Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197477.roa
File: AS197477.roa (raw, json)
Hash identifier: eAp3tPv0C+y6U17vhI2ck2tPvllrDRUtYKyaS4Wilgs=
Subject key identifier: A7:93:E4:F5:99:2A:71:54:C3:19:BE:5D:2B:DC:A3:75:43:3E:BB:9A
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 06814A0CD2C785D84198A3BCBAEAE9D0802DAAA3
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197477.roa
Signing time: Wed 20 Dec 2023 16:22:17 +0000
ROA not before: Wed 20 Dec 2023 16:17:17 +0000
ROA not after: Wed 18 Dec 2024 16:22:17 +0000
asID: 197477
IP address blocks: 2a13:df80:1300::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:81:4a:0c:d2:c7:85:d8:41:98:a3:bc:ba:ea:e9:d0:80:2d:aa:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:17 2023 GMT
Not After : Dec 18 16:22:17 2024 GMT
Subject: CN=A793E4F5992A7154C319BE5D2BDCA375433EBB9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:97:64:40:c6:de:40:a4:51:42:cf:6b:d6:
f5:c7:b7:5e:44:7f:14:e9:43:64:85:ea:27:a2:7f:
94:ea:51:60:bb:21:b8:9e:61:08:56:60:26:b6:9c:
83:6f:b3:e5:24:42:0f:7b:d8:12:e4:89:51:e5:d0:
15:72:68:61:16:82:b0:60:1c:69:bd:e5:2f:b3:15:
93:f0:33:0c:2b:b9:ad:0c:a8:8a:45:2e:65:5e:99:
bf:5e:60:c4:ff:12:7f:71:2c:68:ab:57:e6:6a:28:
7c:77:fb:62:bc:48:cf:97:57:53:a9:40:ee:1a:3a:
a3:03:59:1c:49:df:03:f8:5b:56:0f:9e:28:6e:a0:
e2:20:1d:18:e7:d6:48:d9:61:e0:f8:33:0d:ce:ef:
b3:f0:bb:17:0e:86:fe:8c:61:fb:de:fd:39:f0:d4:
f4:e4:35:0c:f9:4b:c4:ff:34:9d:e9:f2:a1:05:a9:
47:21:6d:b2:d8:26:8f:fd:e0:8b:4e:be:c1:e5:f3:
a6:94:c1:65:e2:b3:99:54:4a:85:ca:71:65:fe:c9:
9c:bd:cb:bf:11:65:05:d7:ee:60:14:d0:f3:d2:ec:
c0:7e:a1:fb:5c:5f:44:25:7b:a7:90:1c:2c:f4:59:
64:df:fe:4d:89:27:ab:be:17:ca:49:32:cf:3c:32:
21:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:93:E4:F5:99:2A:71:54:C3:19:BE:5D:2B:DC:A3:75:43:3E:BB:9A
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197477.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1300::/44
Signature Algorithm: sha256WithRSAEncryption
90:19:2a:f9:a3:4f:d8:05:7e:82:8d:41:3a:f5:1f:02:b5:5e:
86:f4:9e:71:1f:7e:1a:67:c0:fa:02:04:76:15:d6:08:b1:ad:
e6:fd:4a:bb:eb:74:69:fd:cc:6f:ea:51:77:15:12:30:ff:74:
29:83:bc:98:15:bc:f9:36:07:ca:a4:f3:1d:e7:9a:98:db:b3:
2d:59:0b:d2:07:46:d1:e9:37:ca:f5:d9:22:ff:0c:84:a4:8f:
6f:6c:76:a9:2e:24:61:de:77:93:88:d0:86:b3:76:62:ab:03:
ed:04:29:89:b2:3b:0c:a0:47:a2:f4:cd:9c:4d:cd:13:bf:20:
f2:ab:c6:ae:97:ce:1e:54:b5:33:ff:60:7f:ce:5e:15:e2:11:
1b:ce:3b:64:df:ff:c4:f7:d9:15:44:e5:ab:0e:4c:d8:f4:06:
4c:db:f1:e2:4b:f7:b7:b4:ab:b6:10:5b:55:5b:09:12:b5:f4:
a3:5f:9f:78:e0:23:f1:b7:25:9a:0a:34:7a:59:77:fc:2d:5a:
8e:7f:5e:b8:b8:86:bf:89:b7:1c:7e:ee:c8:68:37:58:b6:a6:
83:4f:1f:1e:71:bf:dc:95:c1:86:23:8c:d7:6c:e0:32:7e:31:
13:e5:64:5e:ba:da:84:f0:fa:bd:a2:26:59:48:15:11:47:79:
0f:cc:24:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUBoFKDNLHhdhBmKO8uurp0IAtqqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTdaFw0yNDEyMTgxNjIyMTdaMDMxMTAvBgNV
BAMTKEE3OTNFNEY1OTkyQTcxNTRDMzE5QkU1RDJCRENBMzc1NDMzRUJCOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxD5dkQMbeQKRRQs9r1vXHt15E
fxTpQ2SF6ieif5TqUWC7IbieYQhWYCa2nINvs+UkQg972BLkiVHl0BVyaGEWgrBg
HGm95S+zFZPwMwwrua0MqIpFLmVemb9eYMT/En9xLGirV+ZqKHx3+2K8SM+XV1Op
QO4aOqMDWRxJ3wP4W1YPnihuoOIgHRjn1kjZYeD4Mw3O77PwuxcOhv6MYfve/Tnw
1PTkNQz5S8T/NJ3p8qEFqUchbbLYJo/94ItOvsHl86aUwWXis5lUSoXKcWX+yZy9
y78RZQXX7mAU0PPS7MB+oftcX0Qle6eQHCz0WWTf/k2JJ6u+F8pJMs88MiEXAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUp5Pk9ZkqcVTDGb5dK9yjdUM+u5owHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk3NDc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gBMAMA0GCSqGSIb3DQEBCwUAA4IBAQCQGSr5o0/YBX6CjUE69R8CtV6G9J5xH34a
Z8D6AgR2FdYIsa3m/Uq763Rp/cxv6lF3FRIw/3Qpg7yYFbz5NgfKpPMd55qY27Mt
WQvSB0bR6TfK9dki/wyEpI9vbHapLiRh3neTiNCGs3ZiqwPtBCmJsjsMoEei9M2c
Tc0TvyDyq8aul84eVLUz/2B/zl4V4hEbzjtk3//E99kVROWrDkzY9AZM2/HiS/e3
tKu2EFtVWwkStfSjX5944CPxtyWaCjR6WXf8LVqOf164uIa/ibccfu7IaDdYtqaD
Tx8ecb/clcGGI4zXbOAyfjET5WReutqE8Pq9oiZZSBURR3kPzCRk
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org