Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/ss45WLKbXINYSnkGOm_RybOKd58.roa
File: ss45WLKbXINYSnkGOm_RybOKd58.roa (raw, json)
Hash identifier: C7EwtEx7u3QmgdLUAyWS6cBCQuixrkJNNdW+3HBjtGE=
Subject key identifier: B2:CE:39:58:B2:9B:5C:83:58:4A:79:06:3A:6F:D1:C9:B3:8A:77:9F
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 0194305363DFFA92BF531E3CBF9A8E94D119
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/ss45WLKbXINYSnkGOm_RybOKd58.roa
Signing time: Sat 04 Jan 2025 07:59:18 +0000
ROA not before: Sat 04 Jan 2025 07:59:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 46.36.100.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:30:53:63:df:fa:92:bf:53:1e:3c:bf:9a:8e:94:d1:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 4 07:59:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2ce3958b29b5c83584a79063a6fd1c9b38a779f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:a7:58:05:e0:5d:83:2c:76:c6:92:f6:00:
7a:09:6d:de:fe:03:77:65:da:75:b0:76:52:0e:b8:
17:d7:ce:24:bb:44:12:a8:65:78:4d:97:a4:79:e5:
20:dc:63:02:78:84:7b:53:24:cd:3a:08:b1:76:65:
cb:4d:52:d9:93:dd:bb:9f:2f:2f:17:88:29:58:c8:
cf:fc:de:12:ef:ba:e1:42:c5:14:eb:38:79:5e:f4:
f3:1b:58:40:69:89:f9:42:e2:4d:08:9f:8e:45:aa:
e6:f6:1d:d2:56:ce:15:e7:cd:12:9c:1c:0f:57:d3:
bf:0c:f1:65:8b:08:54:fc:bd:87:8d:47:9d:fd:5c:
21:d7:da:20:54:19:b2:06:c8:87:71:e3:b1:a7:c6:
25:12:b5:8d:91:d7:f4:10:aa:2d:7c:c7:28:0b:70:
51:02:e6:56:04:aa:9c:e6:d6:40:3a:8e:ef:ce:18:
5c:25:7c:02:60:2a:a7:1b:d3:79:67:87:6f:11:5f:
5f:fc:76:b2:08:62:3f:6b:9e:0d:7b:6f:07:59:07:
fa:93:ea:de:35:91:ff:5b:9a:b9:a6:10:03:a5:51:
4a:28:b9:67:42:db:67:21:23:55:5b:80:cd:9f:5e:
c5:fe:7d:ff:76:62:f2:6a:25:f6:70:1b:d4:cb:d5:
e8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CE:39:58:B2:9B:5C:83:58:4A:79:06:3A:6F:D1:C9:B3:8A:77:9F
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/ss45WLKbXINYSnkGOm_RybOKd58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.100.0/24
Signature Algorithm: sha256WithRSAEncryption
50:3d:b6:4e:a3:51:f4:94:f5:81:17:76:1f:43:94:cb:13:d9:
a0:a4:00:98:2c:67:47:1f:e5:1b:8a:e1:df:74:54:5c:41:f8:
24:37:31:e3:d0:e5:ba:49:c3:87:5b:d8:6c:e2:56:27:83:3d:
b6:bb:f8:71:1a:8e:86:f1:6e:8f:a7:1d:31:a1:73:40:e9:99:
96:68:c9:46:21:26:02:71:6e:b8:2a:58:16:df:4d:77:ee:e9:
cd:85:e5:68:24:87:1f:41:81:33:4e:59:78:80:73:13:8c:51:
6f:8d:94:ac:ec:8c:52:2f:75:b4:8b:de:83:c2:82:23:79:df:
97:4c:0c:8f:4b:01:72:95:1d:d3:2a:09:66:0b:35:1f:04:99:
f2:2d:b6:ec:38:ab:b2:0f:41:9a:e0:8a:00:05:30:d7:14:a7:
bf:bb:fd:13:26:4d:e7:4f:dd:cf:c7:50:a9:92:7e:6b:29:c7:
6a:53:5d:2e:91:83:f5:c8:ec:91:50:15:54:d6:7f:02:2b:41:
4d:e6:b2:87:a6:16:9c:06:4b:ac:06:85:64:10:8b:0c:d7:94:
31:f1:df:e3:2a:b2:9d:9f:ea:72:5f:65:2f:fa:cc:c7:a1:7e:
40:0a:47:f5:bf:74:f9:9a:35:0b:9a:3a:72:28:96:44:c2:ef:
16:42:4d:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQwU2Pf+pK/Ux48v5qOlNEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwMTA0MDc1OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNlMzk1OGIyOWI1YzgzNTg0YTc5MDYzYTZmZDFjOWIzOGE3NzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL2nWAXgXYMsdsaS9gB6CW3e/gN3
Zdp1sHZSDrgX184ku0QSqGV4TZekeeUg3GMCeIR7UyTNOgixdmXLTVLZk927ny8v
F4gpWMjP/N4S77rhQsUU6zh5XvTzG1hAaYn5QuJNCJ+ORarm9h3SVs4V580SnBwP
V9O/DPFliwhU/L2HjUed/Vwh19ogVBmyBsiHceOxp8YlErWNkdf0EKotfMcoC3BR
AuZWBKqc5tZAOo7vzhhcJXwCYCqnG9N5Z4dvEV9f/HayCGI/a54Ne28HWQf6k+re
NZH/W5q5phADpVFKKLlnQttnISNVW4DNn17F/n3/dmLyaiX2cBvUy9XoewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLOOViym1yDWEp5Bjpv0cmzinefMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvc3M0NVdMS2JYSU5ZU25rR09tX1J5Yk9LZDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiRkMA0G
CSqGSIb3DQEBCwUAA4IBAQBQPbZOo1H0lPWBF3YfQ5TLE9mgpACYLGdHH+UbiuHf
dFRcQfgkNzHj0OW6ScOHW9hs4lYngz22u/hxGo6G8W6Ppx0xoXNA6ZmWaMlGISYC
cW64KlgW30137unNheVoJIcfQYEzTll4gHMTjFFvjZSs7IxSL3W0i96DwoIjed+X
TAyPSwFylR3TKglmCzUfBJnyLbbsOKuyD0Ga4IoABTDXFKe/u/0TJk3nT93Px1Cp
kn5rKcdqU10ukYP1yOyRUBVU1n8CK0FN5rKHphacBkusBoVkEIsM15Qx8d/jKrKd
n+pyX2Uv+szHoX5ACkf1v3T5mjULmjpyKJZEwu8WQk3G
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:28 2025 by rpki-client