Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Giz24KLfpQkd7xs-DD95CPsPmOY.roa
File: Giz24KLfpQkd7xs-DD95CPsPmOY.roa (raw, json)
Hash identifier: KQH/GuWZf651hnMRpwoGbmUFOnlVdGar78D6Hk0TRqM=
Subject key identifier: 1A:2C:F6:E0:A2:DF:A5:09:1D:EF:1B:3E:0C:3F:79:08:FB:0F:98:E6
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 0195B4065A01F935AFA1168571414F2023E9
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Giz24KLfpQkd7xs-DD95CPsPmOY.roa
Signing time: Thu 20 Mar 2025 14:47:49 +0000
ROA not before: Thu 20 Mar 2025 14:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.100.0/24 maxlen: 24
5.182.101.0/24 maxlen: 24
45.14.72.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
85.8.190.0/23 maxlen: 23
85.209.216.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
91.201.142.0/23 maxlen: 23
92.119.180.0/24 maxlen: 24
92.119.181.0/24 maxlen: 24
92.119.183.0/24 maxlen: 24
139.28.137.0/24 maxlen: 24
139.28.138.0/23 maxlen: 23
141.98.240.0/24 maxlen: 24
141.98.241.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
193.31.72.0/24 maxlen: 24
193.31.73.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
194.124.52.0/22 maxlen: 22
195.206.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b4:06:5a:01:f9:35:af:a1:16:85:71:41:4f:20:23:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Mar 20 14:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a2cf6e0a2dfa5091def1b3e0c3f7908fb0f98e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:77:cf:c3:b7:c1:04:fd:29:55:9a:2e:59:98:
1c:a0:84:9f:c7:6f:e7:2d:a2:9d:05:28:38:18:05:
35:a5:a4:fe:3d:5a:57:a4:2f:f5:7a:e4:e4:12:2a:
d4:a8:63:ab:1a:82:6d:8a:ed:6b:70:2a:84:2a:ad:
62:13:82:f0:a1:e3:5d:ad:fb:16:a9:5a:75:bb:80:
2e:57:ab:5b:a1:73:16:96:13:9a:59:93:3d:4b:08:
65:e1:6e:ed:21:59:ce:b3:cb:94:a8:ab:cc:d2:76:
0a:da:18:08:68:93:82:6b:d1:e0:fd:c0:5c:e7:aa:
49:f6:77:18:f4:43:84:f0:c9:57:c3:fd:bd:ab:96:
45:9e:6f:98:3a:88:16:93:24:70:64:32:1b:03:a5:
35:85:e6:64:d6:f8:55:23:25:aa:aa:b8:de:76:95:
ca:87:e1:94:fe:c7:4e:31:97:00:ff:fb:5b:68:6d:
fc:b1:01:2c:94:6a:b4:23:ed:7e:f2:1a:e7:ed:67:
d3:92:e9:83:c9:13:92:6c:13:79:67:97:ed:63:89:
84:44:23:0a:98:1c:f4:3f:b5:09:31:84:52:cc:ff:
b1:9a:42:b7:aa:af:4d:3c:99:2d:4d:74:d2:3a:36:
e6:9a:52:0b:51:8a:27:43:c8:b1:52:d4:d5:49:43:
2d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2C:F6:E0:A2:DF:A5:09:1D:EF:1B:3E:0C:3F:79:08:FB:0F:98:E6
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Giz24KLfpQkd7xs-DD95CPsPmOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/23
