Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/eUFi6xurAwO84NWjsfoE3VAs4zs.roa
File: eUFi6xurAwO84NWjsfoE3VAs4zs.roa (raw, json)
Hash identifier: sACFx69RvF2r6/0OHAYHW9p2RMBjOMKDwH42us+kEHc=
Subject key identifier: 79:41:62:EB:1B:AB:03:03:BC:E0:D5:A3:B1:FA:04:DD:50:2C:E3:3B
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019423D7C9EE2C1A8A04E1C8414487B801FD
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/eUFi6xurAwO84NWjsfoE3VAs4zs.roa
Signing time: Wed 01 Jan 2025 21:48:51 +0000
ROA not before: Wed 01 Jan 2025 21:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215350
IP address blocks: 46.36.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:c9:ee:2c:1a:8a:04:e1:c8:41:44:87:b8:01:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 1 21:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=794162eb1bab0303bce0d5a3b1fa04dd502ce33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a1:72:db:21:2b:ee:a1:14:08:f5:39:4f:da:
70:98:eb:84:f1:93:c2:96:b5:bf:b8:7f:98:e4:1d:
e9:df:aa:32:2e:06:0a:b0:e4:98:51:f5:89:a6:7f:
12:89:1b:9b:6f:d0:48:56:50:1f:4a:f5:0d:f7:a1:
f6:ce:a9:a8:df:70:00:8c:20:b3:b4:fa:fd:3b:89:
a3:98:64:5b:51:e9:4c:9a:23:ca:35:07:25:61:c1:
71:56:8a:f5:09:c8:50:5c:f0:c1:cb:94:c2:89:84:
99:44:3d:42:12:b0:37:ea:82:59:bd:87:e7:52:79:
ef:9a:f1:a4:d0:58:cc:db:ba:93:de:1c:49:22:16:
bb:38:3f:d7:58:03:26:a5:9f:ec:85:7c:d4:3d:09:
fa:3a:5a:0a:e7:f3:e5:cc:27:6b:3e:9b:d3:b4:bd:
9c:4c:3a:9c:49:27:25:a5:48:c6:b8:56:51:c2:67:
e4:8a:b3:11:a5:e5:a7:fd:fc:44:f7:30:0b:9a:72:
5d:96:57:b3:40:c8:8f:c6:05:1a:86:90:5b:a6:24:
0c:63:b9:84:48:5d:58:07:ea:49:4b:65:5c:76:77:
23:7a:31:21:e9:ce:54:c3:50:f7:b5:a8:2d:1b:44:
67:60:f8:4f:39:8c:78:93:d5:e9:6f:55:59:22:ea:
23:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:41:62:EB:1B:AB:03:03:BC:E0:D5:A3:B1:FA:04:DD:50:2C:E3:3B
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/eUFi6xurAwO84NWjsfoE3VAs4zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.97.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:d6:0c:86:e1:4e:c5:c7:ea:ef:c7:ea:b8:f2:9a:2f:31:d7:
82:c7:82:db:4a:81:af:56:01:28:a5:ec:14:67:99:80:39:3a:
39:a6:b1:54:14:af:83:42:99:da:fc:48:da:6d:9d:07:a7:d6:
d6:73:c4:52:9f:c4:0b:b3:40:f3:32:c9:4b:c0:0d:25:ea:74:
ac:a2:1f:1e:bd:6a:de:b7:5e:51:a2:e2:bd:c7:fd:e2:bc:d7:
87:67:8c:5c:dd:12:42:ff:81:92:bc:30:ee:03:f5:4c:e0:fc:
57:49:f5:63:07:35:15:7d:c3:24:93:ff:e6:70:5f:22:40:14:
7a:6d:f4:06:fd:83:5c:26:1f:53:26:46:e2:e0:64:f9:f7:77:
93:a6:10:22:d0:62:30:cd:c8:a8:54:bb:25:8c:d5:70:07:5a:
ab:e8:08:e4:ff:19:79:1c:c7:13:76:07:e2:33:df:f3:b7:f1:
40:18:6d:e6:a6:c6:60:4a:66:8e:58:43:d6:7d:d4:49:c1:99:
d5:7b:ed:cb:79:9c:f1:b5:a8:54:2a:f7:80:9f:95:8e:e8:65:
67:08:7e:78:6d:6a:d2:e3:5b:8c:a4:7a:2f:88:0a:c9:dc:8f:
6d:07:d7:fc:eb:d2:23:04:09:d4:7e:f8:0d:13:5c:a7:12:f8:
b3:9d:ce:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj18nuLBqKBOHIQUSHuAH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwMTAxMjE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQxNjJlYjFiYWIwMzAzYmNlMGQ1YTNiMWZhMDRkZDUwMmNlMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46Fy2yEr7qEUCPU5T9pwmOuE8ZPC
lrW/uH+Y5B3p36oyLgYKsOSYUfWJpn8SiRubb9BIVlAfSvUN96H2zqmo33AAjCCz
tPr9O4mjmGRbUelMmiPKNQclYcFxVor1CchQXPDBy5TCiYSZRD1CErA36oJZvYfn
UnnvmvGk0FjM27qT3hxJIha7OD/XWAMmpZ/shXzUPQn6OloK5/PlzCdrPpvTtL2c
TDqcSSclpUjGuFZRwmfkirMRpeWn/fxE9zALmnJdllezQMiPxgUahpBbpiQMY7mE
SF1YB+pJS2VcdncjejEh6c5Uw1D3tagtG0RnYPhPOYx4k9Xpb1VZIuojBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlBYusbqwMDvODVo7H6BN1QLOM7MB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvZVVGaTZ4dXJBd084NE5XanNmb0UzVkFzNHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiRhMA0G
CSqGSIb3DQEBCwUAA4IBAQAb1gyG4U7Fx+rvx+q48povMdeCx4LbSoGvVgEopewU
Z5mAOTo5prFUFK+DQpna/EjabZ0Hp9bWc8RSn8QLs0DzMslLwA0l6nSsoh8evWre
t15RouK9x/3ivNeHZ4xc3RJC/4GSvDDuA/VM4PxXSfVjBzUVfcMkk//mcF8iQBR6
bfQG/YNcJh9TJkbi4GT593eTphAi0GIwzcioVLsljNVwB1qr6Ajk/xl5HMcTdgfi
M9/zt/FAGG3mpsZgSmaOWEPWfdRJwZnVe+3LeZzxtahUKveAn5WO6GVnCH54bWrS
41uMpHoviArJ3I9tB9f869IjBAnUfvgNE1ynEviznc6V
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:17:10 2025 by rpki-client