Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199705.roa
File: AS199705.roa (raw, json)
Hash identifier: hQD75Ue8isUdCa5JS/ULDpmuGj1CoOqzL+aPOUJQF58=
Subject key identifier: BE:E9:B3:80:9B:FA:DB:69:E8:ED:97:61:AC:DA:86:3A:AF:28:01:92
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3C1A213AFD369A37CBF254DD510133D5364328E6
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199705.roa
Signing time: Wed 20 Dec 2023 16:21:39 +0000
ROA not before: Wed 20 Dec 2023 16:16:39 +0000
ROA not after: Wed 18 Dec 2024 16:21:39 +0000
asID: 199705
IP address blocks: 2a13:df80:6806::/48 maxlen: 48
2a13:df80:6807::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:1a:21:3a:fd:36:9a:37:cb:f2:54:dd:51:01:33:d5:36:43:28:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:39 2023 GMT
Not After : Dec 18 16:21:39 2024 GMT
Subject: CN=BEE9B3809BFADB69E8ED9761ACDA863AAF280192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:14:65:88:95:f3:19:8f:64:8a:f0:e5:d4:e9:
2d:c4:b7:c9:47:0e:6b:8a:3a:b1:38:2e:b7:ba:c3:
0e:70:59:aa:92:02:db:4b:54:97:81:8e:70:76:66:
ad:e1:76:e1:70:22:18:af:c4:0a:5c:9a:0f:bf:24:
c0:29:3f:dd:74:b7:33:6e:b7:b8:43:fb:07:20:db:
66:d9:1e:6e:c1:05:31:12:10:65:ca:f5:8a:d6:5a:
ce:62:9c:6c:04:cb:fd:60:d1:a4:50:55:ee:49:37:
eb:80:e5:54:f7:24:3a:7c:d3:98:61:0f:f0:c4:b6:
cf:cf:a4:b3:dd:68:79:81:7a:ef:2b:9d:08:cb:00:
23:31:94:ef:25:9f:a6:b2:c2:76:b8:55:75:34:70:
df:c0:1e:d0:17:80:d3:55:1b:ea:2d:ee:20:52:f5:
49:77:1b:65:3d:2c:e3:34:25:c9:aa:b9:dd:64:83:
89:12:73:db:d9:fa:0b:83:11:e6:30:82:53:aa:61:
ba:7a:0c:b9:25:1d:ab:c7:05:77:4f:e9:66:6a:f1:
01:12:f6:c7:41:3b:4b:d7:be:80:f8:d8:4d:a1:51:
02:6b:f7:27:18:67:f6:be:c9:f3:12:49:2d:c1:02:
53:0e:06:00:b6:d4:fe:60:89:33:d1:0d:c4:a6:ef:
2e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E9:B3:80:9B:FA:DB:69:E8:ED:97:61:AC:DA:86:3A:AF:28:01:92
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199705.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:6806::/47
Signature Algorithm: sha256WithRSAEncryption
46:4c:71:14:9b:b5:be:56:83:00:cc:6d:e3:bb:28:7d:44:8a:
02:19:c6:c1:e0:cc:2c:2a:0d:27:37:81:a1:a4:a9:cd:14:9d:
03:6b:77:70:bc:71:41:27:f1:1e:46:74:a2:31:1e:29:d7:0c:
95:6b:1c:66:4e:25:3a:1c:f0:43:6b:31:cd:5d:23:b1:ac:89:
63:82:6d:48:fb:5a:54:ba:b8:a3:24:a6:20:8f:4d:73:88:65:
f9:a5:d9:0f:d6:a6:c1:1f:10:fd:29:07:80:57:c5:dd:fe:40:
49:7a:8b:52:d6:15:92:5a:91:f2:4e:59:31:61:92:4e:3c:9f:
70:38:1b:c3:2b:c3:c7:f6:67:0c:23:ad:9b:9a:d6:42:3a:ea:
1e:1c:e2:0c:75:fb:34:f9:9f:29:ec:09:d5:5b:58:45:cc:41:
10:7f:78:68:b6:89:93:03:22:e7:4c:3b:c5:b0:5b:fd:d9:61:
1e:ba:12:2e:b1:31:fa:6f:8d:98:15:aa:7f:ff:28:d8:64:64:
7e:8b:a6:f6:94:1a:27:58:e7:37:e9:17:0d:b4:41:86:ad:b0:
e4:e1:0b:66:be:79:d8:fd:45:fb:80:52:90:e7:da:59:9e:ab:
68:d0:8f:2a:81:14:6a:8e:a7:ac:40:34:ef:87:c0:7f:41:2c:
44:70:d6:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUPBohOv02mjfL8lTdUQEz1TZDKOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzlaFw0yNDEyMTgxNjIxMzlaMDMxMTAvBgNV
BAMTKEJFRTlCMzgwOUJGQURCNjlFOEVEOTc2MUFDREE4NjNBQUYyODAxOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcFGWIlfMZj2SK8OXU6S3Et8lH
DmuKOrE4Lre6ww5wWaqSAttLVJeBjnB2Zq3hduFwIhivxApcmg+/JMApP910tzNu
t7hD+wcg22bZHm7BBTESEGXK9YrWWs5inGwEy/1g0aRQVe5JN+uA5VT3JDp805hh
D/DEts/PpLPdaHmBeu8rnQjLACMxlO8ln6aywna4VXU0cN/AHtAXgNNVG+ot7iBS
9Ul3G2U9LOM0Jcmqud1kg4kSc9vZ+guDEeYwglOqYbp6DLklHavHBXdP6WZq8QES
9sdBO0vXvoD42E2hUQJr9ycYZ/a+yfMSSS3BAlMOBgC21P5giTPRDcSm7y4fAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUvumzgJv622no7ZdhrNqGOq8oAZIwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk5NzA1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhPf
gGgGMA0GCSqGSIb3DQEBCwUAA4IBAQBGTHEUm7W+VoMAzG3juyh9RIoCGcbB4Mws
Kg0nN4GhpKnNFJ0Da3dwvHFBJ/EeRnSiMR4p1wyVaxxmTiU6HPBDazHNXSOxrIlj
gm1I+1pUurijJKYgj01ziGX5pdkP1qbBHxD9KQeAV8Xd/kBJeotS1hWSWpHyTlkx
YZJOPJ9wOBvDK8PH9mcMI62bmtZCOuoeHOIMdfs0+Z8p7AnVW1hFzEEQf3hotomT
AyLnTDvFsFv92WEeuhIusTH6b42YFap//yjYZGR+i6b2lBonWOc36RcNtEGGrbDk
4QtmvnnY/UX7gFKQ59pZnqto0I8qgRRqjqesQDTvh8B/QSxEcNaX
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org