Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/TYXAZaag957o76EiRu9I15OMv5E.roa
File: TYXAZaag957o76EiRu9I15OMv5E.roa (raw, json)
Hash identifier: zmtb5giOhQdGkH7dx2Sa5UgTLevbtgc7tUi0gfv9sBc=
Subject key identifier: 4D:85:C0:65:A6:A0:F7:9E:E8:EF:A1:22:46:EF:48:D7:93:8C:BF:91
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 01955D182B790F89EB23F83F7FBDA7C6253B
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/TYXAZaag957o76EiRu9I15OMv5E.roa
Signing time: Mon 03 Mar 2025 17:40:19 +0000
ROA not before: Mon 03 Mar 2025 17:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.206.2.0/23 maxlen: 23
82.206.4.0/22 maxlen: 24
82.206.16.0/22 maxlen: 22
82.206.72.0/21 maxlen: 21
82.206.80.0/21 maxlen: 21
82.206.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:18:2b:79:0f:89:eb:23:f8:3f:7f:bd:a7:c6:25:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Mar 3 17:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d85c065a6a0f79ee8efa12246ef48d7938cbf91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:01:f9:9b:3f:f9:24:74:7e:4e:54:35:d4:
63:f0:a6:dd:67:f2:03:b6:c7:82:48:60:8e:2d:a0:
e9:4c:3f:a8:6b:ce:80:05:f4:63:53:d9:c8:df:f2:
f1:e3:82:45:b8:a2:da:45:4f:c0:13:48:71:02:9d:
54:18:9f:62:2a:55:f6:90:a7:63:d1:e4:84:d2:12:
70:0a:2f:f9:1d:ab:03:03:99:02:96:a4:83:9f:e3:
07:17:ca:de:19:9f:eb:38:75:75:03:1e:f6:d0:97:
fe:c8:80:b1:db:05:41:ab:52:6c:b9:ce:67:6d:da:
ed:7d:f2:41:eb:ab:eb:d3:56:68:55:ab:f7:0a:89:
81:60:5a:dd:9f:44:3a:38:1e:eb:ae:f7:84:67:2b:
f0:86:2b:4e:26:f8:1d:9b:78:09:8f:e1:29:6e:f3:
0d:f2:b8:a1:85:c4:5e:b5:2b:39:57:68:28:42:3a:
96:e2:80:57:75:81:56:1e:f8:60:1d:9e:48:17:9b:
98:6c:49:93:c8:4e:0b:46:67:7e:af:30:bc:5e:4f:
90:c6:3e:b9:7f:00:4f:b3:88:6e:b5:76:87:a9:25:
fb:cb:e7:85:48:8c:77:fe:4b:ac:55:13:22:05:f5:
54:0b:16:b6:8d:53:5c:c0:41:63:77:de:eb:d1:c0:
d0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:85:C0:65:A6:A0:F7:9E:E8:EF:A1:22:46:EF:48:D7:93:8C:BF:91
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/TYXAZaag957o76EiRu9I15OMv5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.2.0-82.206.7.255
82.206.16.0/22
82.206.72.0-82.206.95.255
Signature Algorithm: sha256WithRSAEncryption
77:82:a4:72:ef:4c:6d:cb:8a:f5:fe:35:ae:b9:9d:fa:54:50:
31:bf:1a:10:d2:30:ae:2b:db:3c:03:4e:1f:f8:a9:c7:ce:10:
c6:5a:71:cd:3a:b1:54:e7:9a:7d:de:84:6f:64:f1:e1:89:14:
5c:80:75:02:7b:dd:fe:a9:66:11:44:ce:f4:64:99:19:18:32:
0d:f3:10:28:f8:a6:23:25:aa:57:a2:a5:4a:2f:8f:d2:8c:1c:
5f:19:d3:9d:32:d4:de:54:10:ce:46:cc:05:87:6c:e3:cd:86:
88:fb:30:1f:9d:b5:23:e7:08:df:4c:a4:9f:65:56:59:8c:d7:
77:94:87:dd:2f:b5:93:38:4f:83:fe:73:2d:90:af:f0:32:c6:
5c:76:c0:3f:84:81:20:f9:ee:87:be:da:5c:5a:74:4c:72:8a:
33:e3:ca:7b:bb:4c:ec:ae:3b:f2:12:83:e1:9e:db:3b:dc:e5:
27:b2:a7:66:60:0c:9e:2b:91:40:49:8f:49:70:be:62:cd:c5:
33:cc:80:9b:c1:12:60:85:c0:80:b4:7c:23:6f:d5:09:a6:f5:
46:17:6c:e9:f4:e7:29:a4:8f:19:f9:a6:4d:21:3a:eb:9e:d9:
0f:55:97:7b:f9:30:a1:88:91:b2:46:2d:36:4f:08:37:8b:38:
91:0e:4d:65
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZVdGCt5D4nrI/g/f72nxiU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjUwMzAzMTc0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg1YzA2NWE2YTBmNzllZThlZmExMjI0NmVmNDhkNzkzOGNiZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppIB+Zs/+SR0fk5UNdRj8KbdZ/ID
tseCSGCOLaDpTD+oa86ABfRjU9nI3/Lx44JFuKLaRU/AE0hxAp1UGJ9iKlX2kKdj
0eSE0hJwCi/5HasDA5kClqSDn+MHF8reGZ/rOHV1Ax720Jf+yICx2wVBq1Jsuc5n
bdrtffJB66vr01ZoVav3ComBYFrdn0Q6OB7rrveEZyvwhitOJvgdm3gJj+EpbvMN
8rihhcRetSs5V2goQjqW4oBXdYFWHvhgHZ5IF5uYbEmTyE4LRmd+rzC8Xk+Qxj65
fwBPs4hutXaHqSX7y+eFSIx3/kusVRMiBfVUCxa2jVNcwEFjd97r0cDQQwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFE2FwGWmoPee6O+hIkbvSNeTjL+RMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvVFlYQVphYWc5NTdvNzZFaVJ1OUkxNU9NdjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAFSzgID
BANSzgADBAJSzhAwDAMEA1LOSAMEBVLOQDANBgkqhkiG9w0BAQsFAAOCAQEAd4Kk
cu9MbcuK9f41rrmd+lRQMb8aENIwrivbPANOH/ipx84QxlpxzTqxVOeafd6Eb2Tx
4YkUXIB1Anvd/qlmEUTO9GSZGRgyDfMQKPimIyWqV6KlSi+P0owcXxnTnTLU3lQQ
zkbMBYds482GiPswH521I+cI30ykn2VWWYzXd5SH3S+1kzhPg/5zLZCv8DLGXHbA
P4SBIPnuh77aXFp0THKKM+PKe7tM7K478hKD4Z7bO9zlJ7KnZmAMniuRQEmPSXC+
Ys3FM8yAm8ESYIXAgLR8I2/VCab1Rhds6fTnKaSPGfmmTSE6657ZD1WXe/kwoYiR
skYtNk8IN4s4kQ5NZQ==
-----END CERTIFICATE-----
Generated at Tue Mar 25 22:13:32 2025 by rpki-client on console.sobornost.net