Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/oNolecsxpcvyuq7HS6h0D3aV-NY.roa
File: oNolecsxpcvyuq7HS6h0D3aV-NY.roa (raw, json)
Hash identifier: Z3MNwAieIlmmi94QIiz8I1prsWWXzr397tgUC31bs7I=
Subject key identifier: A0:DA:25:79:CB:31:A5:CB:F2:BA:AE:C7:4B:A8:74:0F:76:95:F8:D6
Certificate issuer: /CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Certificate serial: 37B7128B
Authority key identifier: CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/oNolecsxpcvyuq7HS6h0D3aV-NY.roa
Signing time: Sat 01 Jan 2022 13:58:56 +0000
ROA not before: Sat 01 Jan 2022 13:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30968
IP address blocks: 109.120.160.0/23 maxlen: 23
109.120.164.0/23 maxlen: 23
109.120.166.0/24 maxlen: 24
109.120.168.0/22 maxlen: 22
109.120.173.0/24 maxlen: 24
109.120.177.0/24 maxlen: 24
109.120.179.0/24 maxlen: 24
109.120.184.0/22 maxlen: 22
92.243.92.0/24 maxlen: 24
77.221.128.0/19 maxlen: 24
109.120.128.0/21 maxlen: 21
109.120.139.0/24 maxlen: 24
109.120.136.0/23 maxlen: 23
109.120.142.0/23 maxlen: 23
109.120.141.0/24 maxlen: 24
109.120.144.0/23 maxlen: 23
109.120.146.0/24 maxlen: 24
109.120.148.0/22 maxlen: 22
109.120.152.0/24 maxlen: 24
109.120.156.0/22 maxlen: 22
109.120.155.0/24 maxlen: 24
92.243.64.0/22 maxlen: 22
92.243.70.0/24 maxlen: 24
92.243.69.0/24 maxlen: 24
92.243.72.0/21 maxlen: 21
92.243.84.0/23 maxlen: 23
92.243.80.0/23 maxlen: 23
92.243.83.0/24 maxlen: 24
92.243.89.0/24 maxlen: 24
2a02:440::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934744715 (0x37b7128b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd9233f6a88d08f6559c2206b1bff2655b122231
Validity
Not Before: Jan 1 13:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0da2579cb31a5cbf2baaec74ba8740f7695f8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:53:1e:5a:0e:7b:f6:27:1e:df:6e:e9:a4:
c2:76:05:ec:bd:85:18:af:81:a9:49:46:0a:6a:67:
be:d5:7b:77:d7:70:b2:06:7e:4f:e0:af:20:0a:23:
39:71:10:cc:09:a3:62:a8:81:6f:4c:e7:a1:1e:fe:
c9:90:f3:84:c6:3b:b6:9d:a9:1c:81:5f:91:cc:3f:
4e:84:0f:0d:c6:b2:31:fb:c2:b4:30:72:4d:c3:8d:
e7:ce:b7:71:7e:a7:fd:64:a0:ca:66:d7:73:f0:ab:
41:d4:21:74:78:da:fa:30:f8:75:85:06:64:13:bd:
21:18:4d:0e:5d:d3:41:aa:2e:08:dd:cc:b3:a9:37:
86:fc:b9:c7:d0:94:11:6c:06:c7:1e:8f:14:b2:68:
72:3c:5a:8d:d4:5d:67:91:0a:5e:79:2c:5b:d5:71:
7a:67:4f:b6:f7:21:a2:4d:dc:c8:f1:36:31:84:0c:
22:65:89:ff:d1:9c:f4:a1:e4:b7:88:7a:3d:b8:6e:
fd:2b:80:35:2e:f4:1f:2f:bf:0c:c4:25:18:0e:07:
7b:79:45:8c:46:4c:9d:02:3b:02:8b:ad:09:dd:1d:
7f:3e:04:cf:34:af:36:56:aa:db:4f:f4:a6:3a:5f:
3a:93:8f:a3:10:8f:12:3d:3f:ef:da:d6:b8:c5:27:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DA:25:79:CB:31:A5:CB:F2:BA:AE:C7:4B:A8:74:0F:76:95:F8:D6
X509v3 Authority Key Identifier:
keyid:CD:92:33:F6:A8:8D:08:F6:55:9C:22:06:B1:BF:F2:65:5B:12:22:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZIz9qiNCPZVnCIGsb_yZVsSIjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/oNolecsxpcvyuq7HS6h0D3aV-NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/0a116f-5a0b-4566-9f44-b837bf9d4c5f/1/zZIz9qiNCPZVnCIGsb_yZVsSIjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.128.0/19
92.243.64.0/22
92.243.69.0-92.243.70.255
