Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/GzCIBu4tHiFH76_Ly9Ei_0SMBpg.roa
File: GzCIBu4tHiFH76_Ly9Ei_0SMBpg.roa (raw, json)
Hash identifier: ucUps3PWBgmn642QIizMtNVpME3QV9nJ//n0R1ijDxA=
Subject key identifier: 1B:30:88:06:EE:2D:1E:21:47:EF:AF:CB:CB:D1:22:FF:44:8C:06:98
Certificate issuer: /CN=c3eb70743815fe445c958a3c5117ef2753d30f7e
Certificate serial: 019421B1E4829553037953C67945CDFDBE60
Authority key identifier: C3:EB:70:74:38:15:FE:44:5C:95:8A:3C:51:17:EF:27:53:D3:0F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w-twdDgV_kRclYo8URfvJ1PTD34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/GzCIBu4tHiFH76_Ly9Ei_0SMBpg.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198297
IP address blocks: 185.86.132.0/22 maxlen: 22
185.86.132.0/23 maxlen: 23
185.86.132.0/24 maxlen: 24
185.86.132.9/32 maxlen: 32
185.86.133.0/24 maxlen: 24
185.86.134.0/23 maxlen: 23
185.86.134.0/24 maxlen: 24
185.86.135.0/24 maxlen: 24
2a03:7620::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:82:95:53:03:79:53:c6:79:45:cd:fd:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3eb70743815fe445c958a3c5117ef2753d30f7e
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b308806ee2d1e2147efafcbcbd122ff448c0698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:7a:e3:74:b3:b3:83:64:a6:9b:e8:5d:1d:
99:4b:b9:80:de:c4:63:3d:2f:17:01:06:e7:d1:b0:
13:2c:36:e9:0b:79:57:89:a5:b8:f6:11:31:27:b6:
24:5c:27:ed:a0:7d:de:e3:33:16:5c:96:32:18:8b:
23:5e:f4:aa:ff:4a:95:17:6f:a3:fb:f1:48:53:27:
7a:6d:20:34:0d:8f:dd:15:8c:70:c7:5a:b1:4e:2c:
1f:e9:9d:86:e9:68:d3:bd:8a:e2:de:65:46:5c:db:
1d:6c:42:cf:ce:58:59:4d:6a:c1:a2:47:ad:51:33:
36:30:24:4c:b4:31:25:1b:e2:8c:2b:8c:88:5c:f9:
45:f6:f4:78:17:d7:99:28:e0:88:a4:87:ce:bd:ab:
63:33:71:48:d2:ff:63:a0:40:a6:ac:92:79:6c:d7:
2e:0e:9a:6f:bd:ce:51:0e:98:b8:6b:85:fb:50:0d:
24:64:7d:e3:4a:30:0a:10:35:84:83:a5:c8:df:e4:
13:e0:ee:74:88:95:82:58:e7:b0:f8:3e:eb:52:67:
cf:2e:47:ec:24:33:d4:4c:af:a0:55:b0:de:5a:93:
81:93:80:a7:30:4b:ae:6e:ff:38:fe:ec:c7:d9:90:
c0:fa:60:a7:51:b8:42:d7:93:3c:1c:27:01:3f:be:
4a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:30:88:06:EE:2D:1E:21:47:EF:AF:CB:CB:D1:22:FF:44:8C:06:98
X509v3 Authority Key Identifier:
keyid:C3:EB:70:74:38:15:FE:44:5C:95:8A:3C:51:17:EF:27:53:D3:0F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w-twdDgV_kRclYo8URfvJ1PTD34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/GzCIBu4tHiFH76_Ly9Ei_0SMBpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/w-twdDgV_kRclYo8URfvJ1PTD34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.132.0/22
