Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/HSNMsP7S-7b4hJ4FX3ZrnKozAxA.roa
File: HSNMsP7S-7b4hJ4FX3ZrnKozAxA.roa (raw, json)
Hash identifier: 8FZauvsoo9yddkvYPN1yp11DjuNYazOZmkBs+7d/oYI=
Subject key identifier: 1D:23:4C:B0:FE:D2:FB:B6:F8:84:9E:05:5F:76:6B:9C:AA:33:03:10
Certificate issuer: /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial: 019423D7C7BD2FA7FA8B07AE9D6A98494B79
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/HSNMsP7S-7b4hJ4FX3ZrnKozAxA.roa
Signing time: Wed 01 Jan 2025 21:48:51 +0000
ROA not before: Wed 01 Jan 2025 21:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 46.36.103.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:c7:bd:2f:a7:fa:8b:07:ae:9d:6a:98:49:4b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Validity
Not Before: Jan 1 21:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d234cb0fed2fbb6f8849e055f766b9caa330310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:7b:43:91:fc:9a:11:04:f2:3f:0d:19:5c:
94:3e:b1:8a:cd:94:5c:24:3f:5c:85:b2:4e:96:a5:
5b:8e:2d:f9:71:ed:c2:e3:00:d2:01:75:9b:98:67:
ec:cb:d0:e4:e5:ef:71:2b:37:66:2c:0f:0e:18:b9:
6b:6c:42:79:f2:60:51:b6:ef:40:90:2b:2d:19:de:
9c:85:5c:2e:1d:db:e7:ce:68:79:9c:1a:d5:ff:22:
b2:00:c4:ba:4b:53:d9:40:d9:ce:b4:bc:8d:d6:07:
46:85:67:1f:8a:85:39:39:fd:85:52:0b:9d:76:aa:
ac:59:ed:4a:61:f8:cd:4a:6b:c8:29:e7:6e:ea:1b:
69:19:05:7e:6b:43:64:88:d9:36:6d:34:0c:e4:f7:
a2:82:ef:7a:e4:2a:f2:51:b8:af:4a:58:72:17:c5:
18:e2:4a:74:19:df:a4:8b:4f:05:e8:02:4d:e5:4b:
f8:f3:ed:60:b1:a3:bd:16:04:26:41:8a:d2:e5:6d:
d9:63:35:94:cf:5d:13:99:09:67:21:a0:d0:58:8d:
03:14:5c:6a:92:1f:94:0d:26:17:2e:37:df:1e:d1:
86:7d:97:e5:c0:f2:a4:e3:01:b1:3e:a6:81:ec:67:
75:32:da:41:aa:2f:62:57:e1:ab:3a:d2:77:b1:1e:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:23:4C:B0:FE:D2:FB:B6:F8:84:9E:05:5F:76:6B:9C:AA:33:03:10
X509v3 Authority Key Identifier:
keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/HSNMsP7S-7b4hJ4FX3ZrnKozAxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.103.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:47:52:dd:6b:81:b3:9f:9d:8a:da:2e:2d:da:e8:6d:66:1d:
e7:ff:46:e9:c2:bc:c2:51:79:d6:2b:87:d4:9f:98:42:ce:bc:
c8:84:bf:7d:8d:b2:c8:ae:4c:1a:cb:53:37:92:1d:3a:58:a3:
8d:a8:3d:25:a1:99:99:3b:29:cf:b9:8f:2d:a6:66:40:0a:8d:
a2:e7:06:c0:98:a1:d6:4f:22:ed:82:04:1f:3e:b2:b8:70:32:
b6:01:68:02:fc:e3:8f:51:b7:01:d0:1f:c5:fb:2a:16:a3:1b:
f2:7e:d9:64:a7:95:c3:90:f5:97:a6:69:ab:3b:b0:5f:ff:80:
c9:11:98:10:3f:26:2c:d0:4d:2b:a3:d8:9d:e7:70:db:9a:d6:
37:16:85:0f:de:84:73:8c:f4:37:fa:3b:05:41:48:67:64:a0:
4b:21:b3:e6:72:38:c5:c6:bd:d6:b3:58:bd:de:d1:3d:de:a7:
85:29:96:84:23:21:cc:b1:52:9a:82:7b:ab:43:a1:23:35:77:
9b:b0:d2:2f:4a:61:2e:0b:dd:1a:b2:29:1b:50:12:fc:4b:c8:
d3:e8:ea:70:6f:b6:dd:82:db:b8:8f:9f:fe:82:30:4d:c6:86:
69:cb:c2:2d:68:3d:48:b2:0a:91:a1:91:1a:fc:75:bf:de:a6:
1d:02:5f:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj18e9L6f6iweunWqYSUt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjUwMTAxMjE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDIzNGNiMGZlZDJmYmI2Zjg4NDllMDU1Zjc2NmI5Y2FhMzMwMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq17Q5H8mhEE8j8NGVyUPrGKzZRc
JD9chbJOlqVbji35ce3C4wDSAXWbmGfsy9Dk5e9xKzdmLA8OGLlrbEJ58mBRtu9A
kCstGd6chVwuHdvnzmh5nBrV/yKyAMS6S1PZQNnOtLyN1gdGhWcfioU5Of2FUgud
dqqsWe1KYfjNSmvIKedu6htpGQV+a0NkiNk2bTQM5Peigu965CryUbivSlhyF8UY
4kp0Gd+ki08F6AJN5Uv48+1gsaO9FgQmQYrS5W3ZYzWUz10TmQlnIaDQWI0DFFxq
kh+UDSYXLjffHtGGfZflwPKk4wGxPqaB7Gd1MtpBqi9iV+GrOtJ3sR6nqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0jTLD+0vu2+ISeBV92a5yqMwMQMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvSFNOTXNQN1MtN2I0aEo0RlgzWnJuS296QXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiRnMA0G
CSqGSIb3DQEBCwUAA4IBAQCzR1Lda4Gzn52K2i4t2uhtZh3n/0bpwrzCUXnWK4fU
n5hCzrzIhL99jbLIrkway1M3kh06WKONqD0loZmZOynPuY8tpmZACo2i5wbAmKHW
TyLtggQfPrK4cDK2AWgC/OOPUbcB0B/F+yoWoxvyftlkp5XDkPWXpmmrO7Bf/4DJ
EZgQPyYs0E0ro9id53DbmtY3FoUP3oRzjPQ3+jsFQUhnZKBLIbPmcjjFxr3Ws1i9
3tE93qeFKZaEIyHMsVKagnurQ6EjNXebsNIvSmEuC90asikbUBL8S8jT6Opwb7bd
gtu4j5/+gjBNxoZpy8ItaD1IsgqRoZEa/HW/3qYdAl8H
-----END CERTIFICATE-----
Generated at Tue Apr 29 23:33:14 2025 by rpki-client