Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IZhkosGgQBHaBb9lbl4rmlk1aZQ.roa
File: IZhkosGgQBHaBb9lbl4rmlk1aZQ.roa (raw, json)
Hash identifier: b+EQyhrUawKp+xt48gvHRNnzp55mbXEMDZD+3cCUg9g=
Subject key identifier: 21:98:64:A2:C1:A0:40:11:DA:05:BF:65:6E:5E:2B:9A:59:35:69:94
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0195AB0F821CBB52E2941F2DFC97AE7F298E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IZhkosGgQBHaBb9lbl4rmlk1aZQ.roa
Signing time: Tue 18 Mar 2025 21:01:15 +0000
ROA not before: Tue 18 Mar 2025 21:01:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ab:0f:82:1c:bb:52:e2:94:1f:2d:fc:97:ae:7f:29:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 18 21:01:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=219864a2c1a04011da05bf656e5e2b9a59356994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:82:8b:a5:95:56:66:f3:af:ea:c6:b2:56:
28:91:77:fc:7c:cf:80:19:b1:3b:50:89:1c:a1:df:
8c:83:52:b8:ff:c6:67:1b:a3:3e:c7:0e:9f:9b:98:
3f:cd:9b:22:3f:5e:cd:8e:41:de:86:16:98:e3:d8:
63:f2:89:f3:ca:61:1a:5e:51:3c:fd:97:0c:55:a1:
d7:f4:14:f2:2a:07:64:fd:c3:a5:18:99:10:d1:90:
b7:53:78:14:e7:5b:1a:14:cf:98:10:e2:2e:aa:ee:
4f:df:09:29:14:35:45:6d:cd:50:26:d8:27:57:d5:
2f:53:aa:52:77:db:1f:40:11:8f:6a:f7:64:0f:e4:
d8:be:53:37:6c:fb:e7:1d:60:ea:df:2e:08:0c:8d:
5a:16:f1:2b:d1:0e:3e:a5:34:c0:71:3e:04:de:7e:
e1:52:ad:8a:98:94:71:0a:a6:67:3a:d7:20:9f:f5:
d4:14:2d:51:45:f3:b6:a3:0e:fe:45:09:95:44:fb:
90:3d:ca:a6:8b:ac:c5:cd:a3:de:61:af:bc:3d:54:
ab:c8:20:5d:34:95:9f:8d:f5:33:0d:d7:0c:7f:42:
ff:2a:b8:06:4d:f9:03:af:63:b4:02:99:6b:31:39:
11:5e:84:35:2e:d6:2b:ef:5e:12:1f:93:87:ed:18:
28:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:98:64:A2:C1:A0:40:11:DA:05:BF:65:6E:5E:2B:9A:59:35:69:94
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/IZhkosGgQBHaBb9lbl4rmlk1aZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.214.0/24
85.133.222.0/24
85.133.225.0/24
85.133.227.0-85.133.228.255
85.133.234.0/24
85.133.251.0-85.133.252.255
Signature Algorithm: sha256WithRSAEncryption
64:50:71:85:04:60:01:da:5e:c1:8c:63:4a:99:b1:53:09:89:
ca:38:90:c7:82:ef:21:da:b5:04:c2:99:70:44:8c:bf:55:a8:
fe:69:6f:a9:0f:b8:e9:a7:bf:6d:1b:5a:79:97:1e:9a:a6:05:
28:7a:53:08:4f:5c:e5:dd:55:bd:32:de:4e:64:6c:23:c8:31:
a8:ed:93:3b:e3:f0:c4:55:43:71:12:1b:bc:53:a6:68:c8:48:
3c:77:57:45:17:46:69:33:1a:1f:82:71:5e:05:2b:bc:10:23:
7c:d3:7b:1a:d7:03:3d:6b:04:90:73:90:2f:61:47:ec:1c:37:
a6:59:9c:77:07:69:6e:75:67:39:ab:4a:7d:6f:c7:23:9c:fd:
e2:0d:df:24:58:8f:f0:31:fc:bb:31:b3:3a:6f:29:90:52:46:
c9:01:de:4d:12:b3:a8:6f:d9:99:fb:36:ac:1e:77:02:cb:37:
87:64:24:41:dd:0a:7a:91:9d:46:a9:52:a7:a6:d9:aa:be:dd:
8f:b1:4b:bd:83:20:7f:61:56:ed:fa:19:ca:55:03:30:3a:de:
ae:72:c4:68:9a:dc:56:a9:96:5c:7c:e1:22:4b:2b:7b:5f:e4:
5b:b9:d4:79:82:3c:ad:2d:5e:ec:b0:36:5d:46:bc:65:f0:0d:
7a:38:a4:22
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZWrD4Icu1LilB8t/JeufymOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwMzE4MjEwMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk4NjRhMmMxYTA0MDExZGEwNWJmNjU2ZTVlMmI5YTU5MzU2OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshiCi6WVVmbzr+rGslYokXf8fM+A
GbE7UIkcod+Mg1K4/8ZnG6M+xw6fm5g/zZsiP17NjkHehhaY49hj8onzymEaXlE8
/ZcMVaHX9BTyKgdk/cOlGJkQ0ZC3U3gU51saFM+YEOIuqu5P3wkpFDVFbc1QJtgn
V9UvU6pSd9sfQBGPavdkD+TYvlM3bPvnHWDq3y4IDI1aFvEr0Q4+pTTAcT4E3n7h
Uq2KmJRxCqZnOtcgn/XUFC1RRfO2ow7+RQmVRPuQPcqmi6zFzaPeYa+8PVSryCBd
NJWfjfUzDdcMf0L/KrgGTfkDr2O0AplrMTkRXoQ1LtYr714SH5OH7RgoOwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFCGYZKLBoEAR2gW/ZW5eK5pZNWmUMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvSVpoa29zR2dRQkhhQmI5bGJsNHJtbGsxYVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAVYXBAwQA
VYXWAwQAVYXeAwQAVYXhMAwDBABVheMDBABVheQDBABVheowDAMEAFWF+wMEAFWF
/DANBgkqhkiG9w0BAQsFAAOCAQEAZFBxhQRgAdpewYxjSpmxUwmJyjiQx4LvIdq1
BMKZcESMv1Wo/mlvqQ+46ae/bRtaeZcemqYFKHpTCE9c5d1VvTLeTmRsI8gxqO2T
O+PwxFVDcRIbvFOmaMhIPHdXRRdGaTMaH4JxXgUrvBAjfNN7GtcDPWsEkHOQL2FH
7Bw3plmcdwdpbnVnOatKfW/HI5z94g3fJFiP8DH8uzGzOm8pkFJGyQHeTRKzqG/Z
mfs2rB53Ass3h2QkQd0KepGdRqlSp6bZqr7dj7FLvYMgf2FW7foZylUDMDrernLE
aJrcVqmWXHzhIksre1/kW7nUeYI8rS1e7LA2XUa8ZfANejikIg==
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:17:52 2025 by rpki-client on console.sobornost.net