Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: 82bxYZnHLLCIOfNuYK5CSIc2npTLB9FU6AhZ97pyg/I=
Subject key identifier: F8:C7:A4:02:CF:7F:FB:D9:61:AB:7E:9F:F3:AD:24:48:91:82:F9:03
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 14A1717DFD7586AB48505E7E459C930B5D34FC00
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Mon 06 Jan 2025 09:20:51 +0000
ROA not before: Mon 06 Jan 2025 09:15:51 +0000
ROA not after: Mon 05 Jan 2026 09:20:51 +0000
asID: 21859
IP address blocks: 96.62.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a1:71:7d:fd:75:86:ab:48:50:5e:7e:45:9c:93:0b:5d:34:fc:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 6 09:15:51 2025 GMT
Not After : Jan 5 09:20:51 2026 GMT
Subject: CN=F8C7A402CF7FFBD961AB7E9FF3AD24489182F903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ff:24:c8:a8:59:98:1f:55:04:92:8b:84:d4:
f6:ad:cf:a8:83:7f:58:24:4c:e1:8a:78:11:0c:ec:
ff:3b:d7:f2:ba:3c:52:38:fd:86:8a:e3:a5:56:fa:
96:4f:30:73:6c:f0:7c:3a:9d:cd:c6:06:5b:ee:08:
9c:8d:d9:b4:8a:0e:f1:33:91:c7:5d:13:0b:2c:91:
f3:6d:6b:31:87:4a:a2:1c:9a:24:5c:32:c5:f7:fd:
c6:01:4f:cb:dc:49:53:13:3e:f9:e9:f5:a8:fb:97:
f6:88:58:65:5a:dd:ee:45:84:4d:60:34:45:56:5b:
0b:1c:be:8b:31:8b:28:9c:a8:b5:91:e2:0b:75:34:
17:a9:6a:9f:51:49:8a:e8:b9:5f:66:36:58:19:83:
89:11:2b:16:ea:64:34:e5:cf:a3:e1:86:fb:80:0b:
62:9e:c6:63:b9:e9:a8:cc:ba:87:38:01:37:7c:e1:
e9:70:c9:65:70:f1:90:8d:d2:6d:c1:ab:f2:34:63:
d7:1e:56:6b:71:00:d6:02:7e:56:8f:72:bf:5f:0e:
8a:1c:1d:0a:5d:0a:8c:44:a4:89:3c:8b:63:3d:71:
e0:70:50:b0:1b:b7:e4:22:33:d2:31:5a:08:d4:20:
99:03:74:3d:0e:82:07:a0:ab:49:cd:11:06:6a:2f:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C7:A4:02:CF:7F:FB:D9:61:AB:7E:9F:F3:AD:24:48:91:82:F9:03
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.253.0/24
Signature Algorithm: sha256WithRSAEncryption
71:eb:1b:e6:f2:26:2b:f9:5d:ab:85:91:c0:ad:fc:e1:84:17:
b6:4f:fd:a7:34:61:5e:53:a3:ba:c8:70:9c:a9:64:b6:09:31:
bf:f1:72:c1:46:a1:e5:3b:c3:4a:8b:25:31:23:21:23:47:7e:
ba:15:9a:86:84:c3:3b:d8:48:1a:3e:3d:5d:b3:bd:39:87:ac:
bf:95:5e:a3:95:53:74:d9:e9:ef:c9:d5:d8:65:03:f3:3d:3f:
eb:df:be:6c:91:1e:4d:b0:39:89:01:0f:1b:4c:a9:7f:6e:1d:
cd:27:6d:b0:66:77:67:98:bb:79:09:b6:17:23:e0:b4:60:1e:
26:b7:0d:ac:cf:ec:12:f1:3b:33:1d:47:b4:20:26:64:a2:7b:
29:54:59:f3:c2:aa:24:5d:6b:fe:13:9e:a3:b3:88:19:bd:8d:
a5:8e:f8:26:23:6c:73:4e:97:37:de:bd:74:73:7b:a2:fd:cf:
ce:c2:3d:2b:a0:f4:be:49:2a:6b:0d:0f:90:b4:84:b6:4d:d5:
ca:17:1d:23:db:da:12:9f:e3:d2:77:a9:db:7e:6d:d0:51:a8:
9e:71:3d:92:c0:62:9c:d2:b3:88:3f:ed:7e:1d:9f:97:9c:8d:
93:4d:1c:6d:49:45:e9:2b:8f:80:5d:a9:ec:e5:30:26:e9:70:
97:b7:78:0f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUFKFxff11hqtIUF5+RZyTC100/AAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMDYwOTE1NTFaFw0yNjAxMDUwOTIwNTFaMDMxMTAvBgNV
BAMTKEY4QzdBNDAyQ0Y3RkZCRDk2MUFCN0U5RkYzQUQyNDQ4OTE4MkY5MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK/yTIqFmYH1UEkouE1Patz6iD
f1gkTOGKeBEM7P871/K6PFI4/YaK46VW+pZPMHNs8Hw6nc3GBlvuCJyN2bSKDvEz
kcddEwsskfNtazGHSqIcmiRcMsX3/cYBT8vcSVMTPvnp9aj7l/aIWGVa3e5FhE1g
NEVWWwscvosxiyicqLWR4gt1NBepap9RSYrouV9mNlgZg4kRKxbqZDTlz6PhhvuA
C2KexmO56ajMuoc4ATd84elwyWVw8ZCN0m3Bq/I0Y9ceVmtxANYCflaPcr9fDooc
HQpdCoxEpIk8i2M9ceBwULAbt+QiM9IxWgjUIJkDdD0Oggegq0nNEQZqLzcxAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU+MekAs9/+9lhq36f860kSJGC+QMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABgPv0w
DQYJKoZIhvcNAQELBQADggEBAHHrG+byJiv5XauFkcCt/OGEF7ZP/ac0YV5To7rI
cJypZLYJMb/xcsFGoeU7w0qLJTEjISNHfroVmoaEwzvYSBo+PV2zvTmHrL+VXqOV
U3TZ6e/J1dhlA/M9P+vfvmyRHk2wOYkBDxtMqX9uHc0nbbBmd2eYu3kJthcj4LRg
Hia3DazP7BLxOzMdR7QgJmSieylUWfPCqiRda/4TnqOziBm9jaWO+CYjbHNOlzfe
vXRze6L9z87CPSug9L5JKmsND5C0hLZN1coXHSPb2hKf49J3qdt+bdBRqJ5xPZLA
YpzSs4g/7X4dn5ecjZNNHG1JRekrj4BdqezlMCbpcJe3eA8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 03:45:54 2025 by rpki-client