Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/fqR68VfdKOjlL4-2CaY4FkN0s68.roa
File: fqR68VfdKOjlL4-2CaY4FkN0s68.roa (raw, json)
Hash identifier: A8R6xLSF5DJaL8IgTl84uUw6UJHCXjrGFrGhjx80Cv0=
Subject key identifier: 7E:A4:7A:F1:57:DD:28:E8:E5:2F:8F:B6:09:A6:38:16:43:74:B3:AF
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 01956B5A61169A47D721829BEA7F2254ED8F
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/fqR68VfdKOjlL4-2CaY4FkN0s68.roa
Signing time: Thu 06 Mar 2025 12:07:19 +0000
ROA not before: Thu 06 Mar 2025 12:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
94.131.80.0/20 maxlen: 24
2a07:aa40::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:5a:61:16:9a:47:d7:21:82:9b:ea:7f:22:54:ed:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Mar 6 12:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ea47af157dd28e8e52f8fb609a638164374b3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d6:78:65:31:15:5b:b7:94:88:75:e5:df:a4:
60:dd:6f:86:54:56:3a:ee:c3:89:8b:1c:ac:10:2b:
f3:e9:85:87:11:79:af:3f:af:bb:ee:23:3b:cd:1b:
1d:95:2e:6a:57:18:3b:89:0c:a9:97:94:82:c4:6f:
50:19:16:db:08:ea:4c:c8:08:b6:f5:35:db:4a:59:
3a:d4:25:b0:c4:38:22:ae:ba:fd:7a:57:e0:f3:da:
cf:c4:d5:98:49:99:ce:2f:04:de:44:0f:fe:c4:97:
ff:42:7b:b4:7f:e8:27:c2:e0:73:48:ed:2a:e8:52:
9f:a1:0a:4e:55:8c:1a:53:74:8f:bd:fb:b9:d3:b7:
49:81:14:99:b5:5f:a5:c2:55:bf:c1:06:78:45:bb:
47:02:89:27:3a:4d:18:2b:bc:1a:93:2d:a8:5c:f9:
6a:60:8f:0d:60:11:81:74:39:38:3d:ab:47:85:4d:
c8:3d:7d:c6:8e:31:01:25:dc:c5:ec:ec:3c:30:62:
f4:b9:1d:cf:69:05:64:8d:c2:e6:04:d0:10:36:65:
53:e4:b5:a0:7f:9a:d1:4d:7b:23:c6:2c:a7:4e:7c:
02:c9:22:f1:1c:99:a2:38:3f:c2:47:f6:5b:7f:23:
a9:fe:ed:16:20:5a:c7:1e:dc:e2:c2:9c:8e:62:60:
ef:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A4:7A:F1:57:DD:28:E8:E5:2F:8F:B6:09:A6:38:16:43:74:B3:AF
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/fqR68VfdKOjlL4-2CaY4FkN0s68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
94.131.80.0/20
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
51:a4:e8:e4:47:f8:1f:0e:10:5e:be:93:bb:4b:45:5c:ff:d4:
fe:59:ea:13:c2:32:e6:a0:ab:03:03:93:1b:74:5a:4a:70:ac:
ff:09:11:14:d6:18:85:d7:1e:b3:3a:cd:00:61:08:8f:bb:0d:
2b:a8:73:fa:8b:e5:71:3f:12:93:c8:f5:24:a6:15:dc:64:3f:
10:60:a1:07:6b:07:e9:e9:d3:8c:07:ed:63:31:df:df:3a:a0:
f4:9d:a8:81:0d:d4:1f:95:ad:3f:1a:8a:e1:0b:55:a1:7a:63:
3e:3b:ea:4b:c9:0a:0a:73:2c:2f:aa:9a:2c:dd:a2:d1:04:03:
73:a4:7f:aa:a4:cf:a6:d3:9c:aa:b1:c2:54:3f:d8:46:12:d5:
4b:66:9c:3f:18:04:74:11:1e:62:74:95:8b:d4:29:d1:b6:e8:
03:fe:64:75:99:6e:59:7b:af:22:3b:77:b9:dc:d4:47:5a:ce:
1d:89:0e:8c:24:1e:0d:74:14:a7:fc:01:f7:4a:a8:40:a4:41:
21:c2:a9:18:0c:22:7f:c0:0f:ae:25:e0:f1:c2:66:c8:4b:f7:
63:e5:e1:d3:89:2e:59:4a:d0:1e:26:63:a1:00:08:cb:12:70:
24:69:c4:89:ba:47:6f:f1:6a:19:20:ee:53:fe:fc:61:e2:86:
e5:87:d6:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZVrWmEWmkfXIYKb6n8iVO2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjUwMzA2MTIwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE0N2FmMTU3ZGQyOGU4ZTUyZjhmYjYwOWE2MzgxNjQzNzRiM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdZ4ZTEVW7eUiHXl36Rg3W+GVFY6
7sOJixysECvz6YWHEXmvP6+77iM7zRsdlS5qVxg7iQypl5SCxG9QGRbbCOpMyAi2
9TXbSlk61CWwxDgirrr9elfg89rPxNWYSZnOLwTeRA/+xJf/Qnu0f+gnwuBzSO0q
6FKfoQpOVYwaU3SPvfu507dJgRSZtV+lwlW/wQZ4RbtHAoknOk0YK7waky2oXPlq
YI8NYBGBdDk4PatHhU3IPX3GjjEBJdzF7Ow8MGL0uR3PaQVkjcLmBNAQNmVT5LWg
f5rRTXsjxiynTnwCySLxHJmiOD/CR/ZbfyOp/u0WIFrHHtziwpyOYmDv/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH6kevFX3Sjo5S+PtgmmOBZDdLOvMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvZnFSNjhWZmRLT2psTDQtMkNhWTRGa04wczY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBSNoAwQE
XoNQMA0EAgACMAcDBQMqB6pAMA0GCSqGSIb3DQEBCwUAA4IBAQBRpOjkR/gfDhBe
vpO7S0Vc/9T+WeoTwjLmoKsDA5MbdFpKcKz/CREU1hiF1x6zOs0AYQiPuw0rqHP6
i+VxPxKTyPUkphXcZD8QYKEHawfp6dOMB+1jMd/fOqD0naiBDdQfla0/GorhC1Wh
emM+O+pLyQoKcywvqpos3aLRBANzpH+qpM+m05yqscJUP9hGEtVLZpw/GAR0ER5i
dJWL1CnRtugD/mR1mW5Ze68iO3e53NRHWs4diQ6MJB4NdBSn/AH3SqhApEEhwqkY
DCJ/wA+uJeDxwmbIS/dj5eHTiS5ZStAeJmOhAAjLEnAkacSJukdv8WoZIO5T/vxh
4oblh9Zn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:19 2025 by rpki-client on console.sobornost.net