Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197402.roa
File: AS197402.roa (raw, json)
Hash identifier: 2tnZpzV2piW4GEWEXs1u5/RCi+iYtEb/VlE28DFwn24=
Subject key identifier: 9F:46:77:D6:FC:C4:1B:8C:7C:03:99:28:41:20:8E:07:7D:D1:03:E0
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 17BADA90EDA540C93695E40FC9DB4C1FE7018874
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197402.roa
Signing time: Wed 20 Dec 2023 16:21:34 +0000
ROA not before: Wed 20 Dec 2023 16:16:34 +0000
ROA not after: Wed 18 Dec 2024 16:21:34 +0000
asID: 197402
IP address blocks: 2a13:df80:7204::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:ba:da:90:ed:a5:40:c9:36:95:e4:0f:c9:db:4c:1f:e7:01:88:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:34 2023 GMT
Not After : Dec 18 16:21:34 2024 GMT
Subject: CN=9F4677D6FCC41B8C7C03992841208E077DD103E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:ef:33:86:90:98:8e:b7:98:3d:56:9b:39:
df:1a:38:2f:f9:22:0d:7e:a6:db:3b:90:48:0a:9b:
04:80:8b:cd:b3:46:30:cd:2f:ec:7d:9f:d2:63:51:
54:d1:c6:25:74:9a:24:4f:84:36:7f:2a:19:25:1b:
02:9e:6d:9b:19:92:80:a0:9a:8b:3a:a9:27:53:6d:
29:3b:6c:98:50:42:5c:b1:87:d3:96:bf:e7:33:49:
bc:41:44:f2:fb:5d:bd:26:e1:5b:84:39:0b:ee:c7:
16:04:7b:2d:25:15:9e:a2:9e:bc:53:11:ad:c5:2f:
70:cf:bc:6d:55:36:b6:a6:ba:54:3d:44:04:50:95:
3b:ce:7b:5c:cc:6b:9d:ff:2c:9f:c4:7a:68:72:f7:
58:cf:bf:8b:48:56:be:e2:29:50:fb:2f:ca:ad:a0:
22:10:25:dd:8e:fb:93:e8:98:76:76:76:8f:5d:3b:
96:bb:a4:8c:18:e3:ac:08:db:59:0c:78:d3:8a:f3:
c4:a6:47:56:e2:47:9d:b4:02:81:24:26:cb:e6:4e:
4c:26:72:9c:24:2a:2c:ab:6d:38:78:68:aa:01:9e:
7a:b4:e6:09:e1:c6:d5:66:4e:65:98:be:18:70:c6:
d5:e4:87:79:0a:0e:68:df:ad:a9:ca:de:de:0e:60:
6c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:46:77:D6:FC:C4:1B:8C:7C:03:99:28:41:20:8E:07:7D:D1:03:E0
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197402.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:7204::/48
Signature Algorithm: sha256WithRSAEncryption
19:bd:47:a1:ff:31:94:64:ba:3e:91:98:d4:51:c9:8b:1e:3e:
2d:8a:4a:b5:63:c9:d1:bb:67:2b:92:d7:60:5c:07:82:4b:77:
50:a4:e6:85:ff:32:79:d4:65:34:50:c1:a3:46:4f:51:85:1e:
33:f0:50:e4:25:de:55:64:29:18:f0:23:33:dd:12:ab:b5:2e:
ff:76:02:b2:98:6d:14:ad:2c:26:ed:dd:9f:ba:47:7e:7a:1d:
76:a2:2e:e5:5f:90:73:f3:68:50:c8:f1:c2:78:69:c1:8a:e1:
4e:cf:b5:c9:b7:b4:10:20:8c:de:f3:d5:71:5d:ec:05:cf:f2:
fa:a3:fa:e5:ff:d6:1c:dd:1c:9a:4d:1c:e4:53:16:9e:78:49:
7b:b0:6e:b8:7d:c7:07:2d:af:b4:26:76:72:43:47:55:ff:03:
f0:cd:47:bc:b3:a4:02:30:20:e5:ae:7f:c5:8b:ac:11:f8:38:
c3:41:14:51:ae:6f:06:ee:d9:be:c6:1a:e7:d9:0d:6e:cb:44:
27:dc:cd:61:d7:7a:11:61:57:cb:69:4e:da:b5:ca:74:1f:72:
7e:79:59:7f:05:21:c2:25:8c:2b:e8:e2:67:22:35:da:46:57:
52:d2:c7:89:c4:73:e6:57:07:4c:71:0b:64:7b:21:df:4a:9d:
29:cb:2b:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUF7rakO2lQMk2leQPydtMH+cBiHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzRaFw0yNDEyMTgxNjIxMzRaMDMxMTAvBgNV
BAMTKDlGNDY3N0Q2RkNDNDFCOEM3QzAzOTkyODQxMjA4RTA3N0REMTAzRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiPe8zhpCYjreYPVabOd8aOC/5
Ig1+pts7kEgKmwSAi82zRjDNL+x9n9JjUVTRxiV0miRPhDZ/KhklGwKebZsZkoCg
mos6qSdTbSk7bJhQQlyxh9OWv+czSbxBRPL7Xb0m4VuEOQvuxxYEey0lFZ6inrxT
Ea3FL3DPvG1VNramulQ9RARQlTvOe1zMa53/LJ/Eemhy91jPv4tIVr7iKVD7L8qt
oCIQJd2O+5PomHZ2do9dO5a7pIwY46wI21kMeNOK88SmR1biR520AoEkJsvmTkwm
cpwkKiyrbTh4aKoBnnq05gnhxtVmTmWYvhhwxtXkh3kKDmjfranK3t4OYGx5AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUn0Z31vzEG4x8A5koQSCOB33RA+AwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk3NDAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gHIEMA0GCSqGSIb3DQEBCwUAA4IBAQAZvUeh/zGUZLo+kZjUUcmLHj4tikq1Y8nR
u2crktdgXAeCS3dQpOaF/zJ51GU0UMGjRk9RhR4z8FDkJd5VZCkY8CMz3RKrtS7/
dgKymG0UrSwm7d2fukd+eh12oi7lX5Bz82hQyPHCeGnBiuFOz7XJt7QQIIze89Vx
XewFz/L6o/rl/9Yc3RyaTRzkUxaeeEl7sG64fccHLa+0JnZyQ0dV/wPwzUe8s6QC
MCDlrn/Fi6wR+DjDQRRRrm8G7tm+xhrn2Q1uy0Qn3M1h13oRYVfLaU7atcp0H3J+
eVl/BSHCJYwr6OJnIjXaRldS0seJxHPmVwdMcQtkeyHfSp0pyytm
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org