92.243.72.0-92.243.81.255
92.243.83.0-92.243.85.255
92.243.89.0/24
92.243.92.0/24
109.120.128.0-109.120.137.255
109.120.139.0/24
109.120.141.0-109.120.146.255
109.120.148.0-109.120.152.255
109.120.155.0-109.120.161.255
109.120.164.0-109.120.166.255
109.120.168.0/22
109.120.173.0/24
109.120.177.0/24
109.120.179.0/24
109.120.184.0/22
IPv6:
2a02:440::/32
Signature Algorithm: sha256WithRSAEncryption
a6:09:c7:8b:78:c7:7a:a4:5d:8d:5f:be:ee:de:74:00:f5:60:
21:94:df:16:94:f9:4e:99:af:62:59:ff:e9:13:27:a6:24:c2:
85:ad:ce:a8:23:bc:0d:b5:34:56:2a:ae:7e:f9:d3:58:33:62:
03:cc:0c:8b:de:c1:a5:05:fb:6b:5b:63:e2:dc:70:6f:06:32:
70:0a:56:e7:1f:1d:00:4e:65:2e:77:91:5f:e2:c4:8f:8a:0d:
8e:ba:0d:ee:ef:3c:90:6b:59:bd:6b:e5:6f:ce:4c:2a:fe:fb:
e6:89:7d:1c:9c:d6:37:75:4c:c9:1a:57:35:a8:8b:bd:06:19:
9d:38:af:6c:01:f5:78:dd:bb:d1:3f:0d:6c:ee:f7:e3:9c:7c:
c5:06:78:f3:2b:36:7e:3f:0a:19:c0:ee:1d:39:7b:d6:58:a9:
b7:c5:0b:46:1f:ca:c5:32:f0:11:48:1a:cf:91:fe:0b:7b:3b:
4a:3b:2a:ea:8b:9b:ea:57:4a:78:a8:9e:f1:58:05:86:5c:b8:
a8:55:4d:b3:2c:68:1a:ce:8e:29:d0:f7:de:2b:26:7c:a2:9d:
42:43:65:38:ad:f3:b9:76:22:1d:75:e2:af:d6:fe:62:24:18:
fe:10:53:da:cc:92:ad:44:2b:be:b9:13:f5:8d:ee:f3:4e:72:
c2:0a:31:72
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIEN7cSizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDkyMzNmNmE4OGQwOGY2NTU5YzIyMDZiMWJmZjI2NTViMTIyMjMxMB4XDTIyMDEw
MTEzNTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBkYTI1NzljYjMx
YTVjYmYyYmFhZWM3NGJhODc0MGY3Njk1ZjhkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0UUx5aDnv2Jx7fbumkwnYF7L2FGK+BqUlGCmpnvtV7d9dw
sgZ+T+CvIAojOXEQzAmjYqiBb0znoR7+yZDzhMY7tp2pHIFfkcw/ToQPDcayMfvC
tDByTcON5863cX6n/WSgymbXc/CrQdQhdHja+jD4dYUGZBO9IRhNDl3TQaouCN3M
s6k3hvy5x9CUEWwGxx6PFLJocjxajdRdZ5EKXnksW9VxemdPtvchok3cyPE2MYQM
ImWJ/9Gc9KHkt4h6Pbhu/SuANS70Hy+/DMQlGA4He3lFjEZMnQI7AoutCd0dfz4E
zzSvNlaq20/0pjpfOpOPoxCPEj0/79rWuMUnWPUCAwEAAaOCAsMwggK/MB0GA1Ud
DgQWBBSg2iV5yzGly/K6rsdLqHQPdpX41jAfBgNVHSMEGDAWgBTNkjP2qI0I9lWc
Igaxv/JlWxIiMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3paSXo5cWlOQ1BaVm5DSUdzYl95WlZzU0lqRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvMGExMTZmLTVhMGItNDU2Ni05ZjQ0LWI4MzdiZjlkNGM1Zi8x
L29Ob2xlY3N4cGN2eXVxN0hTNmgwRDNhVi1OWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
MGExMTZmLTVhMGItNDU2Ni05ZjQ0LWI4MzdiZjlkNGM1Zi8xL3paSXo5cWlOQ1Ba
Vm5DSUdzYl95WlZzU0lqRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2AYIKwYBBQUHAQcBAf8EgcgwgcUwgbMEAgABMIGsAwQFTd2AAwQCXPNAMAwDBABc
80UDBABc80YwDAMEA1zzSAMEAVzzUDAMAwQAXPNTAwQBXPNUAwQAXPNZAwQAXPNc
MAwDBAdteIADBAFteIgDBABteIswDAMEAG14jQMEAG14kjAMAwQCbXiUAwQAbXiY
MAwDBABteJsDBAFteKAwDAMEAm14pAMEAG14pgMEAm14qAMEAG14rQMEAG14sQME
AG14swMEAm14uDANBAIAAjAHAwUAKgIEQDANBgkqhkiG9w0BAQsFAAOCAQEApgnH
i3jHeqRdjV++7t50APVgIZTfFpT5TpmvYln/6RMnpiTCha3OqCO8DbU0ViqufvnT
WDNiA8wMi97BpQX7a1tj4txwbwYycApW5x8dAE5lLneRX+LEj4oNjroN7u88kGtZ
vWvlb85MKv775ol9HJzWN3VMyRpXNaiLvQYZnTivbAH1eN270T8NbO7345x8xQZ4
8ys2fj8KGcDuHTl71lipt8ULRh/KxTLwEUgaz5H+C3s7Sjsq6oub6ldKeKie8VgF
hly4qFVNsyxoGs6OKdD33ismfKKdQkNlOK3zuXYiHXXir9b+YiQY/hBT2sySrUQr
vrkT9Y3u805ywgoxcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:30 2024 by rpki-client on console-fra.rpki-client.org