Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199707.roa
File: AS199707.roa (raw, json)
Hash identifier: F1YYGrSB4GhTRFsYHlr+ig4pROAbbYevsze5wxLa114=
Subject key identifier: DD:05:A4:BF:4D:3C:DD:7D:A9:A4:34:9A:9D:33:6F:CB:4C:A0:4A:10
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0863911683625812DE9C25166CCEAE18AE73D7BB
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199707.roa
Signing time: Wed 17 Apr 2024 01:29:01 +0000
ROA not before: Wed 17 Apr 2024 01:24:01 +0000
ROA not after: Wed 16 Apr 2025 01:29:01 +0000
asID: 199707
IP address blocks: 2a13:df80:4600::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:63:91:16:83:62:58:12:de:9c:25:16:6c:ce:ae:18:ae:73:d7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 17 01:24:01 2024 GMT
Not After : Apr 16 01:29:01 2025 GMT
Subject: CN=DD05A4BF4D3CDD7DA9A4349A9D336FCB4CA04A10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:08:6d:fc:02:27:4a:b9:da:1e:97:89:ed:82:
b2:20:15:35:3c:72:e4:be:50:00:de:ae:12:24:44:
f3:8b:4a:c1:ec:59:a0:55:c7:87:21:33:e2:27:1f:
3d:6b:5c:dc:79:c2:5e:19:f9:53:d1:26:fd:3a:2d:
2d:81:56:fd:01:87:b3:00:29:28:a5:5c:af:ca:c9:
7b:5b:ac:ef:31:e1:72:65:c5:1f:dc:8d:ff:8f:b8:
27:64:ba:6e:36:f3:a7:e9:4c:44:30:bc:f8:ef:e6:
d0:84:24:a4:ae:04:dd:01:ed:d7:31:27:57:f3:d1:
b7:f6:34:24:e0:bd:a0:45:c6:bc:e3:5d:90:93:25:
0a:4a:c1:ae:42:da:d7:00:54:b2:0e:2a:38:03:d1:
e2:43:4f:f0:e6:9c:7e:a8:55:e8:0b:c0:f0:9b:30:
db:df:ef:07:dd:95:6a:c8:19:5c:31:b0:da:02:f1:
a6:a8:47:ec:5e:4d:77:73:54:ec:da:1e:6b:98:d8:
95:73:60:d0:2d:0e:ca:4a:b3:f8:14:84:47:82:5d:
31:d1:ce:fe:1d:f5:77:ae:26:fb:3a:7d:e0:af:14:
a6:a5:ac:60:1d:cc:ff:c3:42:5f:c4:33:7e:dd:d8:
38:71:da:c7:82:e0:9f:83:91:0c:2c:02:7d:36:20:
2c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:05:A4:BF:4D:3C:DD:7D:A9:A4:34:9A:9D:33:6F:CB:4C:A0:4A:10
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199707.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:4600::/40
Signature Algorithm: sha256WithRSAEncryption
a3:10:fa:e8:54:8a:ec:aa:f5:de:67:db:e7:d3:a7:ff:c5:be:
ca:e2:48:a9:84:95:b6:b4:ca:a7:95:53:c0:30:46:ec:c9:a5:
8b:96:39:f8:32:4a:7d:7f:72:db:19:87:a4:7b:e8:af:1d:ec:
1e:29:6b:06:c0:6c:57:fc:90:9f:23:cf:e1:10:59:6a:ff:bf:
91:67:5a:56:67:99:ec:97:bd:bf:b0:de:74:1c:61:10:72:34:
d8:3e:ee:a4:50:8a:54:4a:4c:fc:af:ff:4a:68:a5:c7:9e:a3:
0b:7b:95:59:96:61:6f:0d:a6:7a:47:c7:09:2d:f3:b2:b9:66:
41:ba:c0:d8:d1:8f:1a:d2:16:a3:41:4c:bc:df:09:1a:db:1d:
00:c5:f4:37:f0:b6:97:43:a9:44:39:a4:5f:ef:79:40:67:0d:
2c:3e:87:ab:9e:ae:a4:12:a1:73:3e:b3:a8:3c:09:53:67:47:
e4:80:e8:b6:a6:51:f7:0f:70:cb:88:8f:66:6d:f5:bc:66:3f:
9b:a3:ed:5d:5e:42:6c:1f:72:27:ce:e7:42:d8:c1:bf:fb:8a:
8d:d9:2c:50:8f:a4:48:d1:a9:7a:23:6a:fe:37:a2:b9:0b:53:
1d:17:b0:8c:47:9f:ce:06:57:82:6d:fc:48:10:84:8b:e2:97:
87:02:9f:75
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUCGORFoNiWBLenCUWbM6uGK5z17swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MTcwMTI0MDFaFw0yNTA0MTYwMTI5MDFaMDMxMTAvBgNV
BAMTKEREMDVBNEJGNEQzQ0REN0RBOUE0MzQ5QTlEMzM2RkNCNENBMDRBMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkCG38AidKudoel4ntgrIgFTU8
cuS+UADerhIkRPOLSsHsWaBVx4chM+InHz1rXNx5wl4Z+VPRJv06LS2BVv0Bh7MA
KSilXK/KyXtbrO8x4XJlxR/cjf+PuCdkum4286fpTEQwvPjv5tCEJKSuBN0B7dcx
J1fz0bf2NCTgvaBFxrzjXZCTJQpKwa5C2tcAVLIOKjgD0eJDT/DmnH6oVegLwPCb
MNvf7wfdlWrIGVwxsNoC8aaoR+xeTXdzVOzaHmuY2JVzYNAtDspKs/gUhEeCXTHR
zv4d9XeuJvs6feCvFKalrGAdzP/DQl/EM37d2Dhx2seC4J+DkQwsAn02ICz/AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU3QWkv0083X2ppDSanTNvy0ygShAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk5NzA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gEYwDQYJKoZIhvcNAQELBQADggEBAKMQ+uhUiuyq9d5n2+fTp//FvsriSKmElba0
yqeVU8AwRuzJpYuWOfgySn1/ctsZh6R76K8d7B4pawbAbFf8kJ8jz+EQWWr/v5Fn
WlZnmeyXvb+w3nQcYRByNNg+7qRQilRKTPyv/0popceeowt7lVmWYW8NpnpHxwkt
87K5ZkG6wNjRjxrSFqNBTLzfCRrbHQDF9DfwtpdDqUQ5pF/veUBnDSw+h6uerqQS
oXM+s6g8CVNnR+SA6LamUfcPcMuIj2Zt9bxmP5uj7V1eQmwfcifO50LYwb/7io3Z
LFCPpEjRqXojav43orkLUx0XsIxHn84GV4Jt/EgQhIvil4cCn3U=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org