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
91.201.142.0/23
92.119.180.0/23
92.119.183.0/24
139.28.137.0-139.28.139.255
141.98.240.0/22
193.31.72.0/23
193.31.75.0/24
194.5.0.0/22
194.124.52.0/22
195.206.108.0/24
Signature Algorithm: sha256WithRSAEncryption
72:04:e4:1b:00:4b:13:3e:2f:7d:15:cb:71:57:8b:20:4c:97:
e2:cf:da:08:98:ba:77:b7:16:5d:52:f5:73:55:15:fa:ca:ad:
d7:0b:5b:d7:92:11:a7:77:c4:81:65:63:02:d8:e8:06:8f:89:
74:a2:c6:eb:9c:da:cc:3c:d3:f3:a0:66:ff:cd:08:b0:73:06:
f8:7f:9a:c0:e2:63:eb:1d:61:8f:5f:6f:84:74:ee:a1:cc:5f:
60:8b:27:0d:79:d0:38:fe:f2:c4:2e:67:ce:57:47:c8:4f:40:
9e:c4:74:6e:01:69:62:80:6c:b0:db:42:b0:75:14:fd:42:54:
10:83:3d:ad:25:61:3c:d6:70:9a:94:1a:83:e4:05:b3:58:a2:
b6:7e:fe:31:9d:33:77:c1:70:0a:7d:63:ec:2b:71:c7:51:bf:
9d:c3:9f:bb:84:73:96:4a:10:2e:91:ba:f2:9d:c2:12:4a:7c:
01:b1:ab:fc:0e:41:5e:8c:d7:7b:49:6d:cc:c4:81:d2:1a:05:
30:81:0e:d9:88:62:1a:7b:59:44:63:80:ec:93:e1:cb:b7:65:
62:59:eb:a1:e7:77:e2:c4:92:0a:0f:4f:d4:61:82:d5:0d:86:
76:a5:d5:50:8e:7f:e8:d0:6d:72:a8:9d:ac:43:9e:df:45:a9:
2a:e3:0f:8d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZW0BloB+TWvoRaFcUFPICPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjUwMzIwMTQ0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJjZjZlMGEyZGZhNTA5MWRlZjFiM2UwYzNmNzkwOGZiMGY5OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3fPw7fBBP0pVZouWZgcoISfx2/n
LaKdBSg4GAU1paT+PVpXpC/1euTkEirUqGOrGoJtiu1rcCqEKq1iE4LwoeNdrfsW
qVp1u4AuV6tboXMWlhOaWZM9Swhl4W7tIVnOs8uUqKvM0nYK2hgIaJOCa9Hg/cBc
56pJ9ncY9EOE8MlXw/29q5ZFnm+YOogWkyRwZDIbA6U1heZk1vhVIyWqqrjedpXK
h+GU/sdOMZcA//tbaG38sQEslGq0I+1+8hrn7WfTkumDyROSbBN5Z5ftY4mERCMK
mBz0P7UJMYRSzP+xmkK3qq9NPJktTXTSOjbmmlILUYonQ8ixUtTVSUMtRQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFBos9uCi36UJHe8bPgw/eQj7D5jmMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvR2l6MjRLTGZwUWtkN3hzLUREOTVDUHNQbU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAQW2
ZAMEAC0OSAMEAS1ULAMEAC1ULwMEAS2dSgMEAlUIvAMEAFXR2AMEAVXR2gMEAlja
ZAMEAVvJjgMEAVx3tAMEAFx3tzAMAwQAixyJAwQCixyIAwQCjWLwAwQBwR9IAwQA
wR9LAwQCwgUAAwQCwnw0AwQAw85sMA0GCSqGSIb3DQEBCwUAA4IBAQByBOQbAEsT
Pi99FctxV4sgTJfiz9oImLp3txZdUvVzVRX6yq3XC1vXkhGnd8SBZWMC2OgGj4l0
osbrnNrMPNPzoGb/zQiwcwb4f5rA4mPrHWGPX2+EdO6hzF9giycNedA4/vLELmfO
V0fIT0CexHRuAWligGyw20KwdRT9QlQQgz2tJWE81nCalBqD5AWzWKK2fv4xnTN3
wXAKfWPsK3HHUb+dw5+7hHOWShAukbryncISSnwBsav8DkFejNd7SW3MxIHSGgUw
gQ7ZiGIae1lEY4Dsk+HLt2ViWeuh53fixJIKD0/UYYLVDYZ2pdVQjn/o0G1yqJ2s
Q57fRakq4w+N
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:29:35 2025 by rpki-client