Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: mcf4VGMSd2cM3NPAyfJen+I7zCdN/1Y/jf0+AYOQoLE=
Subject key identifier: 7A:5A:6F:B6:2A:53:C6:D2:CC:5C:88:7B:D2:0A:A8:57:DB:9C:EB:74
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 2CDECD8C16130442497F0BBA3717F01A203E8733
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
Signing time: Fri 03 Jan 2025 00:00:36 +0000
ROA not before: Thu 02 Jan 2025 23:55:36 +0000
ROA not after: Fri 02 Jan 2026 00:00:36 +0000
asID: 21859
IP address blocks: 141.11.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:de:cd:8c:16:13:04:42:49:7f:0b:ba:37:17:f0:1a:20:3e:87:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 2 23:55:36 2025 GMT
Not After : Jan 2 00:00:36 2026 GMT
Subject: CN=7A5A6FB62A53C6D2CC5C887BD20AA857DB9CEB74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f1:56:bc:e6:ca:92:cc:fd:29:ef:f4:7e:55:
c4:91:df:54:84:18:41:c9:82:c7:80:d0:75:c4:97:
81:6e:68:b1:68:07:06:b0:75:83:1f:90:f8:a2:79:
74:81:77:da:eb:7f:47:ab:89:21:8f:69:90:bd:a8:
aa:d4:fe:08:d8:14:68:1a:f0:99:96:c4:00:b5:a6:
5d:de:30:83:36:d0:bc:69:b8:f9:0b:dd:7b:18:0c:
12:fe:bf:c4:12:99:96:da:6e:c7:fe:02:1c:db:c3:
42:8b:89:79:49:07:0e:ea:36:6a:a3:78:35:1f:4b:
12:e6:06:ea:31:91:33:72:24:8b:2e:8d:71:61:06:
a3:3c:ed:b0:09:b1:2c:1f:18:50:4e:78:d0:12:db:
a6:d8:56:43:8f:22:d4:66:ef:9c:4d:fe:c3:9f:f3:
d5:c2:4b:84:94:49:50:18:d2:30:35:83:72:a5:54:
c9:bd:bc:80:26:3a:8a:25:e0:44:a3:c7:e4:20:43:
fa:04:7e:4c:62:c3:91:de:d9:34:70:2e:ba:0c:26:
6b:46:97:b2:be:5e:8c:70:46:72:27:98:c5:96:12:
15:31:74:1c:cd:c0:e9:a4:86:a9:84:e8:70:2e:54:
32:52:03:b5:8a:23:ea:d3:5d:90:b7:3f:a7:dc:ce:
23:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:5A:6F:B6:2A:53:C6:D2:CC:5C:88:7B:D2:0A:A8:57:DB:9C:EB:74
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.48.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:10:48:a9:4f:16:f5:90:43:5a:d2:bd:f5:dd:87:71:3a:f5:
f2:03:05:c8:71:54:e1:42:3a:5f:f7:b5:95:fb:9b:4d:e3:b9:
44:f4:ca:77:94:42:8e:04:5a:db:8d:e1:17:dc:f8:7f:c0:72:
13:d7:c1:b3:9d:b4:f8:7c:ed:99:d0:ea:1f:41:84:ed:43:e7:
41:65:cf:f4:75:23:13:df:8f:0f:c7:6a:b7:eb:b0:ed:55:7e:
75:c4:26:db:80:62:2a:03:e0:8d:b1:fb:d8:10:8b:ac:1d:17:
c7:53:10:68:4b:07:31:c1:17:75:34:0d:0c:91:93:78:40:66:
71:2d:7c:23:4d:c9:94:f7:c2:77:7f:e2:85:d0:6a:e8:c7:e3:
93:fc:ea:31:d3:ec:bf:5c:46:07:a3:2b:49:28:2c:aa:2d:27:
37:b1:9e:ba:c3:44:d0:8c:06:12:8e:9b:ac:11:7c:90:87:3d:
18:72:20:f7:60:a6:65:a1:72:53:af:8e:ea:08:14:c7:e0:c2:
24:62:fd:64:fc:10:91:44:ae:36:95:95:ae:68:b1:87:16:be:
8d:c3:af:e9:3c:4e:c1:a9:af:31:ac:45:74:14:ca:46:b1:bc:
b2:a9:29:10:a7:c5:fe:d2:de:b3:78:03:45:a0:33:d0:59:9c:
26:1e:58:ae
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIULN7NjBYTBEJJfwu6NxfwGiA+hzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAxMDIyMzU1MzZaFw0yNjAxMDIwMDAwMzZaMDMxMTAvBgNV
BAMTKDdBNUE2RkI2MkE1M0M2RDJDQzVDODg3QkQyMEFBODU3REI5Q0VCNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX8Va85sqSzP0p7/R+VcSR31SE
GEHJgseA0HXEl4FuaLFoBwawdYMfkPiieXSBd9rrf0eriSGPaZC9qKrU/gjYFGga
8JmWxAC1pl3eMIM20LxpuPkL3XsYDBL+v8QSmZbabsf+Ahzbw0KLiXlJBw7qNmqj
eDUfSxLmBuoxkTNyJIsujXFhBqM87bAJsSwfGFBOeNAS26bYVkOPItRm75xN/sOf
89XCS4SUSVAY0jA1g3KlVMm9vIAmOool4ESjx+QgQ/oEfkxiw5He2TRwLroMJmtG
l7K+XoxwRnInmMWWEhUxdBzNwOmkhqmE6HAuVDJSA7WKI+rTXZC3P6fcziMvAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUelpvtipTxtLMXIh70gqoV9uc63QwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNCzAw
DQYJKoZIhvcNAQELBQADggEBAM0QSKlPFvWQQ1rSvfXdh3E69fIDBchxVOFCOl/3
tZX7m03juUT0yneUQo4EWtuN4Rfc+H/AchPXwbOdtPh87ZnQ6h9BhO1D50Flz/R1
IxPfjw/HarfrsO1VfnXEJtuAYioD4I2x+9gQi6wdF8dTEGhLBzHBF3U0DQyRk3hA
ZnEtfCNNyZT3wnd/4oXQaujH45P86jHT7L9cRgejK0koLKotJzexnrrDRNCMBhKO
m6wRfJCHPRhyIPdgpmWhclOvjuoIFMfgwiRi/WT8EJFErjaVla5osYcWvo3Dr+k8
TsGprzGsRXQUykaxvLKpKRCnxf7S3rN4A0WgM9BZnCYeWK4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:18 2025 by rpki-client