Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: 2ZkSDvpWDdECRrQ+xcOoKwb3jOYvVhAAI3cSVRs4T2Q=
Subject key identifier: BD:DD:B5:C4:DF:DE:EF:16:B1:D7:31:F4:E7:05:3F:04:D8:D0:D3:25
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 12B29FB28808F9C588DE8D78AFDD0FEFF57548FD
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
Signing time: Tue 25 Feb 2025 12:44:37 +0000
ROA not before: Tue 25 Feb 2025 12:39:37 +0000
ROA not after: Tue 24 Feb 2026 12:44:37 +0000
asID: 21840
IP address blocks: 96.62.247.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:b2:9f:b2:88:08:f9:c5:88:de:8d:78:af:dd:0f:ef:f5:75:48:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 25 12:39:37 2025 GMT
Not After : Feb 24 12:44:37 2026 GMT
Subject: CN=BDDDB5C4DFDEEF16B1D731F4E7053F04D8D0D325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:8e:f8:b9:65:18:dd:32:63:1d:f4:6d:cc:
3e:f8:55:6b:48:db:74:c8:53:73:cb:b9:58:27:bd:
cf:8a:05:6a:70:7f:b4:67:6e:46:c1:d6:66:89:22:
98:1e:6e:84:8d:f9:ca:0a:39:aa:8b:15:36:4a:60:
10:13:dc:6b:80:3a:9c:c3:2e:14:fc:81:f1:de:22:
e6:3c:d3:1f:5c:69:53:c5:c2:09:4d:28:89:5e:b5:
a3:e6:59:4a:39:17:c2:3f:4c:f3:86:4e:79:c0:ef:
b4:c8:2e:83:44:03:41:02:2a:7a:bb:33:6f:ce:7b:
c2:2f:8c:9f:f2:95:be:27:2a:97:75:9b:06:eb:b9:
ae:f1:91:de:dd:96:da:85:f2:87:b0:e0:04:ef:c2:
b2:f7:48:30:82:7d:98:11:ff:d9:01:39:a0:83:df:
87:db:d5:0e:0a:20:be:ca:a9:71:85:b1:67:cc:6d:
1f:05:e8:67:c2:85:7d:e5:c5:66:6d:00:35:6e:d0:
06:cb:6f:67:eb:b1:39:9b:4d:dd:cf:25:e2:96:31:
a9:70:24:4f:37:35:38:af:0a:67:f3:3e:aa:a4:0c:
93:a2:4e:c6:57:19:f8:12:b7:d1:39:2d:9d:cc:f8:
e5:17:be:a8:96:90:5d:d7:58:f4:b1:00:27:e1:cf:
1e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DD:B5:C4:DF:DE:EF:16:B1:D7:31:F4:E7:05:3F:04:D8:D0:D3:25
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.247.0/24
148.135.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:06:f8:be:82:2c:93:bb:90:62:56:c8:1d:57:26:a8:f5:6b:
0d:5f:71:cf:5c:e6:df:cb:ee:49:35:bb:e2:f3:8f:f2:46:81:
14:1a:eb:d3:6f:66:54:1a:c3:d5:17:48:c1:d8:67:72:71:bd:
5d:32:ed:d3:a8:50:8c:56:27:a6:8c:f8:a0:3e:f2:5d:9c:61:
85:c7:5c:c0:10:a8:93:58:ba:fd:4b:6b:81:93:36:d4:86:a2:
19:d0:8d:c3:22:f0:c7:37:61:4a:e5:c2:fa:36:de:50:40:35:
66:99:7f:4a:f2:9a:c3:b7:39:05:6c:4e:36:44:e5:5d:90:80:
95:67:ac:da:1d:7e:a0:b8:dd:e3:18:d0:88:3e:f6:53:5c:85:
7c:e5:e0:06:ed:8a:18:c2:bc:e2:bd:99:64:c3:fe:83:4e:6b:
59:4b:1c:8c:62:4a:07:09:5a:75:c6:30:ef:1e:bb:37:b5:dd:
d4:f5:68:90:db:63:69:2d:19:cb:83:69:70:63:4d:e6:1c:57:
68:9d:55:68:c1:0c:c1:45:e3:ed:8d:4c:36:1e:44:3a:fe:7a:
9c:b2:30:12:9a:32:d0:38:62:59:8e:c0:14:77:d5:6a:ae:37:
d4:b3:3e:84:60:b4:39:3f:13:de:82:c9:c4:0e:c8:89:8e:da:
b5:f5:a6:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUErKfsogI+cWI3o14r90P7/V1SP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMjUxMjM5MzdaFw0yNjAyMjQxMjQ0MzdaMDMxMTAvBgNV
BAMTKEJERERCNUM0REZERUVGMTZCMUQ3MzFGNEU3MDUzRjA0RDhEMEQzMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRzo74uWUY3TJjHfRtzD74VWtI
23TIU3PLuVgnvc+KBWpwf7RnbkbB1maJIpgeboSN+coKOaqLFTZKYBAT3GuAOpzD
LhT8gfHeIuY80x9caVPFwglNKIletaPmWUo5F8I/TPOGTnnA77TILoNEA0ECKnq7
M2/Oe8IvjJ/ylb4nKpd1mwbrua7xkd7dltqF8oew4ATvwrL3SDCCfZgR/9kBOaCD
34fb1Q4KIL7KqXGFsWfMbR8F6GfChX3lxWZtADVu0AbLb2frsTmbTd3PJeKWMalw
JE83NTivCmfzPqqkDJOiTsZXGfgSt9E5LZ3M+OUXvqiWkF3XWPSxACfhzx7VAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUvd21xN/e7xax1zH05wU/BNjQ0yUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABgPvcD
BACUh60wDQYJKoZIhvcNAQELBQADggEBAE0G+L6CLJO7kGJWyB1XJqj1aw1fcc9c
5t/L7kk1u+Lzj/JGgRQa69NvZlQaw9UXSMHYZ3JxvV0y7dOoUIxWJ6aM+KA+8l2c
YYXHXMAQqJNYuv1La4GTNtSGohnQjcMi8Mc3YUrlwvo23lBANWaZf0rymsO3OQVs
TjZE5V2QgJVnrNodfqC43eMY0Ig+9lNchXzl4AbtihjCvOK9mWTD/oNOa1lLHIxi
SgcJWnXGMO8euze13dT1aJDbY2ktGcuDaXBjTeYcV2idVWjBDMFF4+2NTDYeRDr+
epyyMBKaMtA4YlmOwBR31WquN9SzPoRgtDk/E96CycQOyImO2rX1pjM=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:13:48 2025 by rpki-client