Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/o4_nW_wsZwiYvMtDBtREf-V21AQ.roa
File: o4_nW_wsZwiYvMtDBtREf-V21AQ.roa (raw, json)
Hash identifier: qneWMdP2Xee2gTRYTIdWej0M8uc4D9CiPzCMw5Qx2Q8=
Subject key identifier: A3:8F:E7:5B:FC:2C:67:08:98:BC:CB:43:06:D4:44:7F:E5:76:D4:04
Certificate issuer: /CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Certificate serial: 01896AD0A85766F78E5398BC5E4407078935
Authority key identifier: CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/o4_nW_wsZwiYvMtDBtREf-V21AQ.roa
Signing time: Tue 18 Jul 2023 21:03:26 +0000
ROA not before: Tue 18 Jul 2023 21:03:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30968
IP address blocks: 109.120.160.0/23 maxlen: 23
109.120.164.0/23 maxlen: 23
109.120.166.0/24 maxlen: 24
109.120.168.0/22 maxlen: 22
109.120.173.0/24 maxlen: 24
109.120.177.0/24 maxlen: 24
109.120.179.0/24 maxlen: 24
109.120.184.0/22 maxlen: 22
77.221.128.0/23 maxlen: 23
77.221.131.0/24 maxlen: 24
77.221.132.0/22 maxlen: 22
77.221.136.0/21 maxlen: 21
109.120.128.0/21 maxlen: 21
77.221.144.0/20 maxlen: 20
109.120.139.0/24 maxlen: 24
109.120.136.0/23 maxlen: 23
109.120.142.0/23 maxlen: 23
109.120.141.0/24 maxlen: 24
109.120.148.0/22 maxlen: 22
109.120.152.0/24 maxlen: 24
109.120.156.0/22 maxlen: 22
109.120.155.0/24 maxlen: 24
2a02:440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:d0:a8:57:66:f7:8e:53:98:bc:5e:44:07:07:89:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Validity
Not Before: Jul 18 21:03:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38fe75bfc2c670898bccb4306d4447fe576d404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:23:1d:ee:e4:74:19:85:6f:a6:ad:79:f1:dc:
9c:15:89:ad:43:b8:57:58:2d:82:c0:8f:cd:a5:90:
5e:4b:44:c8:f7:7d:6f:2d:2c:c4:be:99:78:bb:68:
75:25:5e:47:7c:2b:2c:61:69:e5:a4:2b:c3:00:46:
2b:46:9d:31:b0:e5:67:ad:dc:16:a9:4f:d4:3e:3f:
f8:70:eb:23:9d:71:1e:49:7d:23:e5:88:1d:38:d4:
de:b2:3c:26:b9:f8:1e:e3:77:1e:59:66:df:f3:a2:
da:1b:be:e9:82:d0:d2:ab:9c:b6:0a:f5:07:41:9e:
b6:91:b0:4c:5e:01:4f:5b:4a:b0:58:be:9e:76:83:
80:1d:b0:8e:04:47:5f:cb:ec:c1:7c:8c:ac:bc:fb:
d8:03:c9:3d:5a:ca:8a:3b:e4:99:59:94:72:4a:f2:
70:b8:58:07:fa:94:27:12:18:96:1d:51:05:aa:42:
1d:7d:14:bc:4c:92:68:8c:98:da:1b:36:d8:39:28:
fd:d5:18:19:57:92:0c:82:fc:21:a0:35:5e:d5:c9:
99:fc:9c:1a:70:a3:2e:cb:eb:c1:3b:58:83:47:5d:
74:fe:9d:fc:8a:10:d2:e0:18:de:6a:0b:1f:43:df:
5c:bd:92:7f:c3:f8:10:e1:05:fa:bb:c9:a2:20:c6:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8F:E7:5B:FC:2C:67:08:98:BC:CB:43:06:D4:44:7F:E5:76:D4:04
X509v3 Authority Key Identifier:
keyid:CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/o4_nW_wsZwiYvMtDBtREf-V21AQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/zZIz9qiNCPZVnCIGsb_yZVsSIjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.128.0/23
77.221.131.0-77.221.159.255
109.120.128.0-109.120.137.255
109.120.139.0/24
