Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS141694.roa
File: AS141694.roa (raw, json)
Hash identifier: Ca6MunTLFZsw3MRrWiGRs7o/aZRD9M/6ueB5HMh6h88=
Subject key identifier: C0:9F:DA:59:27:8F:D2:06:4B:74:48:72:11:0E:33:14:EA:D4:D6:9D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4B61FC9CAE5B8574295FBEDDC7974B6038ADF9B2
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS141694.roa
Signing time: Wed 20 Dec 2023 16:21:29 +0000
ROA not before: Wed 20 Dec 2023 16:16:29 +0000
ROA not after: Wed 18 Dec 2024 16:21:29 +0000
asID: 141694
IP address blocks: 2a13:df80:3e00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:61:fc:9c:ae:5b:85:74:29:5f:be:dd:c7:97:4b:60:38:ad:f9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:29 2023 GMT
Not After : Dec 18 16:21:29 2024 GMT
Subject: CN=C09FDA59278FD2064B744872110E3314EAD4D69D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:4f:85:0e:62:20:26:e6:58:12:4e:43:94:
17:5b:e5:d2:15:b8:a5:93:a6:db:83:3f:69:e7:0b:
f0:c5:30:f1:87:1c:a9:a6:4e:bc:3b:89:e6:5f:53:
50:a5:b7:f9:ce:1f:c1:e2:e6:1e:fb:cb:ab:d0:48:
1f:09:17:70:7b:a1:65:e4:39:ed:62:71:39:91:8f:
a6:f4:b0:53:d6:13:7f:66:84:51:da:a1:6e:6d:02:
80:39:c0:8e:69:17:81:e0:97:a6:e8:07:9d:e7:da:
6e:ac:07:a9:9c:42:07:25:fe:39:fe:30:71:46:19:
38:74:1f:b2:f3:05:09:79:f5:ee:77:57:9a:5b:8f:
04:a8:97:db:4b:5b:5e:85:ec:9c:3a:cf:39:12:38:
11:8b:77:18:89:37:73:00:c9:24:a9:e5:73:08:e7:
21:d5:2b:f0:04:2e:d1:81:52:3c:18:f9:44:20:37:
3a:df:95:ff:9d:54:e5:45:dd:0b:c6:4f:75:eb:e9:
9a:73:ff:0a:75:86:ca:e6:bd:f4:25:10:43:e5:a3:
c7:db:32:03:0a:78:c5:48:9f:53:7b:46:fc:93:fd:
43:2c:12:c5:b6:cc:68:36:05:9b:af:05:e9:e2:1e:
b5:cd:16:9b:d9:26:12:ca:a5:f9:3f:0a:47:62:8d:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:9F:DA:59:27:8F:D2:06:4B:74:48:72:11:0E:33:14:EA:D4:D6:9D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS141694.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3e00::/40
Signature Algorithm: sha256WithRSAEncryption
c7:04:54:64:86:ec:6e:1c:68:d8:58:a4:eb:f1:87:13:75:61:
98:d0:48:c8:e3:d8:84:94:cd:55:d6:64:29:74:ab:9a:9c:e1:
81:e8:42:be:a6:49:20:e7:78:7d:e1:d3:8d:46:17:88:35:26:
d1:17:d9:64:10:74:f6:3b:27:16:df:95:3f:6a:c3:82:ec:60:
5d:86:db:73:98:26:68:18:bf:52:06:9b:3f:53:95:95:f5:3a:
bb:d3:a0:72:fe:53:ed:ef:d6:09:04:06:1a:31:dd:ee:10:72:
20:16:4b:03:5d:af:5d:74:0c:6c:02:13:f0:47:54:e8:96:36:
86:6c:4f:c0:43:4c:2a:35:fc:14:56:18:05:80:8c:ca:8d:0b:
7d:09:c2:3d:5e:44:0c:d9:c5:c4:6f:af:d9:fc:c9:76:2a:70:
aa:d4:85:b6:7e:6c:9f:6a:34:03:42:bb:59:83:0d:d1:95:1f:
29:65:71:49:0a:e6:76:dd:73:be:a0:ba:fe:6f:d5:ea:79:52:
97:f8:95:a5:f8:df:94:99:d2:46:e0:8d:c4:70:00:d2:82:3e:
9d:c0:6d:14:72:c9:d3:81:6a:e2:6d:bc:55:f8:ad:cf:eb:3e:
6c:dd:60:69:a9:78:5a:e8:bb:89:43:a7:40:f2:cd:ce:bd:35:
ec:1e:56:e5
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUS2H8nK5bhXQpX77dx5dLYDit+bIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MjlaFw0yNDEyMTgxNjIxMjlaMDMxMTAvBgNV
BAMTKEMwOUZEQTU5Mjc4RkQyMDY0Qjc0NDg3MjExMEUzMzE0RUFENEQ2OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJUE+FDmIgJuZYEk5DlBdb5dIV
uKWTptuDP2nnC/DFMPGHHKmmTrw7ieZfU1Clt/nOH8Hi5h77y6vQSB8JF3B7oWXk
Oe1icTmRj6b0sFPWE39mhFHaoW5tAoA5wI5pF4Hgl6boB53n2m6sB6mcQgcl/jn+
MHFGGTh0H7LzBQl59e53V5pbjwSol9tLW16F7Jw6zzkSOBGLdxiJN3MAySSp5XMI
5yHVK/AELtGBUjwY+UQgNzrflf+dVOVF3QvGT3Xr6Zpz/wp1hsrmvfQlEEPlo8fb
MgMKeMVIn1N7RvyT/UMsEsW2zGg2BZuvBeniHrXNFpvZJhLKpfk/CkdijZsZAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUwJ/aWSeP0gZLdEhyEQ4zFOrU1p0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTQxNjk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gD4wDQYJKoZIhvcNAQELBQADggEBAMcEVGSG7G4caNhYpOvxhxN1YZjQSMjj2ISU
zVXWZCl0q5qc4YHoQr6mSSDneH3h041GF4g1JtEX2WQQdPY7JxbflT9qw4LsYF2G
23OYJmgYv1IGmz9TlZX1OrvToHL+U+3v1gkEBhox3e4QciAWSwNdr110DGwCE/BH
VOiWNoZsT8BDTCo1/BRWGAWAjMqNC30Jwj1eRAzZxcRvr9n8yXYqcKrUhbZ+bJ9q
NANCu1mDDdGVHyllcUkK5nbdc76guv5v1ep5Upf4laX435SZ0kbgjcRwANKCPp3A
bRRyydOBauJtvFX4rc/rPmzdYGmpeFrou4lDp0Dyzc69NeweVuU=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org