Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Xy65KIV_NEVfrg9kWKh_umkAkTo.roa
File: Xy65KIV_NEVfrg9kWKh_umkAkTo.roa (raw, json)
Hash identifier: SRp3l8epCPrax0SGbi3+isVpYkvIb03gV7zmhCc/X5E=
Subject key identifier: 5F:2E:B9:28:85:7F:34:45:5F:AE:0F:64:58:A8:7F:BA:69:00:91:3A
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019424458A340DF8495089F3B891A1C157DC
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Xy65KIV_NEVfrg9kWKh_umkAkTo.roa
Signing time: Wed 01 Jan 2025 23:48:44 +0000
ROA not before: Wed 01 Jan 2025 23:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
2a07:aa40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:8a:34:0d:f8:49:50:89:f3:b8:91:a1:c1:57:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Jan 1 23:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f2eb928857f34455fae0f6458a87fba6900913a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:72:91:10:26:70:39:98:f5:94:e8:2b:8e:65:
e5:33:de:d3:a0:ef:74:87:9d:67:1e:bd:52:8a:e2:
68:8a:08:e2:93:16:c4:5c:a3:e6:25:81:84:47:27:
78:d4:99:2c:4b:0f:9c:13:07:03:8a:b8:7f:e2:75:
5b:6c:63:60:c4:8a:d4:1c:34:86:dd:5c:b8:e9:de:
39:b7:7f:f4:73:44:fd:8f:fb:98:43:c0:30:71:79:
16:f2:cf:d9:e2:aa:5e:1a:f6:c8:98:e1:2b:28:96:
ae:72:f5:8b:bf:15:9f:47:e4:50:03:91:92:09:6c:
af:5f:e2:a9:f4:cf:2d:73:e2:10:5d:73:c6:58:8d:
05:22:52:e8:74:be:59:76:8d:a6:3f:8d:08:b5:de:
31:6c:11:57:f8:7e:17:20:40:f4:fe:f8:09:05:83:
8d:24:84:72:56:d0:1b:8b:39:93:48:66:ab:a7:bd:
38:36:2e:33:26:e3:c8:1f:d6:4e:87:46:a5:32:07:
1f:fc:e8:78:b3:d8:fc:f3:97:89:a2:ab:5b:fc:27:
2c:eb:ef:ce:9f:aa:b6:4f:55:03:03:6e:7a:d1:dc:
c4:3c:8c:a9:76:4c:43:10:d9:0f:ff:02:ef:da:ea:
c4:69:d4:56:c2:40:50:58:ac:86:6d:72:7b:ea:4e:
de:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2E:B9:28:85:7F:34:45:5F:AE:0F:64:58:A8:7F:BA:69:00:91:3A
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/Xy65KIV_NEVfrg9kWKh_umkAkTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
5a:34:da:81:82:15:43:dc:12:a5:76:92:cc:10:10:9f:de:59:
99:e2:cc:f0:e7:6c:75:63:a1:85:b5:33:c2:e7:80:05:79:ec:
f2:de:a3:9e:de:6e:19:12:b8:d8:3d:83:b5:67:49:fd:26:4b:
5f:94:c9:49:37:5a:bf:45:4b:d0:06:d5:c7:94:54:19:d0:6b:
31:4c:44:cd:89:72:0d:db:0e:46:4c:06:21:87:a2:00:69:71:
2e:6e:67:ac:99:61:47:57:da:34:df:f6:ee:19:35:26:13:a0:
c2:fd:75:24:bc:e2:08:77:cc:61:77:62:fb:22:e5:ab:6c:29:
73:1b:ba:5c:60:70:2f:8b:d5:59:a4:16:f5:d5:55:ba:ec:44:
ec:aa:dc:80:7d:df:67:55:db:df:d5:c0:28:15:fd:d4:9a:8a:
45:9c:15:3e:23:54:99:ea:a7:b4:e6:eb:10:b5:41:6c:3a:b4:
70:58:76:5c:5b:71:48:07:8a:8f:38:0f:02:51:bb:73:05:87:
68:55:7f:29:2c:c8:48:09:29:37:dd:b8:27:e4:59:80:97:f3:
18:be:82:b3:2a:3e:3b:5e:7b:e3:c2:f2:61:76:79:81:80:0d:
6f:d3:79:d5:8a:1e:be:a8:fd:42:ee:05:60:52:6f:88:16:96:
32:84:9f:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRYo0DfhJUInzuJGhwVfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjUwMTAxMjM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJlYjkyODg1N2YzNDQ1NWZhZTBmNjQ1OGE4N2ZiYTY5MDA5MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnKRECZwOZj1lOgrjmXlM97ToO90
h51nHr1SiuJoigjikxbEXKPmJYGERyd41JksSw+cEwcDirh/4nVbbGNgxIrUHDSG
3Vy46d45t3/0c0T9j/uYQ8AwcXkW8s/Z4qpeGvbImOErKJaucvWLvxWfR+RQA5GS
CWyvX+Kp9M8tc+IQXXPGWI0FIlLodL5Zdo2mP40Itd4xbBFX+H4XIED0/vgJBYON
JIRyVtAbizmTSGarp704Ni4zJuPIH9ZOh0alMgcf/Oh4s9j885eJoqtb/Ccs6+/O
n6q2T1UDA2560dzEPIypdkxDENkP/wLv2urEadRWwkBQWKyGbXJ76k7eswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF8uuSiFfzRFX64PZFiof7ppAJE6MB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvWHk2NUtJVl9ORVZmcmc5a1dLaF91bWtBa1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSNoMA0E
AgACMAcDBQMqB6pAMA0GCSqGSIb3DQEBCwUAA4IBAQBaNNqBghVD3BKldpLMEBCf
3lmZ4szw52x1Y6GFtTPC54AFeezy3qOe3m4ZErjYPYO1Z0n9JktflMlJN1q/RUvQ
BtXHlFQZ0GsxTETNiXIN2w5GTAYhh6IAaXEubmesmWFHV9o03/buGTUmE6DC/XUk
vOIId8xhd2L7IuWrbClzG7pcYHAvi9VZpBb11VW67ETsqtyAfd9nVdvf1cAoFf3U
mopFnBU+I1SZ6qe05usQtUFsOrRwWHZcW3FIB4qPOA8CUbtzBYdoVX8pLMhICSk3
3bgn5FmAl/MYvoKzKj47XnvjwvJhdnmBgA1v03nVih6+qP1C7gVgUm+IFpYyhJ/D
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:47:57 2025 by rpki-client on console.sobornost.net