Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NH-qdGdxHCpX5CDsQhguqEOykxY.roa
File: NH-qdGdxHCpX5CDsQhguqEOykxY.roa (raw, json)
Hash identifier: E/LgZO/m2w+mLkyhvDik5z2GhndjLiq2AhqBPUy3cAQ=
Subject key identifier: 34:7F:AA:74:67:71:1C:2A:57:E4:20:EC:42:18:2E:A8:43:B2:93:16
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA6D7C5FAE87E56D4E0B6211843018
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NH-qdGdxHCpX5CDsQhguqEOykxY.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
2a0e:d787::/32 maxlen: 48
2a11:f885::/32 maxlen: 48
2a11:f886::/32 maxlen: 48
2a11:f887::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6d:7c:5f:ae:87:e5:6d:4e:0b:62:11:84:30:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=347faa7467711c2a57e420ec42182ea843b29316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f7:47:2b:78:d6:67:71:2d:d7:e8:4a:25:9a:
2d:49:6d:c3:a4:07:46:3d:5e:74:f6:d5:5a:48:d1:
4d:d3:00:6a:c7:1d:ad:77:09:99:96:de:f7:11:9c:
12:ef:fa:8f:fe:b2:66:c6:64:9b:da:88:69:34:96:
ee:98:ee:2a:13:37:50:8c:3e:60:10:9e:e6:ac:72:
e0:11:0f:9a:dc:03:cb:d7:6e:dd:78:a0:39:31:57:
dc:2e:24:3f:dc:f7:40:b9:8b:58:9b:86:b1:08:44:
84:99:9c:74:07:1e:1e:bc:fc:5d:21:ed:97:f0:2f:
1a:d1:6b:32:8d:90:70:eb:27:98:e4:f2:e1:11:d2:
d1:2a:95:32:91:d7:fb:48:e3:79:9c:15:14:a7:75:
40:b0:b1:e3:99:b3:b8:25:3e:bd:46:85:43:a0:f7:
b3:79:78:8f:1c:55:eb:c8:46:69:9b:6a:fe:ce:46:
40:bc:71:d2:61:0f:d3:9c:3d:e2:40:01:fa:46:c5:
8b:70:81:fe:d4:7d:23:b3:31:61:67:0e:f0:78:91:
a5:62:87:f9:f2:80:ab:59:5e:f4:89:f0:7f:2d:7c:
a7:d7:92:43:1e:25:69:79:a3:db:45:15:19:73:9d:
49:e7:a2:13:13:65:48:73:25:6d:23:0a:56:85:4e:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7F:AA:74:67:71:1C:2A:57:E4:20:EC:42:18:2E:A8:43:B2:93:16
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/NH-qdGdxHCpX5CDsQhguqEOykxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
IPv6:
2a0e:d787::/32
2a11:f885::-2a11:f887:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:2f:64:2e:fa:7c:14:d3:a0:84:66:0a:b2:03:03:d2:ed:f6:
dd:e2:44:5f:11:7a:9c:23:11:be:1b:e8:5a:0f:d3:15:d8:15:
5b:51:49:1d:b3:dc:86:2b:85:5d:13:ec:1a:c9:da:2c:78:62:
a9:c5:a7:26:b1:11:fd:44:9a:fb:65:84:0c:29:b5:c5:d3:f6:
bf:47:6d:ff:5a:59:6b:5d:c0:26:d2:34:86:36:72:f7:b9:d9:
ac:7b:74:86:a0:11:b3:a4:e2:7f:7a:fb:65:a9:b7:9b:82:72:
5a:0b:57:a1:1d:2a:bf:d1:8c:d6:2e:13:e7:75:28:2c:15:d6:
e7:1d:c3:b6:d8:98:a9:b3:6e:03:24:6c:f6:24:35:6b:50:79:
74:5a:f9:d8:9e:fa:e2:0e:cf:10:ea:ee:84:6a:08:42:03:c9:
d8:9c:3a:b2:ba:b1:63:b5:e5:2a:e2:3d:4a:df:cd:34:f9:8e:
c5:91:f6:0e:bc:23:a4:cf:8a:d3:4f:11:c9:03:c5:01:6e:5b:
31:42:49:b7:7b:18:ae:97:ab:69:55:08:c2:5c:1f:06:dc:21:
99:2f:69:c6:d9:5a:53:e1:b1:f3:c2:1d:b5:97:a3:5c:9e:61:
5e:a9:08:81:3d:22:7d:b7:fa:70:f1:7f:7e:6a:de:93:42:d2:
02:49:5e:10
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQf+m18X66H5W1OC2IRhDAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdmYWE3NDY3NzExYzJhNTdlNDIwZWM0MjE4MmVhODQzYjI5MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPdHK3jWZ3Et1+hKJZotSW3DpAdG
PV509tVaSNFN0wBqxx2tdwmZlt73EZwS7/qP/rJmxmSb2ohpNJbumO4qEzdQjD5g
EJ7mrHLgEQ+a3APL127deKA5MVfcLiQ/3PdAuYtYm4axCESEmZx0Bx4evPxdIe2X
8C8a0WsyjZBw6yeY5PLhEdLRKpUykdf7SON5nBUUp3VAsLHjmbO4JT69RoVDoPez
eXiPHFXryEZpm2r+zkZAvHHSYQ/TnD3iQAH6RsWLcIH+1H0jszFhZw7weJGlYof5
8oCrWV70ifB/LXyn15JDHiVpeaPbRRUZc51J56ITE2VIcyVtIwpWhU6x0QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDR/qnRncRwqV+Qg7EIYLqhDspMWMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTkgtcWRHZHhIQ3BYNUNEc1FoZ3VxRU95a3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQALYYUMB0E
AgACMBcDBQAqDteHMA4DBQAqEfiFAwUDKhH4gDANBgkqhkiG9w0BAQsFAAOCAQEA
Ii9kLvp8FNOghGYKsgMD0u323eJEXxF6nCMRvhvoWg/TFdgVW1FJHbPchiuFXRPs
GsnaLHhiqcWnJrER/USa+2WEDCm1xdP2v0dt/1pZa13AJtI0hjZy97nZrHt0hqAR
s6Tif3r7Zam3m4JyWgtXoR0qv9GM1i4T53UoLBXW5x3DttiYqbNuAyRs9iQ1a1B5
dFr52J764g7PEOruhGoIQgPJ2Jw6srqxY7XlKuI9St/NNPmOxZH2DrwjpM+K008R
yQPFAW5bMUJJt3sYrperaVUIwlwfBtwhmS9pxtlaU+Gx88IdtZejXJ5hXqkIgT0i
fbf6cPF/fmrek0LSAkleEA==
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:50:01 2025 by rpki-client on console.sobornost.net