
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmy1JkuStbUb4vcamqDcclooroY.roa
File: hmy1JkuStbUb4vcamqDcclooroY.roa (raw, json)
Hash identifier: xnYP0qzucI41r8kcjuyk4ZYSi+ChoCsJVlVqjEZM5As=
Subject key identifier: 86:6C:B5:26:4B:92:B5:B5:1B:E2:F7:1A:9A:A0:DC:72:5A:28:AE:86
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01870DBDF93CD062CAF77DD5C5D5FB5AFB5F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmy1JkuStbUb4vcamqDcclooroY.roa
Signing time: Thu 23 Mar 2023 09:12:46 +0000
ROA not before: Thu 23 Mar 2023 09:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:bd:f9:3c:d0:62:ca:f7:7d:d5:c5:d5:fb:5a:fb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 23 09:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=866cb5264b92b5b51be2f71a9aa0dc725a28ae86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f2:6a:e1:c8:e0:ec:b8:b7:24:67:a5:bf:31:
7b:18:ce:b3:62:7b:92:d0:83:44:7d:cf:6e:3b:f6:
77:02:6b:99:03:0d:0d:b4:9f:2b:42:27:67:a1:63:
a9:19:5e:54:4a:4a:9f:91:d6:df:bb:d5:3c:c6:f3:
da:58:24:dc:47:3f:67:d9:3c:c9:ca:7c:ff:8b:e6:
e6:c1:c8:1c:bd:d9:ea:8b:6f:1b:de:cb:9b:10:54:
25:4c:9a:ac:1a:12:ee:23:56:91:e0:2b:6f:f0:6a:
fb:5a:51:d9:00:57:e7:e7:3a:0d:fa:20:18:e7:53:
69:e8:82:ce:63:62:c8:34:43:59:0a:75:d7:f2:28:
76:9f:69:d6:d9:09:46:f3:21:7d:f3:82:98:27:ad:
5f:54:81:fc:de:15:31:a1:9b:b8:e7:d9:4b:f7:9a:
29:ae:d1:a2:43:65:d8:c9:90:1c:da:92:a4:ed:07:
3b:80:6a:8b:07:a7:42:27:34:cc:b8:8e:84:10:4e:
26:98:d6:80:2a:3c:d0:99:72:81:26:2a:29:fc:20:
d2:c1:43:e1:22:df:08:65:09:04:b9:07:03:29:ad:
e9:53:32:f0:80:6f:65:e2:75:66:08:1b:c3:89:a3:
11:a1:8e:35:2f:df:31:3e:88:6a:af:b4:90:c1:9a:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6C:B5:26:4B:92:B5:B5:1B:E2:F7:1A:9A:A0:DC:72:5A:28:AE:86
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmy1JkuStbUb4vcamqDcclooroY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:19:98:12:cf:6c:e4:07:fb:47:ef:39:fe:6f:ad:df:e3:b7:
95:86:5e:42:d7:0f:0e:f3:ec:1b:d3:4c:0f:c1:cf:21:dd:6a:
d6:26:2b:84:12:41:ea:3e:48:02:bf:e8:2e:64:ba:fc:91:4c:
a3:2c:11:cf:fd:2c:e6:f4:e7:20:46:e3:6f:46:4d:dc:7f:0a:
85:d3:5f:2e:d5:b4:12:d2:95:e9:55:6f:dc:d2:54:06:b1:41:
f2:42:c2:04:a6:c7:ee:d7:32:b5:73:03:8a:26:06:64:ad:65:
68:76:05:38:71:fb:1a:bb:ff:3f:88:04:01:00:d2:3f:e7:48:
2e:52:c7:2b:cb:02:26:b0:2e:fb:1b:0a:ca:ef:89:46:a0:c1:
34:8d:80:ef:cb:95:b9:8e:41:08:23:e4:fa:cf:e5:50:90:e7:
d9:24:8d:f7:1a:cc:23:8b:37:d3:86:12:6a:ef:d8:96:93:2e:
de:a3:a0:ea:3a:be:68:72:5f:75:2a:4a:f3:4a:4c:31:47:ab:
cb:3b:f4:eb:ff:c1:32:18:4a:5d:4d:90:e4:8b:3c:da:e4:b4:
98:18:db:1d:a5:71:03:ac:a3:ea:91:75:c4:69:47:32:3e:f3:
1d:cf:da:66:82:5b:a1:1d:23:7a:cd:49:3d:3d:5d:ec:33:e7:
61:42:7d:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcNvfk80GLK933VxdX7WvtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIzMDkxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZjYjUyNjRiOTJiNWI1MWJlMmY3MWE5YWEwZGM3MjVhMjhhZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofJq4cjg7Li3JGelvzF7GM6zYnuS
0INEfc9uO/Z3AmuZAw0NtJ8rQidnoWOpGV5USkqfkdbfu9U8xvPaWCTcRz9n2TzJ
ynz/i+bmwcgcvdnqi28b3subEFQlTJqsGhLuI1aR4Ctv8Gr7WlHZAFfn5zoN+iAY
51Np6ILOY2LINENZCnXX8ih2n2nW2QlG8yF984KYJ61fVIH83hUxoZu459lL95op
rtGiQ2XYyZAc2pKk7Qc7gGqLB6dCJzTMuI6EEE4mmNaAKjzQmXKBJiop/CDSwUPh
It8IZQkEuQcDKa3pUzLwgG9l4nVmCBvDiaMRoY41L98xPohqr7SQwZq7OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZstSZLkrW1G+L3Gpqg3HJaKK6GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaG15MUprdVN0YlViNHZjYW1xRGNjbG9vcm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABUZmBLPbOQH+0fvOf5v
rd/jt5WGXkLXDw7z7BvTTA/BzyHdatYmK4QSQeo+SAK/6C5kuvyRTKMsEc/9LOb0
5yBG429GTdx/CoXTXy7VtBLSlelVb9zSVAaxQfJCwgSmx+7XMrVzA4omBmStZWh2
BThx+xq7/z+IBAEA0j/nSC5SxyvLAiawLvsbCsrviUagwTSNgO/LlbmOQQgj5PrP
5VCQ59kkjfcazCOLN9OGEmrv2JaTLt6joOo6vmhyX3UqSvNKTDFHq8s79Ov/wTIY
Sl1NkOSLPNrktJgY2x2lcQOso+qRdcRpRzI+8x3P2maCW6EdI3rNST09Xewz52FC
faA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:05:16 2025 by rpki-client