Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/KPmqQFrmS7pS-YqbUjN4zBuvFpo.roa
File: KPmqQFrmS7pS-YqbUjN4zBuvFpo.roa (raw, json)
Hash identifier: H8LjK9EMrwcjsFl5qLBoKTDXYxk4tuiNAzrZPXBkAik=
Subject key identifier: 28:F9:AA:40:5A:E6:4B:BA:52:F9:8A:9B:52:33:78:CC:1B:AF:16:9A
Certificate issuer: /CN=88a8d325f97b03713342682fc408d53368740e7d
Certificate serial: 018CC6B78F687504B97E839F2764506091A2
Authority key identifier: 88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/KPmqQFrmS7pS-YqbUjN4zBuvFpo.roa
Signing time: Mon 01 Jan 2024 20:29:27 +0000
ROA not before: Mon 01 Jan 2024 20:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60895
IP address blocks: 185.23.112.0/22 maxlen: 22
185.23.112.0/24 maxlen: 24
185.23.112.0/23 maxlen: 23
185.23.115.0/24 maxlen: 24
185.23.114.0/24 maxlen: 24
185.23.114.0/23 maxlen: 23
185.23.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8f:68:75:04:b9:7e:83:9f:27:64:50:60:91:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a8d325f97b03713342682fc408d53368740e7d
Validity
Not Before: Jan 1 20:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28f9aa405ae64bba52f98a9b523378cc1baf169a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:57:01:6c:ad:02:52:41:a9:ba:5b:59:11:
3e:d5:a8:03:14:ca:1a:bf:eb:b7:a9:70:bc:64:9e:
bf:27:3d:ad:dc:9a:3c:ef:7b:e0:a2:53:53:7c:80:
9a:b1:de:a5:5b:ce:25:b8:4d:da:b7:89:e4:28:e0:
2f:1c:66:41:3e:34:3d:67:92:eb:4d:28:50:a8:2a:
18:6f:63:a5:b5:5c:13:32:a7:7b:f4:4f:3f:4a:6f:
89:16:8c:c6:10:27:f0:94:ba:a3:7a:a1:0b:ea:a3:
cc:69:1b:e4:d2:6e:83:02:19:25:6f:5b:4b:bd:6c:
f1:da:99:76:5f:5f:93:96:28:54:01:b8:a6:b6:d2:
14:73:85:79:fe:74:f0:c9:6c:a4:88:ed:c9:02:1a:
4d:14:e5:95:84:90:30:21:4d:8c:9d:f2:7c:10:94:
de:50:b8:54:b5:b1:76:43:8f:af:74:fb:4a:a5:e3:
ca:eb:da:b8:18:7b:f1:05:ff:c6:6a:23:6d:52:3a:
c2:7c:99:06:75:fa:be:3a:e6:ce:c9:99:a8:3a:27:
63:a5:14:21:ee:88:70:66:af:0e:83:2c:02:e2:c0:
85:ad:a8:aa:05:67:c0:b8:74:4d:26:45:a1:fe:6d:
d1:9f:e2:5c:d3:e3:d5:5c:e9:75:42:13:7a:3d:1d:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F9:AA:40:5A:E6:4B:BA:52:F9:8A:9B:52:33:78:CC:1B:AF:16:9A
X509v3 Authority Key Identifier:
keyid:88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/KPmqQFrmS7pS-YqbUjN4zBuvFpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.112.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:74:0a:0f:42:a7:cc:90:4b:7e:c5:f3:17:14:1f:9e:b2:e1:
b3:91:e3:34:7c:16:d0:52:64:ba:09:f7:98:c5:77:3e:2f:34:
10:48:8e:03:36:f5:00:c5:02:95:e4:20:a5:98:46:84:84:e5:
6d:f4:08:29:94:76:a0:56:3b:33:15:1f:fb:17:8b:9c:43:4c:
dc:5c:1b:0e:22:f2:2c:19:dc:b1:48:a8:b8:bc:35:6a:8c:da:
0b:d2:bd:4a:21:c8:66:3a:c2:c5:d4:eb:48:58:42:23:17:0e:
08:64:0b:57:c2:dd:3e:65:71:41:23:e4:28:50:5c:9b:b3:12:
fb:e9:d3:4a:d5:42:24:b6:af:b0:73:25:0a:c9:01:c5:b3:aa:
9a:78:96:89:20:09:4c:ec:3a:c3:f1:5e:5a:8e:d8:70:a4:cb:
5c:0c:ef:4f:4d:8f:a7:63:31:26:71:67:9d:ca:d8:59:d2:40:
f8:ba:fb:07:da:52:c8:0c:4f:4f:01:7f:5e:4c:f4:4c:ad:07:
d6:58:97:bd:49:1c:da:6e:4e:1c:92:2a:35:2a:c2:ac:b8:5e:
6d:4e:a8:10:49:71:1f:a8:c3:5b:00:b1:3b:b2:ad:30:13:56:
d4:94:fd:22:75:5c:45:d4:52:cb:44:e5:23:6d:0d:56:85:d6:
23:51:f6:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt49odQS5foOfJ2RQYJGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YThkMzI1Zjk3YjAzNzEzMzQyNjgyZmM0MDhkNTMzNjg3
NDBlN2QwHhcNMjQwMTAxMjAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY5YWE0MDVhZTY0YmJhNTJmOThhOWI1MjMzNzhjYzFiYWYxNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTZXAWytAlJBqbpbWRE+1agDFMoa
v+u3qXC8ZJ6/Jz2t3Jo873vgolNTfICasd6lW84luE3at4nkKOAvHGZBPjQ9Z5Lr
TShQqCoYb2OltVwTMqd79E8/Sm+JFozGECfwlLqjeqEL6qPMaRvk0m6DAhklb1tL
vWzx2pl2X1+TlihUAbimttIUc4V5/nTwyWykiO3JAhpNFOWVhJAwIU2MnfJ8EJTe
ULhUtbF2Q4+vdPtKpePK69q4GHvxBf/GaiNtUjrCfJkGdfq+OubOyZmoOidjpRQh
7ohwZq8OgywC4sCFraiqBWfAuHRNJkWh/m3Rn+Jc0+PVXOl1QhN6PR1ljwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCj5qkBa5ku6UvmKm1IzeMwbrxaaMB8GA1UdIwQY
MBaAFIio0yX5ewNxM0JoL8QI1TNodA59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAt
Y2YwM2ZhNGNhMDgzLzEvS1BtcVFGcm1TN3BTLVlxYlVqTjR6QnV2RnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAtY2YwM2ZhNGNhMDgz
LzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRdwMA0G
CSqGSIb3DQEBCwUAA4IBAQAPdAoPQqfMkEt+xfMXFB+esuGzkeM0fBbQUmS6CfeY
xXc+LzQQSI4DNvUAxQKV5CClmEaEhOVt9AgplHagVjszFR/7F4ucQ0zcXBsOIvIs
GdyxSKi4vDVqjNoL0r1KIchmOsLF1OtIWEIjFw4IZAtXwt0+ZXFBI+QoUFybsxL7
6dNK1UIktq+wcyUKyQHFs6qaeJaJIAlM7DrD8V5ajthwpMtcDO9PTY+nYzEmcWed
ythZ0kD4uvsH2lLIDE9PAX9eTPRMrQfWWJe9SRzabk4ckio1KsKsuF5tTqgQSXEf
qMNbALE7sq0wE1bUlP0idVxF1FLLROUjbQ1WhdYjUfaG
-----END CERTIFICATE-----
Generated at Thu Aug 15 03:07:29 2024 by rpki-client on console.sobornost.net