Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: bHxx0Vr0TURoBDxzO52gfdE+8+HfaHK3p6NRG088DVM=
Subject key identifier: E8:4C:62:2E:21:9C:5A:65:F1:E0:8A:1C:14:AC:15:4E:E6:1F:8A:62
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 039017C9A7C90F8CC0952B547D2392A5588848FC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
Signing time: Fri 20 Dec 2024 06:14:58 +0000
ROA not before: Fri 20 Dec 2024 06:09:58 +0000
ROA not after: Fri 19 Dec 2025 06:14:58 +0000
asID: 21840
IP address blocks: 96.62.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:90:17:c9:a7:c9:0f:8c:c0:95:2b:54:7d:23:92:a5:58:88:48:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 20 06:09:58 2024 GMT
Not After : Dec 19 06:14:58 2025 GMT
Subject: CN=E84C622E219C5A65F1E08A1C14AC154EE61F8A62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c0:09:2d:3a:ee:33:44:57:1b:f4:67:dc:9a:
0e:93:34:7b:48:16:c3:c2:ce:f3:bc:09:f3:78:b5:
e1:f9:b3:28:08:de:79:73:dc:11:92:11:1c:8d:ba:
2b:bf:b7:71:01:8a:1a:11:62:b7:ad:ea:aa:41:e1:
69:23:0d:d3:5b:24:c0:c0:70:1b:1d:33:78:0e:2c:
5c:75:f3:ce:18:80:e6:dc:55:7b:7d:e3:15:e2:9f:
fe:ca:32:fb:cd:b1:d1:91:80:6a:28:26:3f:4d:15:
41:0b:b0:4d:62:ce:45:7d:bb:29:c7:f3:ca:18:77:
dc:93:08:36:44:f3:41:a0:62:87:d8:fd:e9:25:94:
ac:f3:9c:7f:ef:69:19:97:65:dd:51:24:19:34:fa:
db:d8:4d:09:dc:d1:61:c3:b1:3e:0d:af:87:49:71:
40:e5:cf:f8:99:dd:ed:4b:4b:15:52:4c:03:c3:ff:
87:f8:aa:7f:fd:85:b4:35:40:f6:e9:8f:b8:4e:5c:
6b:c0:43:d8:4d:46:3e:42:65:2b:86:94:d0:87:18:
11:0d:a3:bf:17:7a:77:2e:f8:93:fa:e0:bd:e6:9a:
86:78:1b:ae:d9:c6:10:50:40:8d:e1:3b:2e:cf:f7:
04:c3:ab:9f:b2:45:2c:7e:a8:90:97:30:cf:55:44:
45:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4C:62:2E:21:9C:5A:65:F1:E0:8A:1C:14:AC:15:4E:E6:1F:8A:62
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:24:94:80:34:07:0d:26:45:de:43:44:21:4d:3b:6a:6b:48:
7f:f2:17:a5:14:ed:5c:f7:1f:06:1b:59:f9:4b:26:d9:8d:78:
68:5f:46:17:08:8f:63:18:1e:08:f5:83:7d:05:da:63:6d:e1:
9f:16:1a:ca:f1:6b:c4:86:7e:87:cd:3b:4b:02:7f:75:59:29:
df:91:26:0b:12:ee:35:be:0a:c0:31:ed:55:b8:d7:c0:66:47:
d1:05:5f:d5:a3:a3:86:64:a6:4a:89:98:c2:a3:5f:63:13:a1:
f3:ec:38:9b:7f:49:91:e4:11:79:5b:d1:a4:5f:9a:39:cf:66:
76:94:9d:13:a9:db:c8:6d:dc:e3:83:3b:6a:d5:75:46:51:93:
77:ed:c9:52:86:eb:48:de:15:4b:78:c0:63:b5:59:77:af:2b:
4f:b1:62:e3:5a:7a:d1:a5:e2:c4:e5:60:57:b6:e2:f2:cf:8d:
37:2f:d1:13:be:76:18:08:91:5d:53:96:1e:9e:4d:5f:19:1a:
43:41:69:ec:b9:2e:e4:69:9b:96:dc:17:f2:79:66:3e:01:94:
73:ec:d0:aa:f3:67:b3:22:56:3b:81:b1:39:48:95:77:9e:f9:
fb:aa:ab:b7:05:f4:99:fe:2d:75:55:5b:d9:01:1f:2b:f8:34:
0f:8e:f8:94
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUA5AXyafJD4zAlStUfSOSpViISPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMjAwNjA5NThaFw0yNTEyMTkwNjE0NThaMDMxMTAvBgNV
BAMTKEU4NEM2MjJFMjE5QzVBNjVGMUUwOEExQzE0QUMxNTRFRTYxRjhBNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgwAktOu4zRFcb9Gfcmg6TNHtI
FsPCzvO8CfN4teH5sygI3nlz3BGSERyNuiu/t3EBihoRYret6qpB4WkjDdNbJMDA
cBsdM3gOLFx1884YgObcVXt94xXin/7KMvvNsdGRgGooJj9NFUELsE1izkV9uynH
88oYd9yTCDZE80GgYofY/ekllKzznH/vaRmXZd1RJBk0+tvYTQnc0WHDsT4Nr4dJ
cUDlz/iZ3e1LSxVSTAPD/4f4qn/9hbQ1QPbpj7hOXGvAQ9hNRj5CZSuGlNCHGBEN
o78Xencu+JP64L3mmoZ4G67ZxhBQQI3hOy7P9wTDq5+yRSx+qJCXMM9VREWdAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU6ExiLiGcWmXx4IocFKwVTuYfimIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABgPvcw
DQYJKoZIhvcNAQELBQADggEBAG4klIA0Bw0mRd5DRCFNO2prSH/yF6UU7Vz3HwYb
WflLJtmNeGhfRhcIj2MYHgj1g30F2mNt4Z8WGsrxa8SGfofNO0sCf3VZKd+RJgsS
7jW+CsAx7VW418BmR9EFX9Wjo4ZkpkqJmMKjX2MTofPsOJt/SZHkEXlb0aRfmjnP
ZnaUnROp28ht3OODO2rVdUZRk3ftyVKG60jeFUt4wGO1WXevK0+xYuNaetGl4sTl
YFe24vLPjTcv0RO+dhgIkV1Tlh6eTV8ZGkNBaey5LuRpm5bcF/J5Zj4BlHPs0Krz
Z7MiVjuBsTlIlXee+fuqq7cF9Jn+LXVVW9kBHyv4NA+O+JQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:45:44 2025 by rpki-client