109.120.141.0-109.120.143.255
109.120.148.0-109.120.152.255
109.120.155.0-109.120.161.255
109.120.164.0-109.120.166.255
109.120.168.0/22
109.120.173.0/24
109.120.177.0/24
109.120.179.0/24
109.120.184.0/22
IPv6:
2a02:440::/32
Signature Algorithm: sha256WithRSAEncryption
91:66:a0:b7:ca:2c:bf:d6:20:87:9d:56:4f:f9:3b:84:64:18:
3e:30:33:9f:6e:70:9e:ba:f4:e1:23:ed:00:1b:86:5c:8e:a0:
4b:bc:93:bf:b5:40:17:fc:73:1d:41:f1:f6:38:a4:c3:43:0e:
c2:67:cd:01:71:0a:ef:c0:ac:de:94:13:6d:79:9a:0b:47:87:
57:35:2a:2c:37:48:74:2c:df:ca:40:bf:f1:b6:6a:c8:c4:8d:
e3:1d:3d:6b:04:46:14:8e:da:c1:bf:e6:f3:bc:5c:52:8b:85:
92:09:48:43:2d:fa:3e:0d:8f:c7:12:e3:2a:74:f7:9a:8d:cd:
ff:40:98:57:2d:6c:16:f5:4d:34:9b:ff:1c:02:21:6a:5e:26:
93:df:1c:a9:ac:7d:be:b0:78:6a:4b:94:77:4f:f4:70:4a:7a:
53:6c:f6:e4:e0:9c:4e:0d:5a:b7:32:1a:34:30:d0:f0:09:bd:
6f:9b:31:a8:cc:ab:7b:38:3b:ae:88:e5:27:b7:29:fa:b6:9e:
28:01:17:8c:51:7b:1f:d2:bf:c5:a7:f6:35:1e:d8:8b:37:df:
5e:5f:0a:40:34:b2:71:aa:ae:ba:ff:ef:de:71:e6:4b:af:38:
06:dd:7f:df:e4:40:95:c1:8a:4b:8e:cf:c6:85:27:44:82:77:
0e:3f:06:a7
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYlq0KhXZveOU5i8XkQHB4k1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTIzM2Y2YTg4ZDA4ZjY1NTljMjIwNmIxYmZmMjY1NWIx
MjIyMzEwHhcNMjMwNzE4MjEwMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhmZTc1YmZjMmM2NzA4OThiY2NiNDMwNmQ0NDQ3ZmU1NzZkNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yMd7uR0GYVvpq158dycFYmtQ7hX
WC2CwI/NpZBeS0TI931vLSzEvpl4u2h1JV5HfCssYWnlpCvDAEYrRp0xsOVnrdwW
qU/UPj/4cOsjnXEeSX0j5YgdONTesjwmufge43ceWWbf86LaG77pgtDSq5y2CvUH
QZ62kbBMXgFPW0qwWL6edoOAHbCOBEdfy+zBfIysvPvYA8k9WsqKO+SZWZRySvJw
uFgH+pQnEhiWHVEFqkIdfRS8TJJojJjaGzbYOSj91RgZV5IMgvwhoDVe1cmZ/Jwa
cKMuy+vBO1iDR110/p38ihDS4BjeagsfQ99cvZJ/w/gQ4QX6u8miIMbxxwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFKOP51v8LGcImLzLQwbURH/ldtQEMB8GA1UdIwQY
MBaAFM2SM/aojQj2VZwiBrG/8mVbEiIxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQt
YjgzN2JmOWQ0YzVmLzEvbzRfbldfd3Nad2lZdk10REJ0UkVmLVYyMUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8wYTExNmYtNWEwYi00NTY2LTlmNDQtYjgzN2JmOWQ0YzVm
LzEvelpJejlxaU5DUFpWbkNJR3NiX3laVnNTSWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEAU3d
gDAMAwQATd2DAwQFTd2AMAwDBAdteIADBAFteIgDBABteIswDAMEAG14jQMEBG14
gDAMAwQCbXiUAwQAbXiYMAwDBABteJsDBAFteKAwDAMEAm14pAMEAG14pgMEAm14
qAMEAG14rQMEAG14sQMEAG14swMEAm14uDANBAIAAjAHAwUAKgIEQDANBgkqhkiG
9w0BAQsFAAOCAQEAkWagt8osv9Ygh51WT/k7hGQYPjAzn25wnrr04SPtABuGXI6g
S7yTv7VAF/xzHUHx9jikw0MOwmfNAXEK78Cs3pQTbXmaC0eHVzUqLDdIdCzfykC/
8bZqyMSN4x09awRGFI7awb/m87xcUouFkglIQy36Pg2PxxLjKnT3mo3N/0CYVy1s
FvVNNJv/HAIhal4mk98cqax9vrB4akuUd0/0cEp6U2z25OCcTg1atzIaNDDQ8Am9
b5sxqMyrezg7rojlJ7cp+raeKAEXjFF7H9K/xaf2NR7YizffXl8KQDSycaquuv/v
3nHmS684Bt1/3+RAlcGKS47PxoUnRIJ3Dj8Gpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:30 2024 by rpki-client on console-fra.rpki-client.org