlen: 23
109.120.141.0/24 maxlen: 24
109.120.148.0/22 maxlen: 22
109.120.152.0/24 maxlen: 24
109.120.156.0/22 maxlen: 22
109.120.155.0/24 maxlen: 24
92.243.64.0/22 maxlen: 22
92.243.70.0/24 maxlen: 24
92.243.69.0/24 maxlen: 24
92.243.72.0/21 maxlen: 21
92.243.80.0/23 maxlen: 23
92.243.83.0/24 maxlen: 24
2a02:440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:74:2a:30:df:23:e9:2b:f3:98:16:47:7c:d4:5c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Validity
Not Before: May 19 14:40:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4270fe60eecd44af44ace041a9ab152ec711f541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:af:32:df:c2:60:13:f2:a5:dc:41:9b:af:79:
57:50:d9:93:98:01:4e:02:a0:3f:55:f5:24:48:ff:
70:1d:81:c8:46:85:06:02:36:bc:5e:c8:76:f5:a2:
31:23:a7:26:93:8b:27:cc:03:95:f8:64:5c:33:85:
e3:57:aa:22:9a:52:bd:77:50:d0:1d:01:2b:66:f4:
33:bb:03:59:0b:be:ff:0a:5c:12:7b:2a:bf:d8:06:
18:a5:17:09:27:87:a7:8d:ad:6f:93:7d:4a:76:c4:
ab:55:39:b5:97:2d:2c:85:3d:0a:fb:be:ed:29:54:
fb:68:f7:21:b1:88:80:ba:d5:74:ca:74:e7:af:54:
6d:f9:d3:9b:1e:0a:a5:8f:3a:a8:a5:35:57:c5:d1:
e1:56:33:25:b9:4f:bc:ac:cf:cb:c5:4c:dc:78:38:
6e:94:0f:14:6a:2f:b1:c6:4c:96:49:b8:e3:45:b8:
e1:9e:6b:5c:15:e2:24:ca:3e:37:87:31:65:f4:69:
6e:b0:f6:57:b3:c8:f1:35:d7:9c:a1:89:6a:31:82:
f0:ab:f3:44:cb:05:10:89:82:42:99:36:32:e8:0c:
b2:c0:6c:b6:c8:ae:b3:f8:e4:9a:3a:37:fa:41:87:
fa:e2:df:6e:e4:d8:fd:bf:18:76:b0:cd:62:54:86:
67:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:70:FE:60:EE:CD:44:AF:44:AC:E0:41:A9:AB:15:2E:C7:11:F5:41
X509v3 Authority Key Identifier:
keyid:CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/QnD-YO7NRK9ErOBBqasVLscR9UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/zZIz9qiNCPZVnCIGsb_yZVsSIjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.128.0/23
77.221.131.0-77.221.159.255
92.243.64.0/22
92.243.69.0-92.243.70.255
92.243.72.0-92.243.81.255
92.243.83.0/24
109.120.128.0-109.120.137.255
109.120.139.0/24
109.120.141.0-109.120.143.255
109.120.148.0-109.120.152.255
109.120.155.0-109.120.161.255
109.120.164.0-109.120.166.255
109.120.168.0/22
109.120.173.0/24
109.120.177.0/24
109.120.179.0/24
109.120.184.0/22
IPv6:
2a02:440::/32
Signature Algorithm: sha256WithRSAEncryption
3e:4f:c8:04:30:42:26:5f:1d:1d:11:a3:51:47:4d:a7:84:47:
7f:82:f4:06:1d:85:75:56:83:a7:93:36:e6:2b:1a:26:2c:c9:
54:6f:a0:37:fb:a1:cf:57:05:99:f2:ee:df:04:52:f5:c7:d2:
