Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: 8IwUfQodG5MN1ACqc+r+Y19as7HxQwI7phSsvN22oV4=
Subject key identifier: B9:85:0C:D7:ED:1E:F5:22:3A:AF:6F:56:9E:5B:47:17:1A:1F:37:BC
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5B2E5D3BB68052CFE31179FEEBD04A1B4CBEB086
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
Signing time: Mon 17 Mar 2025 11:09:15 +0000
ROA not before: Mon 17 Mar 2025 11:04:15 +0000
ROA not after: Mon 16 Mar 2026 11:09:15 +0000
asID: 42831
IP address blocks: 82.21.128.0/24 maxlen: 24
82.21.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:2e:5d:3b:b6:80:52:cf:e3:11:79:fe:eb:d0:4a:1b:4c:be:b0:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 17 11:04:15 2025 GMT
Not After : Mar 16 11:09:15 2026 GMT
Subject: CN=B9850CD7ED1EF5223AAF6F569E5B47171A1F37BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8a:2a:b5:42:04:92:8f:7e:57:23:4b:45:47:
72:ec:ff:57:ef:c3:89:ad:2b:ff:6d:50:61:c3:6f:
e9:ea:8f:51:2a:72:b7:8b:ec:11:3b:23:0a:98:8c:
3f:e4:2c:77:dd:40:5c:02:e5:cf:f0:fc:3b:c5:37:
51:d5:73:ed:cd:4c:73:63:30:a6:ac:34:c4:19:96:
b6:88:63:a5:2f:65:65:2f:c3:b3:cf:d0:2f:9b:51:
d6:87:ea:83:4a:97:c1:c3:80:5e:29:2f:88:1a:76:
3e:c5:32:4e:49:f9:50:ad:15:70:a3:f4:b0:96:2e:
31:e4:00:1c:1f:46:dc:56:94:a0:3e:28:01:54:5b:
0c:b2:c3:c5:b0:51:2f:05:53:f7:21:52:c3:f1:82:
9b:87:51:e6:cf:e3:19:61:f2:80:33:1e:e8:f0:8d:
cf:5a:54:b0:48:20:51:0f:76:3d:83:d5:49:62:38:
b8:fb:35:c1:53:bb:04:01:13:18:23:bd:b7:31:a2:
a2:53:f6:41:35:51:2a:b9:5e:69:8b:47:b6:d6:d6:
21:bc:e3:c2:86:e4:3d:94:4a:75:6f:6c:5b:eb:95:
40:53:7f:2f:47:67:31:c5:3d:ed:7a:f7:44:27:72:
fe:e5:cc:51:07:fc:ac:fd:48:64:e9:a5:c7:b1:0f:
37:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:85:0C:D7:ED:1E:F5:22:3A:AF:6F:56:9E:5B:47:17:1A:1F:37:BC
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.128.0/24
82.21.131.0/24
Signature Algorithm: sha256WithRSAEncryption
16:e8:48:23:23:98:6a:c9:32:f3:4d:17:4e:93:7e:2b:d8:08:
78:98:d6:0a:3b:79:87:e2:4f:66:5e:d9:ec:e7:57:fd:35:c2:
af:34:d6:08:2a:6c:56:1b:98:6a:fb:9f:08:36:f8:b4:d2:9a:
bd:86:47:a2:5c:c5:9e:2f:c0:42:f4:70:6d:83:5a:03:72:03:
9d:8b:93:48:62:ce:e1:81:0f:49:3f:b0:47:06:66:fe:83:49:
25:35:da:b3:0d:d0:dd:0c:0d:46:cb:8b:2b:35:f2:47:7f:fe:
a4:cb:c7:53:d5:c6:48:42:31:89:53:d0:fd:d1:b9:1c:af:e4:
02:0f:5d:9a:12:8a:f6:12:a5:57:2a:1c:5e:76:3a:87:a7:fa:
56:c7:2f:b9:9a:85:be:b8:35:f4:78:ad:18:5f:64:7b:7b:9d:
84:44:e1:6b:70:5e:2e:69:28:59:a5:b2:bf:90:17:c1:75:10:
f2:66:37:c6:db:c0:b6:d2:a2:2d:eb:1d:58:2e:f1:30:be:66:
90:7e:36:38:32:6f:37:c9:09:b3:95:c3:4e:86:5c:a8:ed:5e:
25:96:4f:1d:38:bf:87:c1:86:00:4e:cd:e4:51:b9:e2:9c:5a:
a3:fd:82:cd:66:a3:6a:9d:b1:2a:c3:c2:42:85:93:0e:41:6b:
60:f1:14:c2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUWy5dO7aAUs/jEXn+69BKG0y+sIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMTcxMTA0MTVaFw0yNjAzMTYxMTA5MTVaMDMxMTAvBgNV
BAMTKEI5ODUwQ0Q3RUQxRUY1MjIzQUFGNkY1NjlFNUI0NzE3MUExRjM3QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2iiq1QgSSj35XI0tFR3Ls/1fv
w4mtK/9tUGHDb+nqj1EqcreL7BE7IwqYjD/kLHfdQFwC5c/w/DvFN1HVc+3NTHNj
MKasNMQZlraIY6UvZWUvw7PP0C+bUdaH6oNKl8HDgF4pL4gadj7FMk5J+VCtFXCj
9LCWLjHkABwfRtxWlKA+KAFUWwyyw8WwUS8FU/chUsPxgpuHUebP4xlh8oAzHujw
jc9aVLBIIFEPdj2D1UliOLj7NcFTuwQBExgjvbcxoqJT9kE1USq5XmmLR7bW1iG8
48KG5D2USnVvbFvrlUBTfy9HZzHFPe1690Qncv7lzFEH/Kz9SGTppcexDzdbAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUuYUM1+0e9SI6r29WnltHFxofN7wwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABSFYAD
BABSFYMwDQYJKoZIhvcNAQELBQADggEBABboSCMjmGrJMvNNF06TfivYCHiY1go7
eYfiT2Ze2eznV/01wq801ggqbFYbmGr7nwg2+LTSmr2GR6JcxZ4vwEL0cG2DWgNy
A52Lk0hizuGBD0k/sEcGZv6DSSU12rMN0N0MDUbLiys18kd//qTLx1PVxkhCMYlT
0P3RuRyv5AIPXZoSivYSpVcqHF52Ooen+lbHL7mahb64NfR4rRhfZHt7nYRE4Wtw
Xi5pKFmlsr+QF8F1EPJmN8bbwLbSoi3rHVgu8TC+ZpB+NjgybzfJCbOVw06GXKjt
XiWWTx04v4fBhgBOzeRRueKcWqP9gs1mo2qdsSrDwkKFkw5Ba2DxFMI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:13:32 2025 by rpki-client