Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/Gumma7CSH0QJDyYLGYO8JVucFbw.roa
File: Gumma7CSH0QJDyYLGYO8JVucFbw.roa (raw, json)
Hash identifier: AHbFRK4oddEvM9hnH4lxRaSLOWlIxIkwfpWyReC2ymY=
Subject key identifier: 1A:E9:A6:6B:B0:92:1F:44:09:0F:26:0B:19:83:BC:25:5B:9C:15:BC
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0194228D7DCA358E5DE5967D83FC5D6F55AC
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/Gumma7CSH0QJDyYLGYO8JVucFbw.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20875
IP address blocks: 5.133.128.0/19 maxlen: 24
37.8.128.0/20 maxlen: 24
37.19.24.0/21 maxlen: 24
46.35.128.0/19 maxlen: 24
62.113.0.0/19 maxlen: 24
85.94.128.0/19 maxlen: 24
92.240.32.0/19 maxlen: 24
95.156.128.0/18 maxlen: 24
159.20.16.0/21 maxlen: 24
185.17.44.0/22 maxlen: 24
185.24.160.0/22 maxlen: 24
185.38.144.0/22 maxlen: 24
212.39.96.0/19 maxlen: 24
212.125.144.0/20 maxlen: 24
2a02:28b8::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7d:ca:35:8e:5d:e5:96:7d:83:fc:5d:6f:55:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ae9a66bb0921f44090f260b1983bc255b9c15bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ae:72:c9:24:ea:1e:68:c7:74:a3:26:c2:65:
ae:81:ef:fe:b1:7d:e3:6d:98:47:a0:51:20:d7:c9:
11:21:40:66:3f:2a:c2:8f:bd:31:42:b5:9d:6c:58:
8c:cc:47:84:67:01:45:07:6f:1f:ed:b3:b8:c3:9b:
30:e9:4f:f9:52:45:8d:eb:57:ce:17:7b:c4:d1:fe:
d5:e1:3a:21:43:57:e8:a7:87:81:14:9b:3f:28:85:
3d:65:00:40:aa:94:56:db:93:a6:f1:62:4d:9f:ae:
d1:70:4d:3d:fc:5a:16:aa:12:5a:45:12:3a:2f:fa:
15:42:ab:cb:9e:e3:b9:ee:8d:b9:5d:94:08:e2:a6:
36:d6:9d:26:a4:c5:0b:bb:86:c6:ed:86:b8:31:47:
85:c0:58:87:b5:41:cc:4c:cb:d7:d3:6b:9a:57:c6:
3f:69:52:32:1f:28:87:2e:65:84:69:de:f0:4e:ad:
80:ac:65:bf:42:cd:5c:98:18:05:49:16:dc:a6:06:
f9:a4:6f:74:76:6d:b5:7a:89:a5:a7:66:44:f0:ba:
b8:70:15:15:ec:2b:27:83:9d:81:a5:6c:2a:c7:22:
db:d4:e3:10:12:dd:21:8c:48:11:3b:03:68:9c:27:
ac:a7:21:9e:b8:86:f4:a0:1f:70:67:ab:f5:34:0f:
c7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E9:A6:6B:B0:92:1F:44:09:0F:26:0B:19:83:BC:25:5B:9C:15:BC
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/Gumma7CSH0QJDyYLGYO8JVucFbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.128.0/19
37.8.128.0/20
37.19.24.0/21
46.35.128.0/19
62.113.0.0/19
85.94.128.0/19
92.240.32.0/19
95.156.128.0/18
159.20.16.0/21
185.17.44.0/22
