Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197710.roa
File: AS197710.roa (raw, json)
Hash identifier: /pVg6yBiGAArQaGqqQtYnfE91Yh7qwcIMQOIbRKa4lI=
Subject key identifier: DB:1D:B6:89:81:A7:90:35:B5:E8:0C:31:DE:35:7F:0B:5D:DB:33:EC
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4C676D2894824F30FDFA0BA510B70040183A4586
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197710.roa
Signing time: Wed 20 Dec 2023 16:21:52 +0000
ROA not before: Wed 20 Dec 2023 16:16:52 +0000
ROA not after: Wed 18 Dec 2024 16:21:52 +0000
asID: 197710
IP address blocks: 2a13:df80:f::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:67:6d:28:94:82:4f:30:fd:fa:0b:a5:10:b7:00:40:18:3a:45:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:52 2023 GMT
Not After : Dec 18 16:21:52 2024 GMT
Subject: CN=DB1DB68981A79035B5E80C31DE357F0B5DDB33EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4f:22:fd:49:38:f6:7b:a7:9c:77:64:5f:af:
1c:a4:46:3c:3f:4a:42:4b:47:4a:02:01:70:91:a0:
b2:35:6e:f5:c0:da:13:68:6f:f4:97:30:9e:63:9c:
22:38:05:d6:7d:10:ef:30:02:aa:6b:69:4b:22:cc:
53:c6:a5:0c:f6:e1:8e:cd:4d:3d:9a:a7:e1:e8:05:
46:5a:22:83:ca:cf:61:01:db:a2:26:0d:2c:82:db:
73:d2:da:0a:b8:f5:a0:55:fa:2c:ba:22:f8:42:0e:
34:29:3c:27:b2:a3:55:1e:91:af:9d:81:55:e5:a1:
ba:57:43:8f:a3:e6:e5:16:fa:fe:81:e4:e5:f1:fc:
70:34:25:28:35:17:5e:d7:c4:2a:b3:b6:35:86:17:
3a:eb:70:4d:9d:20:d5:21:fb:cb:e2:bf:67:86:2d:
d2:a8:b6:e3:10:84:74:9d:50:7f:4a:7c:d8:67:91:
29:03:7f:8b:ee:68:c6:8f:a0:68:da:df:c0:5d:50:
6b:e9:48:08:5b:af:6a:a2:49:13:a5:ed:c6:eb:a7:
24:d3:71:fd:0e:a8:77:fd:87:f2:75:49:95:2e:33:
a7:db:08:b0:89:a9:00:b1:72:91:45:10:a6:3b:70:
65:c8:72:7f:fc:25:b7:6c:f2:38:97:8e:dd:db:04:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1D:B6:89:81:A7:90:35:B5:E8:0C:31:DE:35:7F:0B:5D:DB:33:EC
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197710.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:f::/48
Signature Algorithm: sha256WithRSAEncryption
c9:d9:96:28:ef:47:b4:ef:b8:04:31:8c:db:c3:4a:da:bb:dd:
28:e2:42:88:c3:19:83:0b:03:c5:be:4c:79:8b:73:70:55:19:
e0:3b:eb:51:38:96:fd:e8:1a:af:c1:77:b3:c2:48:cc:43:77:
b5:d0:05:0d:af:8b:2c:59:a4:a3:9f:0e:b5:70:8a:f3:6d:08:
cb:e3:5f:8a:6d:8b:24:ee:45:a9:67:2e:2b:6d:2a:3c:0d:33:
a4:fc:1b:5b:3d:6b:77:14:a3:89:9f:7e:17:c2:a0:8c:2d:19:
74:a9:86:d4:f2:51:ba:75:5e:35:74:b5:91:7d:95:bf:bc:16:
fa:bd:f7:af:50:cc:53:b7:c1:b6:32:12:93:cc:ee:a9:b9:6c:
8e:74:58:39:01:11:2b:ec:78:51:1c:b5:ae:e9:5c:3f:1b:a2:
67:66:14:f8:8d:c1:72:42:3a:51:dd:88:bd:f5:8d:1a:d9:52:
bb:64:5a:25:f1:ab:fa:2d:47:31:22:99:8e:5e:79:1d:fe:ff:
2f:bf:8b:53:5c:23:b0:37:54:51:30:5d:ec:e4:a8:af:91:35:
ab:54:51:11:17:57:2f:c6:4d:52:be:7d:e8:bd:2d:69:e5:e1:
38:30:24:99:47:d6:6d:ed:1d:be:5c:29:cb:72:4b:6c:11:f2:
97:30:15:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTGdtKJSCTzD9+gulELcAQBg6RYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTJaFw0yNDEyMTgxNjIxNTJaMDMxMTAvBgNV
BAMTKERCMURCNjg5ODFBNzkwMzVCNUU4MEMzMURFMzU3RjBCNUREQjMzRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKTyL9STj2e6ecd2RfrxykRjw/
SkJLR0oCAXCRoLI1bvXA2hNob/SXMJ5jnCI4BdZ9EO8wAqpraUsizFPGpQz24Y7N
TT2ap+HoBUZaIoPKz2EB26ImDSyC23PS2gq49aBV+iy6IvhCDjQpPCeyo1Ueka+d
gVXlobpXQ4+j5uUW+v6B5OXx/HA0JSg1F17XxCqztjWGFzrrcE2dINUh+8viv2eG
LdKotuMQhHSdUH9KfNhnkSkDf4vuaMaPoGja38BdUGvpSAhbr2qiSROl7cbrpyTT
cf0OqHf9h/J1SZUuM6fbCLCJqQCxcpFFEKY7cGXIcn/8Jbds8jiXjt3bBMcpAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU2x22iYGnkDW16Awx3jV/C13bM+wwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk3NzEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gAAPMA0GCSqGSIb3DQEBCwUAA4IBAQDJ2ZYo70e077gEMYzbw0rau90o4kKIwxmD
CwPFvkx5i3NwVRngO+tROJb96BqvwXezwkjMQ3e10AUNr4ssWaSjnw61cIrzbQjL
41+KbYsk7kWpZy4rbSo8DTOk/BtbPWt3FKOJn34XwqCMLRl0qYbU8lG6dV41dLWR
fZW/vBb6vfevUMxTt8G2MhKTzO6puWyOdFg5AREr7HhRHLWu6Vw/G6JnZhT4jcFy
QjpR3Yi99Y0a2VK7ZFol8av6LUcxIpmOXnkd/v8vv4tTXCOwN1RRMF3s5KivkTWr
VFERF1cvxk1Svn3ovS1p5eE4MCSZR9Zt7R2+XCnLcktsEfKXMBUF
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org