Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xrGoWWTN13HaQ6QwkfKFFDL5iac.roa
File: xrGoWWTN13HaQ6QwkfKFFDL5iac.roa (raw, json)
Hash identifier: MZCqQ7Cw9KPt/gdh9L9xyVNaLEBiWNyPX9ngErfnnS8=
Subject key identifier: C6:B1:A8:59:64:CD:D7:71:DA:43:A4:30:91:F2:85:14:32:F9:89:A7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC1BFA618B9C63B2054CD09552FE54651
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xrGoWWTN13HaQ6QwkfKFFDL5iac.roa
Signing time: Sat 23 Sep 2023 11:14:37 +0000
ROA not before: Sat 23 Sep 2023 11:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:bf:a6:18:b9:c6:3b:20:54:cd:09:55:2f:e5:46:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 11:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6b1a85964cdd771da43a43091f2851432f989a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:54:72:c0:01:9b:e2:76:26:fd:56:ca:a3:bb:
43:15:b7:d4:98:ff:d3:03:45:b9:98:3f:d6:0a:1e:
1c:8c:ad:fe:02:38:07:b5:d2:2c:fa:63:28:30:5b:
3f:9e:a3:fe:8f:b5:c7:ee:38:75:ee:72:42:c9:ca:
2e:ed:22:0d:f1:1b:e3:99:aa:9e:5e:0b:d3:c1:40:
76:4b:36:2e:44:cc:1c:c8:50:6c:28:87:20:1a:cb:
ac:44:3f:95:38:14:a7:76:6c:c3:7c:58:66:ad:fc:
74:9f:b7:d2:44:cf:27:40:35:e9:44:26:fd:cf:1b:
ad:b2:fb:5e:b8:37:92:71:fa:d7:79:f5:7e:0a:e8:
16:00:85:fe:62:1b:46:2a:60:83:7e:0c:82:34:5f:
3d:0e:e7:6f:5c:0f:d4:bb:5f:44:db:7e:c2:c7:64:
e8:ba:58:94:f2:d2:8e:5e:bb:91:8f:c1:a1:e8:d4:
f9:d6:29:06:37:d1:da:14:52:15:95:50:cd:50:ac:
bd:9a:75:cf:73:e1:f4:34:fe:f2:f7:e7:68:fe:5e:
14:ee:d3:3b:fd:60:58:7e:73:fb:2c:68:11:04:4c:
7f:cf:d5:0b:18:ea:b2:99:ab:13:c0:02:69:63:8b:
79:f6:4f:bf:c4:0f:f7:1e:c2:98:01:fb:cf:47:7a:
28:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:A8:59:64:CD:D7:71:DA:43:A4:30:91:F2:85:14:32:F9:89:A7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xrGoWWTN13HaQ6QwkfKFFDL5iac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:bc:93:1d:0c:f3:d7:cb:3d:01:ac:8f:13:26:55:03:e3:ce:
aa:6b:99:dc:0f:47:85:c6:db:3f:04:9f:88:07:ce:73:5d:27:
d3:dd:85:02:12:57:a2:4b:48:cd:10:86:b1:6d:a3:b5:d4:ad:
5a:f2:3f:07:78:dc:54:9a:87:8a:79:a4:16:6d:6e:e7:f5:7e:
e4:6c:e0:df:c8:40:d2:5a:ea:a1:b6:28:77:85:b6:3c:7e:84:
5d:b2:2b:a9:cb:32:a5:0b:e6:8c:3c:35:55:ef:ec:ca:b9:23:
c7:c0:7d:99:15:f2:5e:a5:f4:0c:c3:8e:9c:d4:a4:c0:c8:a2:
9c:25:8b:9a:f8:b8:d3:9a:29:45:19:a7:94:5b:b1:a4:35:b2:
ef:a9:52:df:71:29:af:19:ab:c0:8a:3b:46:cb:5e:98:e7:62:
18:2a:3f:aa:a0:82:d9:5c:92:47:ad:7c:de:a8:32:ef:07:c8:
98:02:04:9a:f5:0c:d7:e2:97:fa:44:68:7e:7a:d6:81:57:68:
05:ec:f4:b1:6e:5f:c2:32:2a:62:38:aa:23:90:3f:c6:55:58:
5e:ab:e8:e0:59:c8:26:e5:23:81:eb:1b:d6:a9:e0:af:88:b5:
b9:29:f2:c0:cd:cb:9d:e4:09:6f:d5:30:2c:75:30:7e:cd:4f:
96:73:9a:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrBv6YYucY7IFTNCVUv5UZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTExNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxYTg1OTY0Y2RkNzcxZGE0M2E0MzA5MWYyODUxNDMyZjk4OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFRywAGb4nYm/VbKo7tDFbfUmP/T
A0W5mD/WCh4cjK3+AjgHtdIs+mMoMFs/nqP+j7XH7jh17nJCycou7SIN8Rvjmaqe
XgvTwUB2SzYuRMwcyFBsKIcgGsusRD+VOBSndmzDfFhmrfx0n7fSRM8nQDXpRCb9
zxutsvteuDeScfrXefV+CugWAIX+YhtGKmCDfgyCNF89DudvXA/Uu19E237Cx2To
uliU8tKOXruRj8Gh6NT51ikGN9HaFFIVlVDNUKy9mnXPc+H0NP7y9+do/l4U7tM7
/WBYfnP7LGgRBEx/z9ULGOqymasTwAJpY4t59k+/xA/3HsKYAfvPR3ooEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMaxqFlkzddx2kOkMJHyhRQy+YmnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveHJHb1dXVE4xM0hhUTZRd2tmS0ZGREw1aWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHe8kx0M89fLPQGsjxMm
VQPjzqprmdwPR4XG2z8En4gHznNdJ9PdhQISV6JLSM0QhrFto7XUrVryPwd43FSa
h4p5pBZtbuf1fuRs4N/IQNJa6qG2KHeFtjx+hF2yK6nLMqUL5ow8NVXv7Mq5I8fA
fZkV8l6l9AzDjpzUpMDIopwli5r4uNOaKUUZp5RbsaQ1su+pUt9xKa8Zq8CKO0bL
XpjnYhgqP6qggtlckketfN6oMu8HyJgCBJr1DNfil/pEaH561oFXaAXs9LFuX8Iy
KmI4qiOQP8ZVWF6r6OBZyCblI4HrG9ap4K+Itbkp8sDNy53kCW/VMCx1MH7NT5Zz
mj4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:49:04 2025 by rpki-client