Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/vxg-yi7SqRx3q3DlZJY82nlINbw.roa
File: vxg-yi7SqRx3q3DlZJY82nlINbw.roa (raw, json)
Hash identifier: 8Tp3GLDI+FIAlBt1x2bg1AA0ZulV2JjhMEdWi/PMtGA=
Subject key identifier: BF:18:3E:CA:2E:D2:A9:1C:77:AB:70:E5:64:96:3C:DA:79:48:35:BC
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0194282558F173BC1BCA6B22FB50AB16ABB0
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/vxg-yi7SqRx3q3DlZJY82nlINbw.roa
Signing time: Thu 02 Jan 2025 17:52:03 +0000
ROA not before: Thu 02 Jan 2025 17:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12663
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
62.213.128.0/19 maxlen: 19
85.205.0.0/16 maxlen: 24
86.104.216.0/22 maxlen: 22
89.32.48.0/21 maxlen: 21
92.114.8.0/21 maxlen: 21
108.179.64.0/18 maxlen: 19
130.195.32.0/20 maxlen: 20
130.195.64.0/19 maxlen: 19
130.195.96.0/19 maxlen: 19
130.195.128.0/18 maxlen: 24
130.195.200.0/21 maxlen: 21
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
145.230.0.0/16 maxlen: 24
176.125.0.0/19 maxlen: 24
188.240.84.0/22 maxlen: 22
192.125.128.0/17 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
208.53.128.0/18 maxlen: 18
2a01:818:1000::/44 maxlen: 44
2a01:818:1060::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:58:f1:73:bc:1b:ca:6b:22:fb:50:ab:16:ab:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 17:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf183eca2ed2a91c77ab70e564963cda794835bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:e3:29:a7:b1:6e:b4:6b:0f:28:fb:80:68:
09:33:66:b4:85:ca:c7:44:82:7f:4a:f2:56:4d:d1:
07:1f:52:7a:33:2a:e2:69:59:62:23:61:2e:0c:ff:
17:2e:1a:b1:fd:34:d1:e4:7d:72:04:9c:7e:34:fe:
af:bb:ea:29:01:e6:bf:a9:78:25:a1:07:ee:b9:c7:
d2:6d:42:8e:e0:45:27:a1:61:17:8f:bb:96:35:c6:
08:95:66:c6:7b:3a:a5:58:32:5c:12:2d:b7:e1:cb:
24:b0:d8:2e:7e:e1:f9:e0:f8:0b:b6:cc:a2:cf:d8:
eb:49:e7:da:09:77:49:fa:d1:ca:4e:d2:2b:8a:fc:
e1:63:1d:04:2d:40:f4:9a:34:e3:f8:13:70:26:2a:
a2:06:5f:3e:07:41:e3:86:f0:b2:14:29:d8:0b:1a:
98:15:90:ad:91:c8:53:ae:4e:a6:42:a3:6d:6b:34:
18:b5:f4:24:98:77:3a:92:52:b7:58:14:4e:4c:85:
11:f9:88:4e:6c:2b:7d:53:a4:29:ee:9a:17:3f:d9:
93:f6:d8:f5:6f:c5:9d:24:da:37:8b:97:c2:3c:20:
bb:61:a6:c1:bc:ee:5a:a9:64:81:98:a9:49:b3:8c:
22:6c:0a:2c:81:e7:b2:c1:2b:a6:9c:bf:d9:27:55:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:18:3E:CA:2E:D2:A9:1C:77:AB:70:E5:64:96:3C:DA:79:48:35:BC
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/vxg-yi7SqRx3q3DlZJY82nlINbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
