Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZM3BpfLVBjhcj49WaP5CtO886w.roa
File: HZM3BpfLVBjhcj49WaP5CtO886w.roa (raw, json)
Hash identifier: Ew9P5MjpG4xd+MBesPZa62TTruGLExlxGnDDDa5aXRM=
Subject key identifier: 1D:93:37:06:97:CB:54:18:E1:72:3E:3D:59:A3:F9:0A:D3:BC:F3:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A94CC33182FE2E8B736AEF2CB15C54F4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZM3BpfLVBjhcj49WaP5CtO886w.roa
Signing time: Mon 31 Jul 2023 00:15:27 +0000
ROA not before: Mon 31 Jul 2023 00:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a9:4c:c3:31:82:fe:2e:8b:73:6a:ef:2c:b1:5c:54:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 00:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d93370697cb5418e1723e3d59a3f90ad3bcf3ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:80:6c:8d:53:b0:ac:c7:06:99:5b:e1:8f:
6d:fe:49:04:46:cd:a4:9e:f9:c8:90:21:01:0a:44:
49:f4:9d:06:15:c3:91:ed:85:66:4c:63:f9:c1:fb:
f4:08:cc:86:b5:60:bd:bb:61:8e:70:d6:2c:86:26:
e9:f2:e3:45:ce:a1:f2:79:4c:28:2a:a6:a4:a0:e9:
a0:b1:25:37:91:12:40:d9:fb:96:8d:bc:7f:07:68:
ba:2a:c2:d7:97:68:1c:db:30:d9:23:ea:75:1b:4c:
08:46:6f:fe:f1:0d:ee:c0:43:42:32:64:7b:cd:e4:
4e:87:9b:d8:49:0b:1c:d8:8c:80:ab:a1:8c:b1:0b:
7b:39:56:7e:bd:40:21:dd:a4:7f:b0:55:4d:54:00:
c3:11:35:d4:33:35:66:3a:cc:28:81:ae:1d:35:c6:
77:d5:db:f2:c5:c2:a0:97:4b:ec:8b:98:b5:e6:d0:
0c:7d:a5:b9:1c:36:f0:a5:0b:5b:2c:fc:b7:80:69:
3b:8a:da:b9:3f:38:b2:0c:64:02:f8:28:5b:11:69:
74:2d:ad:a4:38:8c:d6:7c:ec:8a:9a:8c:c3:c6:fd:
7b:73:3c:6a:a5:f7:40:33:09:89:bf:6c:3c:e7:b9:
ee:3a:58:f5:e9:ad:3d:d6:46:a5:c2:d1:0a:8a:20:
d7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:93:37:06:97:CB:54:18:E1:72:3E:3D:59:A3:F9:0A:D3:BC:F3:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZM3BpfLVBjhcj49WaP5CtO886w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:70:e1:bc:d0:c4:3b:df:47:5b:46:ab:b7:dc:b4:05:b4:cb:
0e:8e:29:9d:83:6d:34:1a:68:4a:0a:28:a4:89:e9:dc:c8:6e:
53:14:91:d9:62:28:66:7a:6a:5a:0c:00:98:40:fe:c0:4b:6c:
36:78:6b:54:e2:48:29:bc:28:ae:4a:bd:6f:a6:89:5d:a8:2a:
72:ae:37:64:24:02:2a:3b:0b:b7:53:22:8c:27:9c:c8:c9:2e:
fa:90:27:bb:a8:48:d5:85:65:f4:5a:36:de:00:a1:c9:7a:d6:
05:51:b8:e2:67:84:f2:03:fb:a9:1a:2a:44:1b:6b:54:8c:cd:
f4:6b:c7:27:94:f6:51:c1:f8:f3:e0:7a:37:52:37:de:2c:f2:
8b:2e:68:af:b4:fb:2d:9f:59:3f:82:28:2a:4b:bc:01:d2:04:
8e:de:17:69:aa:e6:fd:9a:67:96:0c:18:b3:e2:cd:83:4e:fc:
d0:15:35:e1:a3:18:9b:7b:4d:1e:9c:48:d5:5e:34:50:ed:50:
e0:cc:f8:8b:42:34:6f:8f:02:0d:b6:28:d4:80:b2:75:fd:f0:
fc:32:49:54:cb:72:87:bd:fb:bf:b5:91:35:02:09:d9:ba:9d:
c9:a7:0c:0c:a1:48:e8:60:c1:f8:cf:03:0c:c2:65:ae:46:73:
77:5a:61:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmpTMMxgv4ui3Nq7yyxXFT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMDAxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkzMzcwNjk3Y2I1NDE4ZTE3MjNlM2Q1OWEzZjkwYWQzYmNmM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzSAbI1TsKzHBplb4Y9t/kkERs2k
nvnIkCEBCkRJ9J0GFcOR7YVmTGP5wfv0CMyGtWC9u2GOcNYshibp8uNFzqHyeUwo
KqakoOmgsSU3kRJA2fuWjbx/B2i6KsLXl2gc2zDZI+p1G0wIRm/+8Q3uwENCMmR7
zeROh5vYSQsc2IyAq6GMsQt7OVZ+vUAh3aR/sFVNVADDETXUMzVmOswoga4dNcZ3
1dvyxcKgl0vsi5i15tAMfaW5HDbwpQtbLPy3gGk7itq5PziyDGQC+ChbEWl0La2k
OIzWfOyKmozDxv17czxqpfdAMwmJv2w857nuOlj16a091kalwtEKiiDXYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2TNwaXy1QY4XI+PVmj+QrTvPOsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFpNM0JwZkxWQmpoY2o0OVdhUDVDdE84ODZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVw4bzQxDvfR1tGq7fc
tAW0yw6OKZ2DbTQaaEoKKKSJ6dzIblMUkdliKGZ6aloMAJhA/sBLbDZ4a1TiSCm8
KK5KvW+miV2oKnKuN2QkAio7C7dTIownnMjJLvqQJ7uoSNWFZfRaNt4Aocl61gVR
uOJnhPID+6kaKkQba1SMzfRrxyeU9lHB+PPgejdSN94s8osuaK+0+y2fWT+CKCpL
vAHSBI7eF2mq5v2aZ5YMGLPizYNO/NAVNeGjGJt7TR6cSNVeNFDtUODM+ItCNG+P
Ag22KNSAsnX98PwySVTLcoe9+7+1kTUCCdm6ncmnDAyhSOhgwfjPAwzCZa5Gc3da
YXo=
-----END CERTIFICATE-----
Generated at Sat May 3 01:13:55 2025 by rpki-client