185.24.160.0/22
185.38.144.0/22
212.39.96.0/19
212.125.144.0/20
IPv6:
2a02:28b8::/29
Signature Algorithm: sha256WithRSAEncryption
77:24:33:a3:9e:83:3d:46:d0:a5:5b:66:fe:86:08:ee:b0:23:
b0:fe:4c:24:f7:01:c7:2f:e6:d6:6a:f5:7d:0a:30:8a:88:8e:
d5:5a:a1:d7:00:ee:42:72:84:6d:b9:ae:e9:34:90:8b:7b:96:
0f:a4:db:8f:a8:aa:bf:a4:bf:4a:f6:3d:2c:ce:c7:06:15:b9:
99:29:b8:27:bd:ed:d1:7e:1c:d7:c4:c2:95:9f:f2:b3:b0:b3:
a2:6a:01:3a:cc:8f:a4:5f:ea:17:29:ce:2f:d8:f2:b7:60:63:
22:17:fa:2d:ad:35:a4:15:b3:06:d8:ef:18:9a:7d:b3:ea:52:
9a:05:7f:79:aa:53:a8:35:53:6d:1d:c9:3d:68:79:f4:df:89:
a1:b6:a5:23:cb:cf:25:d7:61:1a:6f:65:24:13:c8:ec:c8:5c:
b5:d1:6c:02:1f:44:bb:ef:7f:42:e2:aa:cb:7d:7d:d4:3e:08:
ea:5b:f6:e5:43:4c:dc:38:0b:62:a2:0e:a3:1d:4e:61:d6:63:
25:2f:e7:42:bf:88:a4:aa:0f:23:2f:86:04:f8:bc:43:f5:8e:
8a:b1:6e:1b:0b:e6:20:d4:4e:5f:fb:61:51:0e:69:47:b2:22:
f4:e9:54:93:dc:f6:44:d0:ec:53:46:c9:3a:ee:3b:17:96:42:
64:50:1d:b6
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQijX3KNY5d5ZZ9g/xdb1WsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU5YTY2YmIwOTIxZjQ0MDkwZjI2MGIxOTgzYmMyNTViOWMxNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra5yySTqHmjHdKMmwmWuge/+sX3j
bZhHoFEg18kRIUBmPyrCj70xQrWdbFiMzEeEZwFFB28f7bO4w5sw6U/5UkWN61fO
F3vE0f7V4TohQ1fop4eBFJs/KIU9ZQBAqpRW25Om8WJNn67RcE09/FoWqhJaRRI6
L/oVQqvLnuO57o25XZQI4qY21p0mpMULu4bG7Ya4MUeFwFiHtUHMTMvX02uaV8Y/
aVIyHyiHLmWEad7wTq2ArGW/Qs1cmBgFSRbcpgb5pG90dm21eomlp2ZE8Lq4cBUV
7Csng52BpWwqxyLb1OMQEt0hjEgROwNonCespyGeuIb0oB9wZ6v1NA/HUwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFBrppmuwkh9ECQ8mCxmDvCVbnBW8MB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvR3VtbWE3Q1NIMFFKRHlZTEdZTzhKVnVjRmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQFBYWAAwQE
JQiAAwQDJRMYAwQFLiOAAwQFPnEAAwQFVV6AAwQFXPAgAwQGX5yAAwQDnxQQAwQC
uREsAwQCuRigAwQCuSaQAwQF1CdgAwQE1H2QMA0EAgACMAcDBQMqAii4MA0GCSqG
SIb3DQEBCwUAA4IBAQB3JDOjnoM9RtClW2b+hgjusCOw/kwk9wHHL+bWavV9CjCK
iI7VWqHXAO5CcoRtua7pNJCLe5YPpNuPqKq/pL9K9j0szscGFbmZKbgnve3RfhzX
xMKVn/KzsLOiagE6zI+kX+oXKc4v2PK3YGMiF/otrTWkFbMG2O8Ymn2z6lKaBX95
qlOoNVNtHck9aHn034mhtqUjy88l12Eab2UkE8jsyFy10WwCH0S7739C4qrLfX3U
PgjqW/blQ0zcOAtiog6jHU5h1mMlL+dCv4ikqg8jL4YE+LxD9Y6KsW4bC+Yg1E5f
+2FRDmlHsiL06VST3PZE0OxTRsk67jsXlkJkUB22
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:23:58 2025 by rpki-client