Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ALdpivp7qzpUB5jnmeapFiwkGxg.roa
File: ALdpivp7qzpUB5jnmeapFiwkGxg.roa (raw, json)
Hash identifier: 7MA0ajseX1lz/krgeoOJVgQJUF4DBwVOkQ4FKnVb0B4=
Subject key identifier: 00:B7:69:8A:FA:7B:AB:3A:54:07:98:E7:99:E6:A9:16:2C:24:1B:18
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0195EC111FEAB20D6AE867B7E3814318F0CC
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ALdpivp7qzpUB5jnmeapFiwkGxg.roa
Signing time: Mon 31 Mar 2025 11:58:20 +0000
ROA not before: Mon 31 Mar 2025 11:58:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199077
IP address blocks: 46.21.21.0/24 maxlen: 24
46.21.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:11:1f:ea:b2:0d:6a:e8:67:b7:e3:81:43:18:f0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Mar 31 11:58:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b7698afa7bab3a540798e799e6a9162c241b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:50:44:dc:05:9c:1e:79:d9:03:02:9a:7f:
56:25:7f:69:82:30:c2:0b:c6:12:45:e0:66:2b:2c:
dc:b5:9a:2e:e1:2d:10:a9:98:92:6f:95:46:15:b6:
a4:64:77:69:3b:9e:db:5b:99:83:ed:60:01:23:69:
ee:cc:79:82:61:9b:a1:bf:ed:33:e7:3d:9b:b9:1c:
b3:e1:4a:3f:ad:75:2b:b0:a3:5f:e9:49:ba:0c:1d:
f1:44:9a:be:5e:01:70:b4:0e:44:04:5d:47:0a:87:
f4:7f:ca:bd:fe:4b:28:4d:96:4c:b7:5d:01:a1:82:
a1:53:57:d6:85:31:b3:cc:f6:1d:9f:12:97:21:f7:
07:d0:1a:50:28:5e:4a:f4:b3:fe:34:cb:92:e2:2f:
1f:4d:5f:cd:1a:a6:cf:7f:10:fe:94:19:76:4a:04:
11:e6:44:3c:8a:b8:ff:78:33:72:47:d1:3a:11:d9:
e3:54:ac:2c:d2:ba:0f:70:e2:2e:ac:6b:9b:64:f7:
6f:c1:f9:bf:4a:0d:16:1d:60:ec:5a:54:d3:0b:8d:
b8:81:26:47:88:fd:47:39:1c:39:f1:bd:eb:46:db:
82:68:ef:0a:e2:e7:d6:36:b8:f9:3d:06:83:ce:c6:
ce:2c:bb:b7:10:43:0a:d1:ce:fc:51:42:1e:e1:32:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B7:69:8A:FA:7B:AB:3A:54:07:98:E7:99:E6:A9:16:2C:24:1B:18
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ALdpivp7qzpUB5jnmeapFiwkGxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.21.0-46.21.22.255
Signature Algorithm: sha256WithRSAEncryption
8c:d3:07:40:fe:03:1b:87:c8:c4:1e:14:ea:3a:8c:08:c2:dc:
12:86:c3:be:3d:44:2a:c2:45:1a:1a:25:b7:c8:50:d1:8a:3d:
47:99:97:22:67:ee:24:81:8a:7b:43:4a:df:59:30:e8:9b:06:
d1:22:fb:0e:89:8d:75:31:83:15:53:2b:cc:84:e2:ca:7f:65:
03:3e:e2:de:55:60:58:ef:e7:ec:3d:02:de:f0:3b:d5:cf:1c:
3a:c1:b0:5a:8b:a7:e0:2b:52:79:f7:0d:80:1a:a4:db:cf:76:
be:8c:72:e8:33:66:b1:4a:c8:d1:31:f9:b1:f3:0b:b4:5a:17:
15:3f:ea:65:45:e5:a4:1b:db:77:fb:39:1c:f8:f5:d7:c3:b8:
d4:da:1b:7d:ff:07:e9:29:9b:b6:4f:f8:83:57:7e:23:e5:92:
95:f4:10:e9:a8:54:ef:70:ae:7f:9e:6e:52:d6:ee:08:63:4e:
b8:cf:6b:e7:59:6b:66:17:04:14:7b:ca:69:c3:bb:28:08:b8:
a5:52:a3:80:a0:4e:ea:fb:c1:9e:e5:77:0a:ed:50:86:85:99:
a2:70:ed:08:10:27:7b:d6:a9:d5:23:3e:6c:8a:e5:65:31:05:
eb:fa:8f:6b:95:dc:99:d4:60:61:da:77:fc:7c:65:b6:31:ab:
ad:3d:a1:d3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZXsER/qsg1q6Ge344FDGPDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwMzMxMTE1ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI3Njk4YWZhN2JhYjNhNTQwNzk4ZTc5OWU2YTkxNjJjMjQxYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w9QRNwFnB552QMCmn9WJX9pgjDC
C8YSReBmKyzctZou4S0QqZiSb5VGFbakZHdpO57bW5mD7WABI2nuzHmCYZuhv+0z
5z2buRyz4Uo/rXUrsKNf6Um6DB3xRJq+XgFwtA5EBF1HCof0f8q9/ksoTZZMt10B
oYKhU1fWhTGzzPYdnxKXIfcH0BpQKF5K9LP+NMuS4i8fTV/NGqbPfxD+lBl2SgQR
5kQ8irj/eDNyR9E6EdnjVKws0roPcOIurGubZPdvwfm/Sg0WHWDsWlTTC424gSZH
iP1HORw58b3rRtuCaO8K4ufWNrj5PQaDzsbOLLu3EEMK0c78UUIe4TIpZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAC3aYr6e6s6VAeY55nmqRYsJBsYMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvQUxkcGl2cDdxenBVQjVqbm1lYXBGaXdrR3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAuFRUD
BAAuFRYwDQYJKoZIhvcNAQELBQADggEBAIzTB0D+AxuHyMQeFOo6jAjC3BKGw749
RCrCRRoaJbfIUNGKPUeZlyJn7iSBintDSt9ZMOibBtEi+w6JjXUxgxVTK8yE4sp/
ZQM+4t5VYFjv5+w9At7wO9XPHDrBsFqLp+ArUnn3DYAapNvPdr6McugzZrFKyNEx
+bHzC7RaFxU/6mVF5aQb23f7ORz49dfDuNTaG33/B+kpm7ZP+INXfiPlkpX0EOmo
VO9wrn+eblLW7ghjTrjPa+dZa2YXBBR7ymnDuygIuKVSo4CgTur7wZ7ldwrtUIaF
maJw7QgQJ3vWqdUjPmyK5WUxBev6j2uV3JnUYGHad/x8ZbYxq609odM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net