Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vxLn_lr3_Wfi_vK5Yi02lj3WgPA.roa
File: vxLn_lr3_Wfi_vK5Yi02lj3WgPA.roa (raw, json)
Hash identifier: BNx5Jzy8QZcMlP+KAk1HtDjFbrcKVWcOYPQekgRETtw=
Subject key identifier: BF:12:E7:FE:5A:F7:FD:67:E2:FE:F2:B9:62:2D:36:96:3D:D6:80:F0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E75843FBDAEEDA4EB3FC70F2915CE8E91
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vxLn_lr3_Wfi_vK5Yi02lj3WgPA.roa
Signing time: Mon 25 Mar 2024 12:09:45 +0000
ROA not before: Mon 25 Mar 2024 12:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:84:3f:bd:ae:ed:a4:eb:3f:c7:0f:29:15:ce:8e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 25 12:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf12e7fe5af7fd67e2fef2b9622d36963dd680f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:0d:56:85:2f:f2:a2:31:96:82:cc:c4:06:
92:07:c7:73:ce:c4:6d:cf:18:2c:84:c3:7f:08:14:
e4:06:5f:e3:c7:eb:a5:64:70:e4:a5:d2:af:79:b9:
42:03:f3:2b:53:d2:8a:07:0d:a5:9c:d9:7a:3d:e0:
65:a3:13:57:cd:ba:e4:55:bb:c2:15:40:42:d7:d5:
fa:8f:86:76:e0:f4:20:de:22:1c:91:bf:ab:e7:9f:
6a:c1:9d:64:f4:73:8b:96:74:41:3a:a3:a7:0f:05:
62:a8:ed:f1:de:d9:22:4c:a6:43:85:69:8f:f0:56:
2c:7b:14:5e:9e:31:1d:59:11:ab:7a:48:2f:98:fd:
5b:92:49:31:56:d6:07:7d:f3:b8:a9:1e:33:9b:a0:
a1:01:f0:bf:e6:2b:f3:ab:10:aa:c0:1f:33:0b:66:
7a:fb:99:97:f2:14:4a:4d:2f:e8:c4:c0:07:00:92:
25:e9:12:7a:44:fa:90:56:10:e6:d2:b0:89:0d:ca:
33:e6:e0:6d:07:ab:6e:c9:82:df:b6:41:e3:d2:ab:
86:32:32:67:43:11:23:1e:5d:91:17:57:c7:af:14:
3a:b2:39:f1:cf:33:e9:3d:b7:4a:19:05:62:7d:ca:
32:73:0f:f9:27:30:fa:f9:c3:0d:d3:f2:78:ac:15:
66:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:12:E7:FE:5A:F7:FD:67:E2:FE:F2:B9:62:2D:36:96:3D:D6:80:F0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vxLn_lr3_Wfi_vK5Yi02lj3WgPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:a1:63:c1:b2:b4:cf:7d:0e:71:32:80:4a:9c:c7:4d:cf:26:
1b:ec:af:c8:4b:6c:f4:ba:ac:30:89:44:c9:ea:f9:f1:59:73:
d0:b2:9c:d6:77:fa:49:14:bc:e0:7c:6c:4a:5f:d8:17:e3:7d:
95:54:37:8d:e6:3c:ff:4f:0e:8f:9e:2c:60:4b:5b:f2:22:11:
8c:8a:1c:c0:af:0d:8c:4e:16:d2:11:4f:3c:5f:c9:b0:a1:8b:
9d:12:fb:18:b2:ab:12:bc:4d:bf:dc:4a:cb:d1:13:a5:ff:73:
fb:bf:39:e0:98:39:58:a4:c5:07:65:9a:78:07:b4:43:fb:5d:
69:17:d8:85:6c:31:f7:38:23:08:0e:25:26:8a:ac:d6:9d:16:
50:61:af:75:9d:67:08:70:8e:a9:b1:d7:30:bc:5f:ec:6f:b1:
c3:1a:76:6f:a5:69:6a:0a:11:c1:80:89:7d:bc:a3:1c:52:d6:
8b:f2:2a:06:65:79:be:79:c2:28:c1:5b:89:fb:94:ab:9a:b9:
98:8c:d3:d7:e7:b2:84:1d:15:0e:e1:f0:51:56:c6:c2:b3:ab:
58:de:ea:d6:ad:4a:63:29:1d:36:e9:39:02:b3:9b:7f:96:14:
48:f2:6a:fb:3f:7f:18:fd:da:5f:ea:6e:07:eb:59:8b:d1:c9:
76:61:22:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY51hD+9ru2k6z/HDykVzo6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI1MTIwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjEyZTdmZTVhZjdmZDY3ZTJmZWYyYjk2MjJkMzY5NjNkZDY4MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7gNVoUv8qIxloLMxAaSB8dzzsRt
zxgshMN/CBTkBl/jx+ulZHDkpdKveblCA/MrU9KKBw2lnNl6PeBloxNXzbrkVbvC
FUBC19X6j4Z24PQg3iIckb+r559qwZ1k9HOLlnRBOqOnDwViqO3x3tkiTKZDhWmP
8FYsexRenjEdWRGrekgvmP1bkkkxVtYHffO4qR4zm6ChAfC/5ivzqxCqwB8zC2Z6
+5mX8hRKTS/oxMAHAJIl6RJ6RPqQVhDm0rCJDcoz5uBtB6tuyYLftkHj0quGMjJn
QxEjHl2RF1fHrxQ6sjnxzzPpPbdKGQVifcoycw/5JzD6+cMN0/J4rBVmSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL8S5/5a9/1n4v7yuWItNpY91oDwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdnhMbl9scjNfV2ZpX3ZLNVlpMDJsajNXZ1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEKhY8GytM99DnEygEqc
x03PJhvsr8hLbPS6rDCJRMnq+fFZc9CynNZ3+kkUvOB8bEpf2BfjfZVUN43mPP9P
Do+eLGBLW/IiEYyKHMCvDYxOFtIRTzxfybChi50S+xiyqxK8Tb/cSsvRE6X/c/u/
OeCYOVikxQdlmngHtEP7XWkX2IVsMfc4IwgOJSaKrNadFlBhr3WdZwhwjqmx1zC8
X+xvscMadm+laWoKEcGAiX28oxxS1ovyKgZleb55wijBW4n7lKuauZiM09fnsoQd
FQ7h8FFWxsKzq1je6tatSmMpHTbpOQKzm3+WFEjyavs/fxj92l/qbgfrWYvRyXZh
Ims=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:56 2025 by rpki-client