Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198075.roa
File: AS198075.roa (raw, json)
Hash identifier: 5xnJ4xTfpkVvvatpYMhnOjVEvzyrpg3lg0HCRMXcvkM=
Subject key identifier: 33:AE:D8:6B:15:FC:B5:BC:7A:94:6D:9E:63:84:A9:97:8E:C5:62:63
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2D876F8247AE51DDE8F727DB31D1F0957FA7EA92
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198075.roa
Signing time: Wed 20 Dec 2023 16:22:25 +0000
ROA not before: Wed 20 Dec 2023 16:17:25 +0000
ROA not after: Wed 18 Dec 2024 16:22:25 +0000
asID: 198075
IP address blocks: 2a13:df80:800::/38 maxlen: 38
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:87:6f:82:47:ae:51:dd:e8:f7:27:db:31:d1:f0:95:7f:a7:ea:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:25 2023 GMT
Not After : Dec 18 16:22:25 2024 GMT
Subject: CN=33AED86B15FCB5BC7A946D9E6384A9978EC56263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:d3:33:df:b0:c9:b7:41:1d:d9:29:16:7f:
ee:c1:a0:26:2f:b0:a9:63:31:30:88:72:82:87:4e:
c9:0d:1b:02:88:a4:27:49:c9:02:db:7a:02:c5:a5:
ca:73:6e:b0:77:40:b6:98:cb:ad:8e:c3:c5:8c:56:
cf:de:ff:3f:98:76:cc:88:3d:14:d5:bd:14:d4:dc:
b6:28:89:2a:c0:25:01:ed:9e:94:d1:9a:db:ab:0c:
2c:e3:05:1d:02:2d:9d:ff:d9:b6:e8:ea:ca:b8:78:
97:17:0a:61:7f:85:50:5f:de:a6:89:9d:c6:e0:b0:
41:d9:dd:16:5b:6e:36:de:0c:44:7f:fb:6d:e6:13:
ac:bb:ad:5e:63:05:0d:98:31:64:16:48:bb:73:6b:
02:39:95:3b:1b:4c:44:31:ea:fc:bb:bb:5a:03:88:
1c:20:57:ed:cc:db:15:a3:9c:5c:59:48:32:3a:a7:
3b:3b:c7:78:f6:74:89:92:20:84:39:fb:6b:29:a0:
7b:a9:1a:8b:75:b3:6c:22:e1:b4:68:d3:98:be:7f:
30:ea:5d:68:61:97:12:df:c8:57:c7:38:96:56:e0:
74:43:d5:4d:b6:eb:21:51:e2:6b:7e:52:18:89:19:
7d:f9:0d:6d:ae:8d:d6:6d:58:48:30:76:ad:1f:cd:
7f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AE:D8:6B:15:FC:B5:BC:7A:94:6D:9E:63:84:A9:97:8E:C5:62:63
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198075.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:800::/38
Signature Algorithm: sha256WithRSAEncryption
aa:1d:7b:7f:cd:7a:5f:8c:d4:fc:35:ef:9f:38:52:cc:c5:4e:
54:78:2b:15:c4:6e:f0:3e:6a:6f:0e:11:4c:65:f8:e8:9c:53:
92:ad:2e:91:18:2c:8f:ae:75:df:98:93:fc:c1:18:c8:4e:63:
ff:42:c5:46:b6:95:36:fe:9f:c0:05:0c:f6:b5:8a:ea:06:a7:
d4:3b:16:fa:08:4e:4b:12:64:81:7b:3e:b8:54:b6:87:44:a3:
43:e4:bb:e4:2e:8f:34:3c:15:63:ab:91:87:40:ac:68:a5:ee:
1a:01:56:e6:a4:5b:b3:11:fa:9e:9a:28:89:8d:f9:45:bd:fe:
0a:e9:9b:95:1e:f2:b8:d8:0f:8d:53:7f:e7:5c:77:73:e1:e1:
d3:de:5a:8f:04:de:e3:0b:01:d3:6d:37:81:8d:2c:c8:81:96:
ad:a8:04:d3:b3:50:1f:c1:c5:b9:dc:9e:dc:7e:8b:69:12:67:
87:70:4f:9a:6a:2d:2d:cc:09:fc:39:00:0c:4f:14:89:22:c0:
3e:9c:8f:f6:ef:49:de:c6:8e:29:c2:b0:da:a2:e8:dd:55:74:
16:a9:87:e4:13:b9:d5:37:fd:b5:7c:cd:d1:91:a5:30:27:db:
54:1d:5c:6e:37:89:bf:d2:6d:11:e5:f5:34:1b:ae:ed:49:fb:
dc:db:5e:24
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIULYdvgkeuUd3o9yfbMdHwlX+n6pIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjVaFw0yNDEyMTgxNjIyMjVaMDMxMTAvBgNV
BAMTKDMzQUVEODZCMTVGQ0I1QkM3QTk0NkQ5RTYzODRBOTk3OEVDNTYyNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOdMz37DJt0Ed2SkWf+7BoCYv
sKljMTCIcoKHTskNGwKIpCdJyQLbegLFpcpzbrB3QLaYy62Ow8WMVs/e/z+YdsyI
PRTVvRTU3LYoiSrAJQHtnpTRmturDCzjBR0CLZ3/2bbo6sq4eJcXCmF/hVBf3qaJ
ncbgsEHZ3RZbbjbeDER/+23mE6y7rV5jBQ2YMWQWSLtzawI5lTsbTEQx6vy7u1oD
iBwgV+3M2xWjnFxZSDI6pzs7x3j2dImSIIQ5+2spoHupGot1s2wi4bRo05i+fzDq
XWhhlxLfyFfHOJZW4HRD1U226yFR4mt+UhiJGX35DW2ujdZtWEgwdq0fzX+5AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUM67YaxX8tbx6lG2eY4Spl47FYmMwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk4MDc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
gAgwDQYJKoZIhvcNAQELBQADggEBAKode3/Nel+M1Pw17584UszFTlR4KxXEbvA+
am8OEUxl+OicU5KtLpEYLI+udd+Yk/zBGMhOY/9CxUa2lTb+n8AFDPa1iuoGp9Q7
FvoITksSZIF7PrhUtodEo0Pku+QujzQ8FWOrkYdArGil7hoBVuakW7MR+p6aKImN
+UW9/grpm5Ue8rjYD41Tf+dcd3Ph4dPeWo8E3uMLAdNtN4GNLMiBlq2oBNOzUB/B
xbncntx+i2kSZ4dwT5pqLS3MCfw5AAxPFIkiwD6cj/bvSd7GjinCsNqi6N1VdBap
h+QTudU3/bV8zdGRpTAn21QdXG43ib/SbRHl9TQbru1J+9zbXiQ=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org