139.47.160.0-139.47.255.255
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
192.125.128.0/17
195.232.128.0-195.233.255.255
208.53.128.0/18
IPv6:
2a01:818:1000::/44
2a01:818:1060::/44
Signature Algorithm: sha256WithRSAEncryption
92:85:a5:ae:f6:eb:4e:56:fb:2f:07:c3:35:ac:69:46:7c:09:
c3:75:d7:87:64:08:cb:ef:05:b5:de:80:b2:05:e0:3e:cf:d4:
ad:f4:b6:fe:67:57:c7:9d:f4:e8:4b:73:25:17:ff:4a:65:ae:
5a:8e:0f:dd:2c:b7:91:26:52:23:0a:e0:ba:4e:dc:17:75:0e:
49:70:1e:b5:37:57:04:26:72:df:77:ff:6c:56:cf:15:c4:c5:
8b:8d:6d:21:ee:c2:78:38:a7:3e:ba:5f:ec:17:ab:fa:53:bf:
bd:94:e0:07:05:a4:99:c1:cd:59:52:92:b3:50:a5:52:a2:58:
30:62:c3:9a:fa:8e:d7:92:4d:5b:17:3e:23:ad:ee:90:d8:81:
15:54:29:c2:81:32:fe:09:c9:61:25:7e:53:0c:75:6c:ca:a0:
9c:df:2b:8e:b2:96:b6:0a:4c:20:9b:ef:fd:95:9e:8b:28:79:
c8:47:61:03:c0:21:3b:50:67:88:c4:e5:b5:f0:4b:02:d6:be:
96:89:6c:7a:57:3e:aa:af:5b:17:5e:43:d1:84:58:6f:08:0e:
22:b1:84:df:2f:4e:89:7e:5f:fb:fe:39:f7:94:c3:5a:c5:97:
f8:38:54:66:8a:e7:65:70:12:c2:ed:9d:a8:93:58:15:82:0b:
2e:18:8a:5a
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZQoJVjxc7wbymsi+1CrFquwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUwMTAyMTc1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjE4M2VjYTJlZDJhOTFjNzdhYjcwZTU2NDk2M2NkYTc5NDgzNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxHjKaexbrRrDyj7gGgJM2a0hcrH
RIJ/SvJWTdEHH1J6MyriaVliI2EuDP8XLhqx/TTR5H1yBJx+NP6vu+opAea/qXgl
oQfuucfSbUKO4EUnoWEXj7uWNcYIlWbGezqlWDJcEi234csksNgufuH54PgLtsyi
z9jrSefaCXdJ+tHKTtIrivzhYx0ELUD0mjTj+BNwJiqiBl8+B0HjhvCyFCnYCxqY
FZCtkchTrk6mQqNtazQYtfQkmHc6klK3WBROTIUR+YhObCt9U6Qp7poXP9mT9tj1
b8WdJNo3i5fCPCC7YabBvO5aqWSBmKlJs4wibAosgeeywSumnL/ZJ1XaMQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFL8YPsou0qkcd6tw5WSWPNp5SDW8MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvdnhnLXlpN1NxUngzcTNEbFpKWTgybmxJTmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBjAQCAAEwgYUDBAcl
GYADAwAubAMEBy6+gAMEBT7VgAMDAFXNAwQCVmjYAwQDWSAwAwQDXHIIAwQGbLNA
AwQEgsMgMAwDBAaCw0ADBAaCw4ADBAOCw8gwCwMEBYsvoAMDBIsgAwMAkeYDBAWw
fQADBAK88FQDBAfAfYAwCwMEB8PogAMDAcPoAwQG0DWAMBgEAgACMBIDBwQqAQgY
EAADBwQqAQgYEGAwDQYJKoZIhvcNAQELBQADggEBAJKFpa72605W+y8HwzWsaUZ8
CcN114dkCMvvBbXegLIF4D7P1K30tv5nV8ed9OhLcyUX/0plrlqOD90st5EmUiMK
4LpO3Bd1DklwHrU3VwQmct93/2xWzxXExYuNbSHuwng4pz66X+wXq/pTv72U4AcF
pJnBzVlSkrNQpVKiWDBiw5r6jteSTVsXPiOt7pDYgRVUKcKBMv4JyWElflMMdWzK
oJzfK46ylrYKTCCb7/2VnosoechHYQPAITtQZ4jE5bXwSwLWvpaJbHpXPqqvWxde
Q9GEWG8IDiKxhN8vTol+X/v+OfeUw1rFl/g4VGaK52VwEsLtnaiTWBWCCy4Yilo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:30:53 2025 by rpki-client