10:23:a3:58:e6:d0:b5:cc:b2:0d:5f:fc:58:a6:01:ee:fc:69:
0f:1b:b0:f1:b4:9c:e7:fd:9a:30:82:69:67:05:ad:d2:b7:52:
fb:c4:d3:53:ca:e2:89:5b:d9:8e:8f:f3:7e:b7:44:63:e3:88:
e5:2f:0a:b9:75:ff:bf:c5:5a:9f:9c:14:23:ec:fa:60:e3:63:
f2:c8:9b:fd:9e:6c:24:c9:24:f8:1e:95:c0:14:09:30:a3:32:
71:f4:1a:ba:f0:26:8e:7d:da:33:b7:da:e5:d6:db:c8:36:ca:
bb:5c:0f:09:13:81:f1:7e:eb:16:db:ee:40:e1:60:7e:ff:9c:
6d:13:fe:1d:b2:12:0b:4c:ae:0c:2a:a6:d0:f4:bf:0a:8e:82:
e4:3e:a6:0f:d9:fc:9c:7b:bf:0f:50:b3:84:73:c9:26:97:6a:
a2:99:4e:5e:a7:4c:34:39:61:4d:9d:2e:4b:3c:88:74:dc:77:
63:f5:4b:1f:f1:44:84:34:ef:37:7d:58:76:d5:d3:c0:14:fc:
4f:a8:9e:e1
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAYg0dCow3yPpK/OYFkd81FxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTIzM2Y2YTg4ZDA4ZjY1NTljMjIwNmIxYmZmMjY1NWIx
MjIyMzEwHhcNMjMwNTE5MTQ0MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcwZmU2MGVlY2Q0NGFmNDRhY2UwNDFhOWFiMTUyZWM3MTFmNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA368y38JgE/Kl3EGbr3lXUNmTmAFO
AqA/VfUkSP9wHYHIRoUGAja8Xsh29aIxI6cmk4snzAOV+GRcM4XjV6oimlK9d1DQ
HQErZvQzuwNZC77/ClwSeyq/2AYYpRcJJ4enja1vk31KdsSrVTm1ly0shT0K+77t
KVT7aPchsYiAutV0ynTnr1Rt+dObHgqljzqopTVXxdHhVjMluU+8rM/LxUzceDhu
lA8Uai+xxkyWSbjjRbjhnmtcFeIkyj43hzFl9GlusPZXs8jxNdecoYlqMYLwq/NE
ywUQiYJCmTYy6AyywGy2yK6z+OSaOjf6QYf64t9u5Nj9vxh2sM1iVIZnUQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFEJw/mDuzUSvRKzgQamrFS7HEfVBMB8GA1UdIwQY
MBaAFM2SM/aojQj2VZwiBrG/8mVbEiIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQt
YjgzN2JmOWQ0YzVmLzEvUW5ELVlPN05SSzlFck9CQnFhc1ZMc2NSOVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQtYjgzN2JmOWQ0YzVm
LzEvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBrQQCAAEwgaYDBAFN
3YAwDAMEAE3dgwMEBU3dgAMEAlzzQDAMAwQAXPNFAwQAXPNGMAwDBANc80gDBAFc
81ADBABc81MwDAMEB214gAMEAW14iAMEAG14izAMAwQAbXiNAwQEbXiAMAwDBAJt
eJQDBABteJgwDAMEAG14mwMEAW14oDAMAwQCbXikAwQAbXimAwQCbXioAwQAbXit
AwQAbXixAwQAbXizAwQCbXi4MA0EAgACMAcDBQAqAgRAMA0GCSqGSIb3DQEBCwUA
A4IBAQA+T8gEMEImXx0dEaNRR02nhEd/gvQGHYV1VoOnkzbmKxomLMlUb6A3+6HP
VwWZ8u7fBFL1x9IQI6NY5tC1zLINX/xYpgHu/GkPG7DxtJzn/ZowgmlnBa3St1L7
xNNTyuKJW9mOj/N+t0Rj44jlLwq5df+/xVqfnBQj7Ppg42PyyJv9nmwkyST4HpXA
FAkwozJx9Bq68CaOfdozt9rl1tvINsq7XA8JE4HxfusW2+5A4WB+/5xtE/4dshIL
TK4MKqbQ9L8KjoLkPqYP2fyce78PULOEc8kml2qimU5ep0w0OWFNnS5LPIh03Hdj
9Usf8USENO83fVh21dPAFPxPqJ7h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:30 2024 by rpki-client on console-fra.rpki-client.org