Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ozrTdpe1V6nWhIXc_uPJkbB3Ha8.roa
File: ozrTdpe1V6nWhIXc_uPJkbB3Ha8.roa (raw, json)
Hash identifier: 4/0gezw7oO9+Mipv3nHjnHIMLwCz0D23SE1aqFovk9Q=
Subject key identifier: A3:3A:D3:76:97:B5:57:A9:D6:84:85:DC:FE:E3:C9:91:B0:77:1D:AF
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0194228E26ADA43BC52D30C3927B6B6DEA1F
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ozrTdpe1V6nWhIXc_uPJkbB3Ha8.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199077
IP address blocks: 46.21.17.0/24 maxlen: 24
46.21.18.0/24 maxlen: 24
46.21.19.0/24 maxlen: 24
46.21.21.0/24 maxlen: 24
46.21.22.0/24 maxlen: 24
77.220.92.0/24 maxlen: 24
77.220.93.0/24 maxlen: 24
77.220.94.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:26:ad:a4:3b:c5:2d:30:c3:92:7b:6b:6d:ea:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a33ad37697b557a9d68485dcfee3c991b0771daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ae:2d:83:71:7d:1c:22:ca:55:0e:16:2d:82:
3a:6f:14:51:b6:96:bc:58:ec:1b:05:b8:e3:2d:3c:
fa:8b:f5:fc:56:00:75:5a:23:55:9b:11:62:b2:43:
ac:f9:e4:70:18:51:91:41:d9:97:50:f2:9e:de:35:
66:6e:bc:1a:a3:ab:9a:fa:c2:68:1a:df:d2:a7:4f:
dc:46:1f:7a:78:f3:80:be:9a:fe:9f:61:45:b3:6e:
ea:77:af:b8:c9:b9:25:ef:ef:3b:36:25:d2:f1:fa:
bb:a4:33:33:5b:09:f6:bb:78:8d:d0:35:23:f6:a6:
0a:85:11:1d:3c:b7:e4:3a:c8:93:f9:cf:f1:d1:e1:
c8:fe:e7:cc:0e:76:31:da:86:22:b3:56:01:c5:ca:
16:8f:e2:fe:a2:9e:03:2b:85:c3:04:b0:28:44:84:
48:d8:1a:04:cd:9a:39:cb:cb:19:15:e5:3e:59:c5:
bb:b8:90:b1:8b:96:d6:0f:6a:a1:76:dc:0c:50:bc:
6a:34:c2:7d:1b:98:c7:a6:65:1d:c9:28:30:1e:d2:
93:87:9e:da:9a:b9:c3:ee:a2:b8:65:e3:ea:a5:16:
fb:b8:ee:59:4a:07:0c:dc:07:ae:54:4f:bb:e0:00:
5a:28:30:8c:5b:70:77:0d:8c:12:44:9e:21:07:35:
e2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3A:D3:76:97:B5:57:A9:D6:84:85:DC:FE:E3:C9:91:B0:77:1D:AF
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/ozrTdpe1V6nWhIXc_uPJkbB3Ha8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.17.0-46.21.19.255
46.21.21.0-46.21.22.255
77.220.92.0-77.220.94.255
Signature Algorithm: sha256WithRSAEncryption
68:34:c5:a7:3f:82:e7:65:8b:19:a4:69:b2:42:ff:38:fc:8b:
e3:b5:6a:a8:d9:87:12:ed:ed:d1:d5:0c:86:44:d3:1e:a1:ef:
b2:22:f1:9e:2a:a0:88:7b:e8:3c:bf:fd:f6:5d:ad:13:2e:fa:
77:83:0b:98:e8:96:2b:ae:28:3b:f5:40:da:f0:13:00:e7:a9:
02:b6:8d:85:83:84:47:d3:c8:ee:1f:08:8e:c4:5d:61:32:2a:
3b:df:ce:b8:a7:43:e6:35:a8:39:7c:85:1a:e6:6f:89:28:46:
6a:20:6e:54:cc:0d:df:cd:47:6a:e6:29:4b:c4:23:40:77:39:
67:c7:81:86:ee:18:50:92:f0:95:cd:ed:a6:e0:7a:af:a1:8f:
2a:98:49:c7:77:48:13:d9:1a:f9:31:66:c9:73:45:bb:58:f4:
e4:ec:f4:c2:14:bb:d5:41:59:7a:1b:9c:cc:ec:d5:9a:e2:89:
37:7d:91:5b:48:c1:9c:34:dd:64:c9:7f:9c:75:72:da:a5:5e:
a8:70:c2:a7:84:c3:a8:33:3a:70:e2:fd:f2:19:7f:50:fd:bc:
73:cb:a9:bb:cf:90:5c:2f:af:c0:93:33:eb:8a:a0:b1:b7:9c:
9d:29:15:a1:60:59:8c:10:af:e2:77:28:25:f6:13:07:a0:8e:
7c:eb:4a:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQijiatpDvFLTDDkntrbeofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNhZDM3Njk3YjU1N2E5ZDY4NDg1ZGNmZWUzYzk5MWIwNzcxZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK4tg3F9HCLKVQ4WLYI6bxRRtpa8
WOwbBbjjLTz6i/X8VgB1WiNVmxFiskOs+eRwGFGRQdmXUPKe3jVmbrwao6ua+sJo
Gt/Sp0/cRh96ePOAvpr+n2FFs27qd6+4ybkl7+87NiXS8fq7pDMzWwn2u3iN0DUj
9qYKhREdPLfkOsiT+c/x0eHI/ufMDnYx2oYis1YBxcoWj+L+op4DK4XDBLAoRIRI
2BoEzZo5y8sZFeU+WcW7uJCxi5bWD2qhdtwMULxqNMJ9G5jHpmUdySgwHtKTh57a
mrnD7qK4ZePqpRb7uO5ZSgcM3AeuVE+74ABaKDCMW3B3DYwSRJ4hBzXiOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKM603aXtVep1oSF3P7jyZGwdx2vMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvb3pyVGRwZTFWNm5XaElYY191UEprYkIzSGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAAuFRED
BAIuFRAwDAMEAC4VFQMEAC4VFjAMAwQCTdxcAwQATdxeMA0GCSqGSIb3DQEBCwUA
A4IBAQBoNMWnP4LnZYsZpGmyQv84/IvjtWqo2YcS7e3R1QyGRNMeoe+yIvGeKqCI
e+g8v/32Xa0TLvp3gwuY6JYrrig79UDa8BMA56kCto2Fg4RH08juHwiOxF1hMio7
3864p0PmNag5fIUa5m+JKEZqIG5UzA3fzUdq5ilLxCNAdzlnx4GG7hhQkvCVze2m
4HqvoY8qmEnHd0gT2Rr5MWbJc0W7WPTk7PTCFLvVQVl6G5zM7NWa4ok3fZFbSMGc
NN1kyX+cdXLapV6ocMKnhMOoMzpw4v3yGX9Q/bxzy6m7z5BcL6/AkzPriqCxt5yd
KRWhYFmMEK/idygl9hMHoI5860oS
-----END CERTIFICATE-----
Generated at Tue Mar 25 14:43:54 2025 by rpki-client on console.sobornost.net