Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS150249.roa
File: AS150249.roa (raw, json)
Hash identifier: AOqRqGKjA1KgWQOK8rUJlibYykF3wNDpyGzAVVyokmU=
Subject key identifier: 3D:7F:73:39:44:21:A2:59:00:95:0B:91:DB:2E:2B:8F:75:93:85:59
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3344D97486F18E4BCB25120BE826C919E3928831
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS150249.roa
Signing time: Wed 20 Dec 2023 16:21:38 +0000
ROA not before: Wed 20 Dec 2023 16:16:38 +0000
ROA not after: Wed 18 Dec 2024 16:21:38 +0000
asID: 150249
IP address blocks: 2a13:df80:6802::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:44:d9:74:86:f1:8e:4b:cb:25:12:0b:e8:26:c9:19:e3:92:88:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:38 2023 GMT
Not After : Dec 18 16:21:38 2024 GMT
Subject: CN=3D7F73394421A25900950B91DB2E2B8F75938559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b1:3e:7f:d1:fb:63:71:58:f0:ea:c2:06:d6:
c6:e8:69:69:e9:e1:ca:99:31:64:3e:af:c5:c8:93:
a2:87:df:79:5d:01:95:84:90:61:0b:bf:ef:31:9c:
cf:85:6b:b3:58:4c:26:e2:34:66:8a:e2:e0:7d:fb:
63:f3:17:0d:6b:48:2e:74:1d:8d:03:7e:14:c9:12:
df:24:9a:d7:b1:42:2d:77:11:f1:07:db:40:05:06:
c5:f9:fc:bd:22:d6:b8:0d:ad:79:68:7b:8b:bf:df:
3d:75:52:43:d5:19:c5:c2:6c:e2:d8:cd:60:8f:c7:
ee:64:44:27:5c:b9:b5:e4:2f:ad:2e:d7:3c:a0:aa:
92:fe:f5:7d:5a:41:3b:c1:e3:b6:38:21:2f:76:08:
a8:bd:15:ca:87:ad:b0:4f:94:e9:91:b4:fb:00:b3:
ac:6a:bf:97:88:5c:9a:ca:75:18:8c:80:0a:b3:b5:
58:e6:47:ce:bd:d3:38:e0:aa:05:50:1c:ef:49:6d:
84:06:2b:26:f0:71:14:11:73:5d:22:a9:75:4b:29:
16:a1:e6:e9:95:d1:96:ea:57:00:b7:01:50:02:d5:
e1:78:50:d2:eb:b5:94:fd:80:35:a7:d3:12:36:b5:
c8:f3:62:1f:df:f6:66:c9:3a:b7:d7:1e:1c:39:6b:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7F:73:39:44:21:A2:59:00:95:0B:91:DB:2E:2B:8F:75:93:85:59
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS150249.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:6802::/48
Signature Algorithm: sha256WithRSAEncryption
95:09:d4:6e:09:1d:27:2d:46:c3:86:16:52:9b:b9:6a:b8:b6:
58:b7:03:99:a8:d8:f2:ad:ee:b6:2b:ed:44:db:73:d5:0d:9b:
eb:dd:5a:63:88:fe:e1:a4:67:ad:24:fd:c9:4e:2d:c4:b3:8d:
19:73:24:53:59:28:01:de:53:71:29:d9:45:51:51:a2:24:74:
b4:0a:ee:98:a9:18:e6:74:cd:28:b6:61:10:03:02:29:0c:44:
96:11:78:d4:2b:32:41:bd:5d:4b:77:96:76:7c:c1:83:58:d9:
40:68:4d:18:21:12:d9:7b:50:ac:16:78:d7:20:74:2a:1a:6a:
6e:6d:db:00:e6:96:5a:e6:6d:45:69:d1:be:02:89:b3:79:d0:
a6:7f:4c:cc:41:5d:a1:eb:81:0f:ab:3d:e6:0d:c0:5d:2b:71:
98:a7:cf:7e:c1:95:70:cc:92:14:6f:56:e0:8b:99:50:fe:15:
e1:27:9f:45:60:dd:94:96:74:a3:1f:a8:ac:42:96:2a:53:6b:
df:88:78:09:9c:07:be:d1:7e:39:2a:e9:ec:d3:47:3f:0b:55:
ec:c3:f1:b5:b1:36:cd:75:53:a3:5e:e8:c3:8d:2a:19:c6:25:
d0:41:a3:c6:4e:a1:f7:64:35:bb:06:04:6c:76:95:d6:63:fb:
64:0b:ad:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUM0TZdIbxjkvLJRIL6CbJGeOSiDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzhaFw0yNDEyMTgxNjIxMzhaMDMxMTAvBgNV
BAMTKDNEN0Y3MzM5NDQyMUEyNTkwMDk1MEI5MURCMkUyQjhGNzU5Mzg1NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXsT5/0ftjcVjw6sIG1sboaWnp
4cqZMWQ+r8XIk6KH33ldAZWEkGELv+8xnM+Fa7NYTCbiNGaK4uB9+2PzFw1rSC50
HY0DfhTJEt8kmtexQi13EfEH20AFBsX5/L0i1rgNrXloe4u/3z11UkPVGcXCbOLY
zWCPx+5kRCdcubXkL60u1zygqpL+9X1aQTvB47Y4IS92CKi9FcqHrbBPlOmRtPsA
s6xqv5eIXJrKdRiMgAqztVjmR8690zjgqgVQHO9JbYQGKybwcRQRc10iqXVLKRah
5umV0ZbqVwC3AVAC1eF4UNLrtZT9gDWn0xI2tcjzYh/f9mbJOrfXHhw5awlRAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUPX9zOUQholkAlQuR2y4rj3WThVkwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTUwMjQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gGgCMA0GCSqGSIb3DQEBCwUAA4IBAQCVCdRuCR0nLUbDhhZSm7lquLZYtwOZqNjy
re62K+1E23PVDZvr3VpjiP7hpGetJP3JTi3Es40ZcyRTWSgB3lNxKdlFUVGiJHS0
Cu6YqRjmdM0otmEQAwIpDESWEXjUKzJBvV1Ld5Z2fMGDWNlAaE0YIRLZe1CsFnjX
IHQqGmpubdsA5pZa5m1FadG+AomzedCmf0zMQV2h64EPqz3mDcBdK3GYp89+wZVw
zJIUb1bgi5lQ/hXhJ59FYN2UlnSjH6isQpYqU2vfiHgJnAe+0X45Kuns00c/C1Xs
w/G1sTbNdVOjXujDjSoZxiXQQaPGTqH3ZDW7BgRsdpXWY/tkC62e
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org