Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200240.roa
File: AS200240.roa (raw, json)
Hash identifier: QkyCfix5WFOFE82RGk1meQ7NID0rZgunIwiH8YUZ96w=
Subject key identifier: 49:67:B4:78:9E:0D:9A:97:65:34:45:6E:18:2A:A6:10:6E:FF:D0:45
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 18BED97CD5210E231F5312C3B50270D6BAB1FCEF
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200240.roa
Signing time: Mon 08 Apr 2024 13:06:55 +0000
ROA not before: Mon 08 Apr 2024 13:01:55 +0000
ROA not after: Mon 07 Apr 2025 13:06:55 +0000
asID: 200240
IP address blocks: 2a13:df80:2420::/44 maxlen: 48
2a13:df85:e400::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:be:d9:7c:d5:21:0e:23:1f:53:12:c3:b5:02:70:d6:ba:b1:fc:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 8 13:01:55 2024 GMT
Not After : Apr 7 13:06:55 2025 GMT
Subject: CN=4967B4789E0D9A976534456E182AA6106EFFD045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:85:a7:ab:3f:b3:19:d0:83:55:08:6f:ab:
6b:73:5d:01:90:d8:28:31:e9:08:da:d3:6f:4e:9a:
fa:b9:76:7d:e4:a1:fc:57:38:d6:a5:00:fa:b8:47:
26:1c:5c:96:cb:b4:e1:db:6d:ab:65:cf:6e:5f:dc:
0d:32:27:e7:6c:48:c3:67:c0:72:92:18:54:e3:93:
f0:2c:0b:b8:1e:5c:52:33:b3:5b:01:b9:c1:f0:8e:
5a:74:f4:9c:5e:49:ea:81:0d:16:fe:19:5a:9c:c0:
ba:8d:61:6b:52:53:9c:56:95:b6:7f:29:42:3f:d5:
f9:28:a4:3a:3f:2d:2c:92:5d:35:f3:2e:7a:b3:20:
30:ed:55:64:33:5e:e8:71:fd:6e:22:9e:52:ba:cc:
03:58:8f:9f:00:61:59:dc:87:68:42:75:64:32:c2:
6a:3a:03:66:76:72:21:d5:74:40:fb:cc:14:e7:11:
c7:bb:3c:97:27:0a:08:66:22:e8:f1:be:55:83:13:
b0:1f:27:2d:64:88:c9:9e:f2:9d:84:6b:cc:38:5d:
51:d1:8e:d9:ab:17:49:96:87:05:75:88:0a:ec:d9:
22:11:3c:74:8f:8b:74:e2:77:95:d0:2b:95:9e:01:
29:37:a6:73:02:32:b7:06:65:e3:13:9c:8a:31:cb:
ce:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:67:B4:78:9E:0D:9A:97:65:34:45:6E:18:2A:A6:10:6E:FF:D0:45
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200240.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:2420::/44
2a13:df85:e400::/38
Signature Algorithm: sha256WithRSAEncryption
11:0a:df:cd:84:f4:34:d3:37:8b:32:5f:98:62:a8:7a:2a:50:
f2:da:8b:6b:d2:9c:12:bb:cd:ba:fe:d8:c4:76:6a:cf:15:27:
b1:44:c8:b0:6e:00:26:13:c4:37:43:ad:c2:4c:e5:87:89:42:
7f:15:91:e0:da:7a:1f:cb:bf:b4:23:6b:b0:33:8b:22:85:c7:
0b:f4:f5:5f:97:54:3d:56:c2:c4:3f:d9:4c:90:ab:fe:83:bc:
d8:ea:76:9e:4d:f9:da:4e:e4:ee:e2:e5:90:a5:47:91:08:96:
de:fd:c2:ab:00:7a:a2:98:42:e9:e1:88:77:b5:d6:c7:b6:f9:
ba:4b:4c:36:b1:3e:d7:40:0d:28:de:01:c2:52:09:ed:59:3c:
b2:e0:de:a5:86:ea:07:e1:27:6b:b5:34:c8:05:3a:2a:dc:15:
29:a2:32:c9:33:66:cb:f3:eb:57:39:2a:7f:d9:39:b5:d6:44:
59:d6:19:df:13:9e:7c:9c:b6:ea:54:cb:0f:6b:b8:c2:fb:bd:
38:03:0d:43:67:11:a9:13:19:41:a7:b4:59:d5:76:f8:30:fd:
14:99:b3:35:c9:e8:31:91:e9:f0:9d:20:c0:2b:31:a9:49:ba:
d7:b3:da:e7:8b:1d:d0:5b:e7:07:92:d1:d4:ab:31:c9:f3:0d:
34:88:6b:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUGL7ZfNUhDiMfUxLDtQJw1rqx/O8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDgxMzAxNTVaFw0yNTA0MDcxMzA2NTVaMDMxMTAvBgNV
BAMTKDQ5NjdCNDc4OUUwRDlBOTc2NTM0NDU2RTE4MkFBNjEwNkVGRkQwNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+44Wnqz+zGdCDVQhvq2tzXQGQ
2Cgx6Qja029Omvq5dn3kofxXONalAPq4RyYcXJbLtOHbbatlz25f3A0yJ+dsSMNn
wHKSGFTjk/AsC7geXFIzs1sBucHwjlp09JxeSeqBDRb+GVqcwLqNYWtSU5xWlbZ/
KUI/1fkopDo/LSySXTXzLnqzIDDtVWQzXuhx/W4inlK6zANYj58AYVnch2hCdWQy
wmo6A2Z2ciHVdED7zBTnEce7PJcnCghmIujxvlWDE7AfJy1kiMme8p2Ea8w4XVHR
jtmrF0mWhwV1iArs2SIRPHSPi3Tid5XQK5WeASk3pnMCMrcGZeMTnIoxy85jAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUSWe0eJ4NmpdlNEVuGCqmEG7/0EUwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjAwMjQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhPf
gCQgAwYCKhPfheQwDQYJKoZIhvcNAQELBQADggEBABEK382E9DTTN4syX5hiqHoq
UPLai2vSnBK7zbr+2MR2as8VJ7FEyLBuACYTxDdDrcJM5YeJQn8VkeDaeh/Lv7Qj
a7AziyKFxwv09V+XVD1WwsQ/2UyQq/6DvNjqdp5N+dpO5O7i5ZClR5EIlt79wqsA
eqKYQunhiHe11se2+bpLTDaxPtdADSjeAcJSCe1ZPLLg3qWG6gfhJ2u1NMgFOirc
FSmiMskzZsvz61c5Kn/ZObXWRFnWGd8TnnyctupUyw9ruML7vTgDDUNnEakTGUGn
tFnVdvgw/RSZszXJ6DGR6fCdIMArMalJutez2ueLHdBb5weS0dSrMcnzDTSIa/Y=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org