IPv6:
2a03:7620::/32
Signature Algorithm: sha256WithRSAEncryption
5a:4b:56:bd:19:d0:44:f5:23:ca:08:20:cc:cb:33:a8:d7:89:
bb:a9:01:5e:5e:0a:93:5c:45:a7:59:da:b7:bf:fa:5e:16:65:
ba:cb:fd:bd:79:d7:b3:11:f9:63:f8:5e:ae:e2:eb:14:36:6a:
2b:c8:34:9e:4d:dd:a2:fc:41:5f:82:bb:72:ce:df:3e:6e:ca:
56:83:a0:a2:2e:15:68:05:d0:91:fd:31:0b:b2:f5:78:bc:6e:
6b:40:57:7a:29:48:42:0f:40:ad:c1:98:bf:93:4b:96:61:df:
c0:8d:d3:76:22:e6:4f:df:ea:60:64:0b:e2:b6:6a:2a:62:5d:
6a:bd:54:fb:fd:41:60:f9:8e:01:28:78:3d:4b:b4:19:53:27:
1a:a6:41:4b:d5:9f:e7:a1:f1:d0:2a:bb:9a:06:3e:15:08:f4:
37:28:58:91:3a:07:38:76:ff:89:6c:61:26:c6:bf:21:83:fb:
d4:e2:7c:d7:69:38:34:49:4f:00:0e:45:25:85:a9:97:75:c6:
24:86:b9:bd:66:2c:2a:64:17:9c:6e:7c:2b:b6:b9:15:88:9a:
52:f5:79:74:07:b6:b6:07:7a:14:40:c9:1a:0b:b0:15:ad:0d:
46:a4:3c:01:b7:5a:db:2a:5d:7a:d8:fb:a7:53:1b:3e:29:7f:
69:20:b6:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhseSClVMDeVPGeUXN/b5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZWI3MDc0MzgxNWZlNDQ1Yzk1OGEzYzUxMTdlZjI3NTNk
MzBmN2UwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjMwODgwNmVlMmQxZTIxNDdlZmFmY2JjYmQxMjJmZjQ0OGMwNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC5643Szs4NkppvoXR2ZS7mA3sRj
PS8XAQbn0bATLDbpC3lXiaW49hExJ7YkXCftoH3e4zMWXJYyGIsjXvSq/0qVF2+j
+/FIUyd6bSA0DY/dFYxwx1qxTiwf6Z2G6WjTvYri3mVGXNsdbELPzlhZTWrBoket
UTM2MCRMtDElG+KMK4yIXPlF9vR4F9eZKOCIpIfOvatjM3FI0v9joECmrJJ5bNcu
Dppvvc5RDpi4a4X7UA0kZH3jSjAKEDWEg6XI3+QT4O50iJWCWOew+D7rUmfPLkfs
JDPUTK+gVbDeWpOBk4CnMEuubv84/uzH2ZDA+mCnUbhC15M8HCcBP75K+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBswiAbuLR4hR++vy8vRIv9EjAaYMB8GA1UdIwQY
MBaAFMPrcHQ4Ff5EXJWKPFEX7ydT0w9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdy10d2REZ1Zfa1JjbFlvOFVSZnZKMVBURDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xMzc1NGMtOGJlNy00NjBlLTg1MDct
MTM1NzVlZjcyOWYzLzEvR3pDSUJ1NHRIaUZINzZfTHk5RWlfMFNNQnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xMzc1NGMtOGJlNy00NjBlLTg1MDctMTM1NzVlZjcyOWYz
LzEvdy10d2REZ1Zfa1JjbFlvOFVSZnZKMVBURDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVaEMA0E
AgACMAcDBQAqA3YgMA0GCSqGSIb3DQEBCwUAA4IBAQBaS1a9GdBE9SPKCCDMyzOo
14m7qQFeXgqTXEWnWdq3v/peFmW6y/29edezEflj+F6u4usUNmoryDSeTd2i/EFf
grtyzt8+bspWg6CiLhVoBdCR/TELsvV4vG5rQFd6KUhCD0CtwZi/k0uWYd/AjdN2
IuZP3+pgZAvitmoqYl1qvVT7/UFg+Y4BKHg9S7QZUycapkFL1Z/nofHQKruaBj4V
CPQ3KFiROgc4dv+JbGEmxr8hg/vU4nzXaTg0SU8ADkUlhamXdcYkhrm9ZiwqZBec
bnwrtrkViJpS9Xl0B7a2B3oUQMkaC7AVrQ1GpDwBt1rbKl162PunUxs+KX9pILYW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:40 2025 by rpki-client on console.sobornost.net