Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/2FhEmcxYfTh9K3J3avRiCdDc75E.roa
File: 2FhEmcxYfTh9K3J3avRiCdDc75E.roa (raw, json)
Hash identifier: tOhuHX2KWyFG2B0a0se5O81lEiJFRABFP38mxTII8TU=
Subject key identifier: D8:58:44:99:CC:58:7D:38:7D:2B:72:77:6A:F4:62:09:D0:DC:EF:91
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 0194282341A95DEF958A6A8F2555F479D91C
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/2FhEmcxYfTh9K3J3avRiCdDc75E.roa
Signing time: Thu 02 Jan 2025 17:49:46 +0000
ROA not before: Thu 02 Jan 2025 17:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206509
IP address blocks: 212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:41:a9:5d:ef:95:8a:6a:8f:25:55:f4:79:d9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Jan 2 17:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8584499cc587d387d2b72776af46209d0dcef91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dd:7b:e0:f9:32:5d:2b:9a:22:18:26:e7:6c:
db:55:8e:f8:a6:f9:0b:be:9d:76:e9:ee:3d:04:ba:
c6:29:d3:7a:3c:42:25:f6:d1:a7:3b:ab:da:6a:79:
ea:e6:a8:0b:21:d4:cb:bb:e3:41:5b:7e:6b:6d:4a:
ea:23:40:bf:8c:72:49:82:a9:a2:71:c3:f7:6b:76:
f3:15:0d:98:93:95:1a:e0:8a:3d:3a:1d:3f:13:74:
ca:50:0e:44:4c:19:f5:3a:16:65:dd:e8:cd:9d:b9:
b0:36:56:a6:8c:15:b7:11:ed:f8:55:fe:f2:d9:f6:
37:93:40:bf:23:0b:26:e8:e9:9f:f2:67:bb:da:51:
10:37:c1:25:39:61:fc:84:2b:ff:59:62:bf:49:00:
78:fb:d3:99:1a:f2:ad:a6:77:69:84:ee:c6:95:0b:
63:04:f4:0d:dc:29:8b:6d:d0:1b:6f:a1:14:bd:d7:
ac:66:fc:15:d1:da:6e:7b:f3:2c:0a:47:a8:d5:33:
35:6a:9c:1b:1b:8f:53:65:44:27:dd:0c:a7:af:3b:
17:a3:74:37:be:44:88:ca:b8:5b:87:b1:63:bc:e7:
f6:e7:65:37:e3:58:c5:32:8c:9c:95:7d:93:9f:f3:
1c:ac:bb:18:23:e8:ad:44:a8:58:d9:2f:a3:5c:b8:
4f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:58:44:99:CC:58:7D:38:7D:2B:72:77:6A:F4:62:09:D0:DC:EF:91
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/2FhEmcxYfTh9K3J3avRiCdDc75E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
55:9c:21:2c:10:95:dc:10:f4:73:63:48:b7:f7:ce:da:1c:0a:
62:7c:21:5a:e6:67:5e:25:a4:bc:a0:7e:01:25:95:a0:0d:3b:
c6:10:c0:17:23:91:ff:ee:bc:c3:60:5e:ae:3c:95:9b:96:0b:
e4:46:1e:08:f9:d1:e9:f5:5a:cb:0f:c9:80:36:2d:19:e6:e4:
e7:ce:43:17:6f:f1:13:36:4f:44:20:bc:32:51:af:ec:bf:3f:
55:ba:e6:68:27:43:f1:02:c3:a3:c3:5a:54:39:f7:da:ff:c2:
92:9b:53:0c:e1:fa:de:25:f0:9a:98:ad:b5:14:7c:88:9f:61:
fa:de:fa:37:4d:a1:70:62:e6:93:69:18:b2:96:2a:54:40:36:
54:09:a2:13:fe:29:c7:9c:1b:1f:c0:90:ff:f2:63:d1:f9:cc:
8e:00:7c:7c:a5:b4:b6:f4:2b:92:7c:c4:13:fb:b9:7b:3c:bc:
94:d6:fa:90:50:1b:03:15:cb:07:d2:47:01:77:e3:15:b6:33:
2b:10:a7:51:75:82:7a:a4:88:18:b5:3f:79:16:4e:8f:cc:26:
e7:55:93:05:4a:b6:a9:a5:6d:a9:3e:70:6e:bd:10:60:d1:3b:
ed:d2:63:0a:ab:b9:c3:c0:b0:53:1b:c3:19:58:5d:e7:0c:6d:
b2:e3:51:d2
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQoI0GpXe+VimqPJVX0edkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjUwMTAyMTc0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODU4NDQ5OWNjNTg3ZDM4N2QyYjcyNzc2YWY0NjIwOWQwZGNlZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN174PkyXSuaIhgm52zbVY74pvkL
vp126e49BLrGKdN6PEIl9tGnO6vaannq5qgLIdTLu+NBW35rbUrqI0C/jHJJgqmi
ccP3a3bzFQ2Yk5Ua4Io9Oh0/E3TKUA5ETBn1OhZl3ejNnbmwNlamjBW3Ee34Vf7y
2fY3k0C/Iwsm6Omf8me72lEQN8ElOWH8hCv/WWK/SQB4+9OZGvKtpndphO7GlQtj
BPQN3CmLbdAbb6EUvdesZvwV0dpue/MsCkeo1TM1apwbG49TZUQn3QynrzsXo3Q3
vkSIyrhbh7FjvOf252U341jFMoyclX2Tn/McrLsYI+itRKhY2S+jXLhPBQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNhYRJnMWH04fStyd2r0YgnQ3O+RMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvMkZoRW1jeFlmVGg5SzNKM2F2UmlDZERjNzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBADUaIED
BADUaIIDBADUaIQDBADUaIgDBADUaI8wDAMEANRolQMEANRolgMEANRomDAMAwQA
1GibAwQA1GicAwQA1GifAwQB1GxYMA0GCSqGSIb3DQEBCwUAA4IBAQBVnCEsEJXc
EPRzY0i3987aHApifCFa5mdeJaS8oH4BJZWgDTvGEMAXI5H/7rzDYF6uPJWblgvk
Rh4I+dHp9VrLD8mANi0Z5uTnzkMXb/ETNk9EILwyUa/svz9VuuZoJ0PxAsOjw1pU
Offa/8KSm1MM4freJfCamK21FHyIn2H63vo3TaFwYuaTaRiylipUQDZUCaIT/inH
nBsfwJD/8mPR+cyOAHx8pbS29CuSfMQT+7l7PLyU1vqQUBsDFcsH0kcBd+MVtjMr
EKdRdYJ6pIgYtT95Fk6PzCbnVZMFSrappW2pPnBuvRBg0Tvt0mMKq7nDwLBTG8MZ
WF3nDG2y41HS
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:02 2025 by rpki-client on console.sobornost.net