Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tgmxxL4L-4HzZYzxJVZgPgNKCYo.roa
File: tgmxxL4L-4HzZYzxJVZgPgNKCYo.roa (raw, json)
Hash identifier: yfczLbFnXMnOb2rAw7jM99uJwwHTQA3Ev1+zXUm6y5k=
Subject key identifier: B6:09:B1:C4:BE:0B:FB:81:F3:65:8C:F1:25:56:60:3E:03:4A:09:8A
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01942444935CCD13ABB1F11E96BEF4180127
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tgmxxL4L-4HzZYzxJVZgPgNKCYo.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57969
IP address blocks: 2a09:7:2002::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:93:5c:cd:13:ab:b1:f1:1e:96:be:f4:18:01:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b609b1c4be0bfb81f3658cf12556603e034a098a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ee:ef:9d:b6:25:7f:4c:1d:9a:2d:17:c6:2b:
02:84:42:c3:b1:af:8f:d6:bc:85:c0:a8:47:61:9a:
6c:71:0c:d2:1e:45:33:7e:c4:46:c1:47:cd:25:38:
6c:8d:00:a6:17:ea:c0:4a:5f:40:ed:f5:48:f2:5b:
7c:b8:12:c1:d5:17:7f:eb:56:a8:f8:19:0c:6f:ea:
56:ce:35:74:f4:b0:76:57:4b:ac:7e:94:b9:aa:35:
d8:03:53:98:60:6d:b9:d4:a2:f7:88:7c:12:14:46:
e1:50:a7:5b:ac:20:65:1f:98:b8:1e:04:30:0b:00:
59:ca:99:49:8a:3b:3b:25:ca:49:53:67:13:57:a2:
2d:18:30:18:28:22:e1:3c:ff:e3:e5:7d:dc:13:01:
8b:25:2f:3d:4d:a5:7a:50:74:79:67:c0:cd:ec:55:
2a:5d:8d:67:41:a9:7d:18:70:16:6e:55:2c:a0:22:
b3:86:79:0a:15:7d:52:09:da:6c:6c:8c:8b:7f:ee:
ab:c8:f2:a8:e1:07:4e:10:44:8c:20:29:d5:84:e3:
4b:fc:a0:72:00:3a:51:f5:be:5e:e6:70:f4:bd:87:
13:4b:20:4a:3a:9b:73:fe:f2:f3:60:ac:92:5a:0a:
71:57:6e:34:17:c0:5f:0a:39:3d:ec:f1:73:88:1b:
bf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:09:B1:C4:BE:0B:FB:81:F3:65:8C:F1:25:56:60:3E:03:4A:09:8A
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tgmxxL4L-4HzZYzxJVZgPgNKCYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7:2002::/48
Signature Algorithm: sha256WithRSAEncryption
83:c3:7f:86:f2:d1:7e:31:de:6d:dc:23:b5:5c:9e:88:a1:51:
d3:f9:d0:b3:57:23:30:9c:22:8c:83:ec:75:ea:2d:2e:36:df:
de:ec:33:b4:df:ce:53:03:0e:63:e3:9b:5e:e8:40:0a:1c:9e:
ab:b0:ea:50:da:5d:87:27:53:d0:1a:d2:ff:e7:cb:10:5e:8a:
e0:91:16:55:7e:5a:f5:45:29:59:6e:84:07:b4:bd:a9:df:b3:
d6:29:c7:74:af:8a:dc:d0:57:bb:34:7f:ad:9f:5c:a8:a8:43:
5a:26:86:d0:bb:18:8f:0c:e9:52:64:02:7b:0d:20:a8:e3:1f:
e5:7a:e8:9a:e7:42:5d:f0:f5:1d:cd:fe:a5:64:5f:8d:7b:88:
38:6e:c4:aa:f3:f2:84:82:30:af:f9:80:ef:87:03:4c:7a:0e:
ca:f1:23:2e:0c:85:28:1b:fe:e7:69:cf:db:ea:d1:0b:5e:12:
6c:16:23:3d:00:9a:c6:d5:25:cd:7b:e9:3d:a1:16:81:99:b5:
d9:5d:a2:92:8a:5f:bf:e3:d3:2f:14:14:c6:93:29:45:82:bb:
f0:b9:98:b5:05:49:20:e6:a0:eb:47:50:65:21:fb:7a:6a:ae:
0c:1c:62:b4:06:43:3b:21:21:06:8e:ad:af:e3:a4:d1:df:3d:
d2:bf:71:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRJNczROrsfEelr70GAEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA5YjFjNGJlMGJmYjgxZjM2NThjZjEyNTU2NjAzZTAzNGEwOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+7vnbYlf0wdmi0XxisChELDsa+P
1ryFwKhHYZpscQzSHkUzfsRGwUfNJThsjQCmF+rASl9A7fVI8lt8uBLB1Rd/61ao
+BkMb+pWzjV09LB2V0usfpS5qjXYA1OYYG251KL3iHwSFEbhUKdbrCBlH5i4HgQw
CwBZyplJijs7JcpJU2cTV6ItGDAYKCLhPP/j5X3cEwGLJS89TaV6UHR5Z8DN7FUq
XY1nQal9GHAWblUsoCKzhnkKFX1SCdpsbIyLf+6ryPKo4QdOEESMICnVhONL/KBy
ADpR9b5e5nD0vYcTSyBKOptz/vLzYKySWgpxV240F8BfCjk97PFziBu/sQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLYJscS+C/uB82WM8SVWYD4DSgmKMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdGdteHhMNEwtNEh6Wll6eEpWWmdQZ05LQ1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCDw3+G8tF+Md5t3CO1XJ6IoVHT+dCzVyMwnCKM
g+x16i0uNt/e7DO0385TAw5j45te6EAKHJ6rsOpQ2l2HJ1PQGtL/58sQXorgkRZV
flr1RSlZboQHtL2p37PWKcd0r4rc0Fe7NH+tn1yoqENaJobQuxiPDOlSZAJ7DSCo
4x/leuia50Jd8PUdzf6lZF+Ne4g4bsSq8/KEgjCv+YDvhwNMeg7K8SMuDIUoG/7n
ac/b6tELXhJsFiM9AJrG1SXNe+k9oRaBmbXZXaKSil+/49MvFBTGkylFgrvwuZi1
BUkg5qDrR1BlIft6aq4MHGK0BkM7ISEGjq2v46TR3z3Sv3F8
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:57:13 2025 by rpki-client