Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nhrLyHFkDyfMdkVriDRTgvo3t_Y.roa
File: nhrLyHFkDyfMdkVriDRTgvo3t_Y.roa (raw, json)
Hash identifier: eKD99JMipierTphDhhSKM2O21Ghe2O2KPPDv7PRx+sE=
Subject key identifier: 9E:1A:CB:C8:71:64:0F:27:CC:76:45:6B:88:34:53:82:FA:37:B7:F6
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D72A94EFC202E8827F64AB942458C5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nhrLyHFkDyfMdkVriDRTgvo3t_Y.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210899
IP address blocks: 45.137.105.0/24 maxlen: 24
2a0e:d601:7220::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2a:94:ef:c2:02:e8:82:7f:64:ab:94:24:58:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e1acbc871640f27cc76456b88345382fa37b7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6b:61:4a:b8:62:0a:7c:f6:64:5d:95:69:7b:
23:0a:29:e9:60:2d:27:25:81:66:c6:e7:1d:46:6e:
9b:48:88:7a:18:be:5e:3c:5a:5c:9b:86:a9:14:bf:
43:fb:28:af:f2:41:da:73:89:41:d8:3e:0e:ce:f0:
f5:28:68:6e:15:a8:ec:b2:27:b8:fb:7c:c4:44:a0:
39:f9:e5:39:02:0c:02:d6:55:f7:54:72:11:7a:2f:
3c:ef:2d:ae:8b:48:3c:9d:1a:98:51:93:84:9f:b0:
76:ba:75:c2:9a:fb:02:53:09:8d:30:26:7a:4d:db:
ac:10:f5:91:ad:c3:b4:d7:15:b4:71:7d:75:ee:1e:
f8:3e:af:32:ec:9e:3d:b1:0e:1b:22:86:93:2f:7c:
11:23:e2:93:65:6c:c0:ad:98:1b:9b:d5:6f:5e:a2:
2d:a3:eb:4b:0f:20:e3:73:d7:ef:ed:32:d4:6c:53:
8c:be:86:10:5f:e1:2f:29:a3:94:39:c4:ac:9f:f2:
57:0f:80:54:86:83:b2:8d:5c:ce:12:c1:e4:9d:ea:
cd:3c:35:a2:1d:19:04:c8:00:01:81:56:74:fa:79:
b2:d3:3e:1c:39:9c:55:f4:a7:b9:5f:d5:7b:1d:63:
28:ef:fd:39:6a:f5:c3:25:61:b9:0d:ef:7d:a6:1b:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1A:CB:C8:71:64:0F:27:CC:76:45:6B:88:34:53:82:FA:37:B7:F6
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/nhrLyHFkDyfMdkVriDRTgvo3t_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.105.0/24
IPv6:
2a0e:d601:7220::/48
Signature Algorithm: sha256WithRSAEncryption
4a:f9:0d:a9:d6:d6:b7:dc:7e:59:e5:36:e3:be:af:2f:03:72:
b2:ed:89:9e:d3:0a:aa:28:86:2b:68:75:d8:72:e2:05:d6:dc:
42:73:cf:c5:36:5d:b1:4a:14:f8:b1:f0:f9:82:f6:7f:f9:32:
ac:48:16:d2:36:02:b4:63:cf:f1:9e:1d:bd:6f:42:f7:9f:b3:
94:df:55:a6:c9:f2:d0:3d:3a:b0:a6:e1:52:94:8f:19:e3:cb:
9a:32:f6:51:8f:f5:6e:f0:5a:6f:d8:f5:a1:91:98:f3:b7:40:
d8:b1:6a:67:24:09:29:81:f0:e0:52:16:c7:a3:ec:8b:c4:20:
b5:92:33:94:f4:a3:31:4c:9e:43:34:d1:df:b5:b5:b4:dd:1c:
1e:7d:cb:c5:35:cd:3c:c3:88:b5:79:4b:74:24:4c:79:31:34:
5e:5d:71:ae:5a:76:2c:1d:41:4c:8d:72:c2:7b:3f:f7:ec:6b:
8d:ac:e3:9f:5a:38:47:0c:63:73:95:cd:39:6a:08:e8:58:33:
74:c2:0c:1d:ae:51:97:87:19:04:ce:71:e1:bb:c9:a2:37:c1:
6e:8c:1d:ac:1d:38:70:d2:cd:29:14:e7:02:f4:b1:42:4f:0b:
c6:f2:b1:02:bf:a1:cb:4d:6b:22:52:c5:51:82:32:97:0f:90:
10:41:ce:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1yqU78IC6IJ/ZKuUJFjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFhY2JjODcxNjQwZjI3Y2M3NjQ1NmI4ODM0NTM4MmZhMzdiN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GthSrhiCnz2ZF2VaXsjCinpYC0n
JYFmxucdRm6bSIh6GL5ePFpcm4apFL9D+yiv8kHac4lB2D4OzvD1KGhuFajssie4
+3zERKA5+eU5AgwC1lX3VHIRei887y2ui0g8nRqYUZOEn7B2unXCmvsCUwmNMCZ6
TdusEPWRrcO01xW0cX117h74Pq8y7J49sQ4bIoaTL3wRI+KTZWzArZgbm9VvXqIt
o+tLDyDjc9fv7TLUbFOMvoYQX+EvKaOUOcSsn/JXD4BUhoOyjVzOEsHknerNPDWi
HRkEyAABgVZ0+nmy0z4cOZxV9Ke5X9V7HWMo7/05avXDJWG5De99phtmQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ4ay8hxZA8nzHZFa4g0U4L6N7f2MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbmhyTHlIRmtEeWZNZGtWcmlEUlRndm8zdF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYlpMA8E
AgACMAkDBwAqDtYBciAwDQYJKoZIhvcNAQELBQADggEBAEr5DanW1rfcflnlNuO+
ry8DcrLtiZ7TCqoohitoddhy4gXW3EJzz8U2XbFKFPix8PmC9n/5MqxIFtI2ArRj
z/GeHb1vQvefs5TfVabJ8tA9OrCm4VKUjxnjy5oy9lGP9W7wWm/Y9aGRmPO3QNix
amckCSmB8OBSFsej7IvEILWSM5T0ozFMnkM00d+1tbTdHB59y8U1zTzDiLV5S3Qk
THkxNF5dca5adiwdQUyNcsJ7P/fsa42s459aOEcMY3OVzTlqCOhYM3TCDB2uUZeH
GQTOceG7yaI3wW6MHawdOHDSzSkU5wL0sUJPC8bysQK/octNayJSxVGCMpcPkBBB
zlE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:03 2025 by rpki-client