Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/4fK7acfYM1lXIqdGxL5K58svNjc.roa
File: 4fK7acfYM1lXIqdGxL5K58svNjc.roa (raw, json)
Hash identifier: n2uKNNxdN+16wMmAcNwskb5owc1U5qjBI+fT9FQlX0g=
Subject key identifier: E1:F2:BB:69:C7:D8:33:59:57:22:A7:46:C4:BE:4A:E7:CB:2F:36:37
Certificate issuer: /CN=9fd68f1b241423da97647b99224530386d25698c
Certificate serial: 018CC79548C1003C2A55DFB5B35E38D81C19
Authority key identifier: 9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/4fK7acfYM1lXIqdGxL5K58svNjc.roa
Signing time: Tue 02 Jan 2024 00:31:38 +0000
ROA not before: Tue 02 Jan 2024 00:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28746
IP address blocks: 185.104.23.0/24 maxlen: 24
185.104.20.0/24 maxlen: 24
185.104.21.0/24 maxlen: 24
185.104.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:48:c1:00:3c:2a:55:df:b5:b3:5e:38:d8:1c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fd68f1b241423da97647b99224530386d25698c
Validity
Not Before: Jan 2 00:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1f2bb69c7d833595722a746c4be4ae7cb2f3637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bb:d2:0e:25:f5:23:fb:11:a3:ee:24:15:0d:
14:da:f4:35:75:4d:ec:7f:0c:5d:d4:27:39:fc:b8:
54:ff:b9:98:d0:8c:b7:23:17:9b:31:c1:33:cf:75:
8d:48:d6:39:21:b1:7c:f5:1f:24:d0:95:6e:0c:30:
5c:f1:8a:5c:f1:ff:11:ac:b2:95:59:6d:1b:82:7d:
c8:a4:95:11:9c:75:56:67:fa:7e:2a:08:50:4d:9c:
31:db:5c:87:ad:e7:de:8f:e6:b1:c6:a1:4e:e4:d3:
ad:ec:7b:fc:6d:51:0b:59:85:f5:47:8b:b7:92:69:
0a:c6:83:20:d7:71:20:64:86:23:42:dc:88:49:55:
b6:20:71:65:c6:8c:27:9c:50:bf:aa:74:04:30:98:
25:d8:65:b1:ff:01:5d:49:61:9d:cd:34:7c:1f:65:
79:36:93:83:ed:ec:04:b4:81:7a:27:4d:b1:f2:0f:
f7:e0:4c:47:63:42:a6:9e:58:eb:20:19:89:d6:4d:
f1:58:6d:3b:9d:0b:a8:17:5d:c3:ff:6e:8a:65:7c:
df:61:bd:76:be:5f:c4:a1:0b:03:2a:49:b7:44:28:
6f:94:45:b2:bc:a0:3f:12:cd:e0:97:fc:4f:74:2a:
84:80:d8:ec:19:38:df:05:d7:49:72:82:0e:87:69:
71:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:BB:69:C7:D8:33:59:57:22:A7:46:C4:BE:4A:E7:CB:2F:36:37
X509v3 Authority Key Identifier:
keyid:9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/4fK7acfYM1lXIqdGxL5K58svNjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/n9aPGyQUI9qXZHuZIkUwOG0laYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.20.0/22
Signature Algorithm: sha256WithRSAEncryption
84:42:2b:25:4d:05:32:1f:06:9a:78:eb:8c:26:e7:18:fc:94:
c2:5e:88:5b:3b:0d:f8:cc:3c:89:30:62:c1:b0:ae:1d:9d:e5:
70:f9:bc:7d:b1:5b:cd:be:70:8b:95:92:5e:a5:b0:d3:9c:34:
0f:b9:e4:ba:79:6f:b7:8b:13:7e:4e:95:c2:76:bf:be:5f:18:
ee:51:49:fd:b3:6e:ef:8a:b1:48:7c:4b:9d:a3:82:7d:ac:28:
8c:ab:7f:de:63:5b:44:b8:ac:d3:7b:e4:a3:3c:0d:fd:3f:93:
da:39:fa:c7:ec:7f:6e:51:16:ff:a6:c4:35:e6:16:c8:f1:ad:
fd:f7:64:85:46:d3:5e:2c:d2:a7:0d:68:59:ba:cf:7b:1b:a4:
42:60:fd:02:10:bd:da:f5:92:81:50:ad:9a:a2:83:52:3f:1c:
58:4b:8e:66:d6:14:20:b4:f2:56:66:6a:2f:72:51:86:b2:be:
8c:58:c3:ff:53:58:b3:71:02:f7:13:07:f1:63:bf:d0:8f:df:
a5:5a:6a:48:9f:b2:c6:41:3e:1c:08:b5:91:10:d8:bd:ca:ab:
bc:d9:23:e1:81:62:20:1e:8b:83:e1:77:64:f8:f1:b7:4a:bd:
1a:b4:04:31:62:e1:13:26:fa:55:17:c0:ae:ce:63:26:3a:0e:
b6:33:94:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlUjBADwqVd+1s1442BwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZDY4ZjFiMjQxNDIzZGE5NzY0N2I5OTIyNDUzMDM4NmQy
NTY5OGMwHhcNMjQwMTAyMDAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYyYmI2OWM3ZDgzMzU5NTcyMmE3NDZjNGJlNGFlN2NiMmYzNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLvSDiX1I/sRo+4kFQ0U2vQ1dU3s
fwxd1Cc5/LhU/7mY0Iy3IxebMcEzz3WNSNY5IbF89R8k0JVuDDBc8Ypc8f8RrLKV
WW0bgn3IpJURnHVWZ/p+KghQTZwx21yHrefej+axxqFO5NOt7Hv8bVELWYX1R4u3
kmkKxoMg13EgZIYjQtyISVW2IHFlxownnFC/qnQEMJgl2GWx/wFdSWGdzTR8H2V5
NpOD7ewEtIF6J02x8g/34ExHY0KmnljrIBmJ1k3xWG07nQuoF13D/26KZXzfYb12
vl/EoQsDKkm3RChvlEWyvKA/Es3gl/xPdCqEgNjsGTjfBddJcoIOh2lxDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOHyu2nH2DNZVyKnRsS+SufLLzY3MB8GA1UdIwQY
MBaAFJ/WjxskFCPal2R7mSJFMDhtJWmMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmIt
MDgxMGQxNmJjYzg3LzEvNGZLN2FjZllNMWxYSXFkR3hMNUs1OHN2TmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmItMDgxMGQxNmJjYzg3
LzEvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWgUMA0G
CSqGSIb3DQEBCwUAA4IBAQCEQislTQUyHwaaeOuMJucY/JTCXohbOw34zDyJMGLB
sK4dneVw+bx9sVvNvnCLlZJepbDTnDQPueS6eW+3ixN+TpXCdr++XxjuUUn9s27v
irFIfEudo4J9rCiMq3/eY1tEuKzTe+SjPA39P5PaOfrH7H9uURb/psQ15hbI8a39
92SFRtNeLNKnDWhZus97G6RCYP0CEL3a9ZKBUK2aooNSPxxYS45m1hQgtPJWZmov
clGGsr6MWMP/U1izcQL3EwfxY7/Qj9+lWmpIn7LGQT4cCLWRENi9yqu82SPhgWIg
HouD4Xdk+PG3Sr0atAQxYuETJvpVF8CuzmMmOg62M5QH
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:27:18 2024 by rpki-client on console.sobornost.net