Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: Hkr/qvfdAQe9zaCS/d3gavD9fHWI1/Pngpbb9CEHc7w=
Subject key identifier: 5B:D5:ED:1A:6A:CC:62:54:E7:6E:40:27:36:0B:6C:BC:2C:10:04:18
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 062C380556C55FC46696AE4D550AEE38CD01242D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Thu 06 Mar 2025 00:01:58 +0000
ROA not before: Wed 05 Mar 2025 23:56:58 +0000
ROA not after: Thu 05 Mar 2026 00:01:58 +0000
asID: 21859
IP address blocks: 140.233.185.0/24 maxlen: 24
146.103.46.0/24 maxlen: 24
147.79.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:2c:38:05:56:c5:5f:c4:66:96:ae:4d:55:0a:ee:38:cd:01:24:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 5 23:56:58 2025 GMT
Not After : Mar 5 00:01:58 2026 GMT
Subject: CN=5BD5ED1A6ACC6254E76E4027360B6CBC2C100418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:4c:bd:6f:a8:5f:46:d6:55:00:4b:8a:ce:
cd:a9:9e:62:c2:3f:15:b7:5c:44:42:22:ba:f2:23:
10:d2:0b:06:b9:a5:f8:11:ad:73:43:50:db:71:c1:
d1:07:49:52:37:e3:f8:3f:a5:4a:dd:f0:f8:8a:08:
f5:33:c9:ec:0f:a6:72:28:40:20:3a:39:2a:61:d0:
67:cf:96:b7:f6:e6:12:a8:d4:8f:2d:a8:49:6b:7e:
05:3e:1c:c8:f3:d5:05:18:bd:26:c8:27:20:86:31:
ba:b2:56:78:5d:fa:b3:e5:90:b7:55:1f:f1:04:ca:
a3:b9:dc:3f:1a:05:d8:6a:e6:43:41:30:60:18:a0:
34:fa:71:19:1c:f7:76:81:a3:79:95:60:ff:e6:6d:
63:ac:07:1e:42:ba:c3:5e:78:9c:5a:e5:c1:a6:70:
51:7f:d2:d1:7a:c6:2e:7c:82:b6:af:fa:2f:b5:92:
d4:ab:86:0f:05:d6:b9:97:0a:9a:24:33:bb:00:02:
e7:7b:c8:cb:c9:3e:76:f7:45:a0:d1:32:3e:d0:91:
85:9b:dd:ce:ca:e3:5f:0c:94:d0:23:30:46:ea:e4:
2a:b9:6f:ff:ba:04:bb:04:40:2d:e9:8a:8a:0a:95:
7c:84:4a:aa:62:52:c6:65:77:08:1c:46:75:51:90:
57:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D5:ED:1A:6A:CC:62:54:E7:6E:40:27:36:0B:6C:BC:2C:10:04:18
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
146.103.46.0/24
147.79.1.0/24
Signature Algorithm: sha256WithRSAEncryption
07:1e:69:39:cb:97:cb:c4:1b:96:a8:b2:b6:05:3f:09:0a:32:
9c:f9:16:52:f9:83:40:24:41:24:3b:2c:5a:63:ec:92:73:5b:
cb:ac:31:94:10:71:90:a6:83:9a:f2:c8:48:83:74:aa:f2:dc:
66:76:26:4f:62:75:66:49:f0:80:4d:69:ce:6b:74:6f:63:a5:
05:18:df:e4:e2:69:20:58:d4:07:9a:d4:9f:89:2e:30:7c:b6:
ba:94:bd:56:e7:1c:c2:e2:5b:84:48:00:69:d0:ee:2f:a9:2d:
5a:51:47:a6:35:60:37:ce:da:ed:33:22:2e:a3:21:1c:3a:e8:
35:06:18:9a:ed:b7:11:96:66:fa:51:b7:bd:d3:45:ed:0c:9c:
9e:aa:da:aa:55:84:24:7d:2f:ec:59:25:27:8a:df:ff:c7:9b:
aa:75:6b:21:79:b9:02:1a:7d:06:d7:95:c2:4d:33:6d:f1:af:
8d:e6:8b:d8:bb:d8:e0:70:6e:88:6c:43:ab:95:1a:60:de:fc:
61:cd:f0:7a:6a:ff:ec:54:ab:52:a2:2b:f6:8e:f8:bf:0d:48:
4f:c7:59:c7:65:08:f2:ea:3f:33:a2:98:a9:b7:3e:e3:08:28:
73:56:6d:fe:62:34:40:a3:05:b5:34:14:e1:85:ba:5b:cf:7b:
44:ba:a0:1f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUBiw4BVbFX8Rmlq5NVQruOM0BJC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMDUyMzU2NThaFw0yNjAzMDUwMDAxNThaMDMxMTAvBgNV
BAMTKDVCRDVFRDFBNkFDQzYyNTRFNzZFNDAyNzM2MEI2Q0JDMkMxMDA0MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC98Uy9b6hfRtZVAEuKzs2pnmLC
PxW3XERCIrryIxDSCwa5pfgRrXNDUNtxwdEHSVI34/g/pUrd8PiKCPUzyewPpnIo
QCA6OSph0GfPlrf25hKo1I8tqElrfgU+HMjz1QUYvSbIJyCGMbqyVnhd+rPlkLdV
H/EEyqO53D8aBdhq5kNBMGAYoDT6cRkc93aBo3mVYP/mbWOsBx5CusNeeJxa5cGm
cFF/0tF6xi58grav+i+1ktSrhg8F1rmXCpokM7sAAud7yMvJPnb3RaDRMj7QkYWb
3c7K418MlNAjMEbq5Cq5b/+6BLsEQC3piooKlXyESqpiUsZldwgcRnVRkFfHAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUW9XtGmrMYlTnbkAnNgtsvCwQBBgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACM6bkD
BACSZy4DBACTTwEwDQYJKoZIhvcNAQELBQADggEBAAceaTnLl8vEG5aosrYFPwkK
Mpz5FlL5g0AkQSQ7LFpj7JJzW8usMZQQcZCmg5ryyEiDdKry3GZ2Jk9idWZJ8IBN
ac5rdG9jpQUY3+TiaSBY1Aea1J+JLjB8trqUvVbnHMLiW4RIAGnQ7i+pLVpRR6Y1
YDfO2u0zIi6jIRw66DUGGJrttxGWZvpRt73TRe0MnJ6q2qpVhCR9L+xZJSeK3//H
m6p1ayF5uQIafQbXlcJNM23xr43mi9i72OBwbohsQ6uVGmDe/GHN8Hpq/+xUq1Ki
K/aO+L8NSE/HWcdlCPLqPzOimKm3PuMIKHNWbf5iNECjBbU0FOGFulvPe0S6oB8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:00 2025 by rpki-client