Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198480.roa
File: AS198480.roa (raw, json)
Hash identifier: lGPC/Eka3CXzze5H249F4ov/Zjer2r9WupeC3IHnl2g=
Subject key identifier: E6:64:4F:83:71:8A:C9:7D:0F:1E:51:C3:57:B8:BA:7C:0E:19:32:85
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 5BC18741DCB428023912C684B923CEBD45F82DB8
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198480.roa
Signing time: Wed 20 Dec 2023 16:22:27 +0000
ROA not before: Wed 20 Dec 2023 16:17:27 +0000
ROA not after: Wed 18 Dec 2024 16:22:27 +0000
asID: 198480
IP address blocks: 2a13:df80:13f9::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:c1:87:41:dc:b4:28:02:39:12:c6:84:b9:23:ce:bd:45:f8:2d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:27 2023 GMT
Not After : Dec 18 16:22:27 2024 GMT
Subject: CN=E6644F83718AC97D0F1E51C357B8BA7C0E193285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:d0:88:df:67:ba:fb:8a:fc:18:3d:d7:50:
fc:20:a1:a5:ef:89:52:2c:5e:ae:ae:39:3a:42:64:
fc:f0:e8:55:e8:72:2c:37:7f:66:e5:9a:7b:9c:f1:
45:6f:de:1a:49:b7:41:f4:3d:5c:ea:e3:5f:7a:23:
ba:4f:da:57:62:ce:aa:6a:c3:b2:fd:f8:70:f0:df:
86:e8:a8:5e:fc:5f:d9:31:67:80:40:83:e7:7f:09:
41:c1:30:79:99:29:44:58:8a:a8:08:5e:df:c3:c3:
a1:5f:d5:87:94:5f:71:bd:ef:ce:c5:d4:c0:0f:21:
14:12:9f:25:5b:54:cb:66:5c:7c:bf:71:7e:e6:71:
d5:28:a9:09:c0:49:71:b9:a9:15:90:10:bd:fb:a3:
ff:01:f3:2f:f4:07:9a:2f:28:72:ad:a6:90:c4:4d:
39:ee:a4:59:c2:78:b2:eb:ef:26:40:f5:df:42:bd:
c0:d9:3e:d2:63:00:13:ce:3c:d6:d0:90:22:07:50:
3b:2a:ac:96:28:97:10:53:24:3e:37:d6:f9:e4:f2:
c4:6d:70:71:7c:01:fd:49:67:4e:16:5e:9b:a1:30:
63:59:76:d0:a1:5c:ef:7a:a0:77:f7:f1:2f:16:55:
6d:09:42:88:dd:85:41:43:c2:b7:63:fe:86:e0:16:
96:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:64:4F:83:71:8A:C9:7D:0F:1E:51:C3:57:B8:BA:7C:0E:19:32:85
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS198480.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:13f9::/48
Signature Algorithm: sha256WithRSAEncryption
2f:68:ba:f4:87:0b:f2:2c:8c:66:00:59:2e:e5:11:3e:2f:8d:
63:14:87:b6:0d:27:8c:87:4c:ac:be:7a:19:1c:09:6b:e8:22:
48:aa:03:de:97:00:69:2b:a9:04:dc:92:0f:ba:cf:71:b4:78:
d9:47:86:61:f9:4e:d9:56:67:fd:b5:6d:9c:c3:54:f9:31:d8:
a7:50:f4:36:22:8b:fc:7b:cc:ea:56:b9:ac:44:2f:e5:b8:37:
cc:92:6a:24:19:f0:04:4f:c4:57:e8:61:23:1d:10:fc:2c:45:
09:3e:d5:9c:68:88:d9:11:b1:53:2d:90:f5:8b:f9:19:2b:31:
dc:28:e6:ea:1a:b2:8c:a3:ae:b3:a0:a7:f1:e5:50:0b:f2:d6:
b3:bc:5e:93:37:3e:2b:92:19:07:5d:2b:d7:cf:ee:9c:34:39:
08:94:cb:a9:fc:9f:e9:ea:fd:e6:20:94:ad:4f:05:50:fc:ca:
1c:e6:e2:43:ee:d8:a4:ac:ce:fc:3e:e6:02:4e:ce:8c:4e:20:
f5:1b:05:56:16:cd:e5:56:62:5d:19:f6:c0:e8:b6:70:db:96:
78:a5:11:c9:54:f9:f9:a7:c2:c5:68:19:e0:af:95:1a:b4:71:
7a:58:d4:40:3a:a0:36:91:38:70:74:b2:3a:70:7a:a8:0f:0b:
82:85:63:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUW8GHQdy0KAI5EsaEuSPOvUX4LbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjdaFw0yNDEyMTgxNjIyMjdaMDMxMTAvBgNV
BAMTKEU2NjQ0RjgzNzE4QUM5N0QwRjFFNTFDMzU3QjhCQTdDMEUxOTMyODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiq9CI32e6+4r8GD3XUPwgoaXv
iVIsXq6uOTpCZPzw6FXociw3f2blmnuc8UVv3hpJt0H0PVzq4196I7pP2ldizqpq
w7L9+HDw34boqF78X9kxZ4BAg+d/CUHBMHmZKURYiqgIXt/Dw6Ff1YeUX3G9787F
1MAPIRQSnyVbVMtmXHy/cX7mcdUoqQnASXG5qRWQEL37o/8B8y/0B5ovKHKtppDE
TTnupFnCeLLr7yZA9d9CvcDZPtJjABPOPNbQkCIHUDsqrJYolxBTJD431vnk8sRt
cHF8Af1JZ04WXpuhMGNZdtChXO96oHf38S8WVW0JQojdhUFDwrdj/obgFpaBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU5mRPg3GKyX0PHlHDV7i6fA4ZMoUwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk4NDgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gBP5MA0GCSqGSIb3DQEBCwUAA4IBAQAvaLr0hwvyLIxmAFku5RE+L41jFIe2DSeM
h0ysvnoZHAlr6CJIqgPelwBpK6kE3JIPus9xtHjZR4Zh+U7ZVmf9tW2cw1T5Mdin
UPQ2Iov8e8zqVrmsRC/luDfMkmokGfAET8RX6GEjHRD8LEUJPtWcaIjZEbFTLZD1
i/kZKzHcKObqGrKMo66zoKfx5VAL8tazvF6TNz4rkhkHXSvXz+6cNDkIlMup/J/p
6v3mIJStTwVQ/Moc5uJD7tikrM78PuYCTs6MTiD1GwVWFs3lVmJdGfbA6LZw25Z4
pRHJVPn5p8LFaBngr5UatHF6WNRAOqA2kThwdLI6cHqoDwuChWMb
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org