Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197438.roa
File: AS197438.roa (raw, json)
Hash identifier: mC1ms9ZqCxf2s94dXIYq1uYtZWQXbhhPLBgj9uIxqSk=
Subject key identifier: BD:92:1A:48:61:78:36:22:87:39:4B:66:6D:D1:48:7E:DC:8B:62:96
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4A00C748DA0F50A7FA61C3A29FA7C815C764F28C
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197438.roa
Signing time: Tue 02 Apr 2024 18:23:41 +0000
ROA not before: Tue 02 Apr 2024 18:18:41 +0000
ROA not after: Tue 01 Apr 2025 18:23:41 +0000
asID: 197438
IP address blocks: 2a13:df80:b000::/36 maxlen: 48
2a13:df80:b000::/36 maxlen: 64
2a13:df80:b400::/38 maxlen: 48
2a13:df80:b400::/38 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:00:c7:48:da:0f:50:a7:fa:61:c3:a2:9f:a7:c8:15:c7:64:f2:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 2 18:18:41 2024 GMT
Not After : Apr 1 18:23:41 2025 GMT
Subject: CN=BD921A486178362287394B666DD1487EDC8B6296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cb:fb:5c:7b:14:90:2c:46:22:e5:44:3d:b4:
8e:64:92:37:5f:fb:92:bc:e7:df:29:91:2b:fc:28:
3b:88:40:13:75:07:ac:0e:b3:87:4a:27:9b:a6:c1:
78:ee:d5:e4:59:d3:ce:ad:c7:29:ea:a3:ff:24:b4:
60:52:9d:67:7a:1d:f3:f8:af:2b:ab:4c:23:df:3e:
49:29:d6:35:a5:d9:05:bb:8f:c5:55:9d:a9:da:c1:
94:ab:63:c6:4e:ea:e1:88:d0:95:6f:f0:25:12:f8:
04:c8:ae:2f:fa:22:35:4b:79:77:bf:61:15:6f:47:
fc:c7:19:fe:92:8b:a2:35:e5:04:49:9e:cb:7d:1f:
c4:3a:20:a5:3d:af:0c:27:be:b7:83:26:ef:ab:80:
31:e7:f1:cc:4f:d9:db:c1:68:01:45:cc:f5:f3:e5:
1d:4f:3d:e3:f4:6a:3d:d2:50:7a:58:cb:bf:d4:6f:
c1:5a:0f:1a:dc:6b:ee:07:f8:41:c6:e5:eb:b0:82:
ef:34:5f:a3:11:94:1f:0b:c0:04:97:ca:c5:9e:08:
de:57:e4:fc:2f:ce:63:49:d3:41:60:ed:af:d9:6c:
90:1b:04:ff:91:12:05:d6:eb:80:ae:f5:f2:9e:96:
5c:a0:c9:67:9c:21:a5:27:44:4f:80:eb:4c:b4:db:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:92:1A:48:61:78:36:22:87:39:4B:66:6D:D1:48:7E:DC:8B:62:96
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:b000::/36
Signature Algorithm: sha256WithRSAEncryption
37:d8:43:68:53:8a:0c:8c:de:bf:2a:e1:b4:63:fb:86:dd:48:
a8:d6:65:6d:9a:0a:1b:dd:3e:74:ce:63:3a:af:3e:61:03:44:
8e:73:73:0c:d9:04:83:fb:ff:f7:e4:e5:78:d6:8e:8a:6c:bb:
06:6c:80:24:69:7b:08:d2:f0:4e:c9:bd:30:f3:41:a0:2c:44:
2d:87:4e:14:2e:65:b9:45:2f:7f:3c:e2:44:56:3d:d6:ef:fd:
76:4b:40:67:1b:44:b8:22:d9:ca:38:3e:eb:71:ee:9e:8f:cf:
93:9a:44:a4:cd:f1:2f:cf:f3:c8:ee:e9:c3:08:97:e8:cb:f9:
46:9e:1a:58:a5:d2:19:c8:53:be:5b:71:a6:42:cb:97:6c:aa:
bf:4d:cf:86:ad:a7:54:23:34:01:aa:f7:83:db:39:56:09:37:
b2:e5:92:90:30:74:b1:9e:10:32:d0:95:e5:9b:77:a2:44:75:
54:eb:44:76:0a:e6:b7:55:06:80:22:c5:5a:6b:a9:74:ff:bf:
f2:98:5c:1e:f9:22:4d:d9:75:ea:a9:bb:78:0a:f9:19:8c:1b:
d6:3d:23:dc:c5:27:e2:f9:7d:4f:4a:9d:27:41:f0:02:43:7c:
8d:07:82:00:e3:cc:4a:2e:22:73:91:63:60:b9:ae:53:30:0d:
74:ef:f5:12
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUSgDHSNoPUKf6YcOin6fIFcdk8owwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDIxODE4NDFaFw0yNTA0MDExODIzNDFaMDMxMTAvBgNV
BAMTKEJEOTIxQTQ4NjE3ODM2MjI4NzM5NEI2NjZERDE0ODdFREM4QjYyOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPy/tcexSQLEYi5UQ9tI5kkjdf
+5K8598pkSv8KDuIQBN1B6wOs4dKJ5umwXju1eRZ086txynqo/8ktGBSnWd6HfP4
ryurTCPfPkkp1jWl2QW7j8VVnanawZSrY8ZO6uGI0JVv8CUS+ATIri/6IjVLeXe/
YRVvR/zHGf6Si6I15QRJnst9H8Q6IKU9rwwnvreDJu+rgDHn8cxP2dvBaAFFzPXz
5R1PPeP0aj3SUHpYy7/Ub8FaDxrca+4H+EHG5euwgu80X6MRlB8LwASXysWeCN5X
5PwvzmNJ00Fg7a/ZbJAbBP+REgXW64Cu9fKellygyWecIaUnRE+A60y025BFAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUvZIaSGF4NiKHOUtmbdFIftyLYpYwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk3NDM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhPf
gLAwDQYJKoZIhvcNAQELBQADggEBADfYQ2hTigyM3r8q4bRj+4bdSKjWZW2aChvd
PnTOYzqvPmEDRI5zcwzZBIP7//fk5XjWjopsuwZsgCRpewjS8E7JvTDzQaAsRC2H
ThQuZblFL3884kRWPdbv/XZLQGcbRLgi2co4Putx7p6Pz5OaRKTN8S/P88ju6cMI
l+jL+UaeGlil0hnIU75bcaZCy5dsqr9Nz4atp1QjNAGq94PbOVYJN7LlkpAwdLGe
EDLQleWbd6JEdVTrRHYK5rdVBoAixVprqXT/v/KYXB75Ik3Zdeqpu3gK+RmMG9Y9
I9zFJ+L5fU9KnSdB8AJDfI0HggDjzEouInORY2C5rlMwDXTv9RI=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org