Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203686.roa
File: AS203686.roa (raw, json)
Hash identifier: PWzgf5EWpFUxWsODSOAdMkqa5b7k4D+EuDQDWjnoiig=
Subject key identifier: A3:E6:28:52:B8:C5:09:A7:26:E1:1F:EE:3B:63:34:87:AD:08:AD:66
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 54353DBF49D42FF71AB8E4A4EA8E335942E8217C
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203686.roa
Signing time: Mon 08 Apr 2024 13:14:07 +0000
ROA not before: Mon 08 Apr 2024 13:09:07 +0000
ROA not after: Mon 07 Apr 2025 13:14:07 +0000
asID: 203686
IP address blocks: 2a13:df80:2440::/44 maxlen: 48
2a13:df80:3821::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:35:3d:bf:49:d4:2f:f7:1a:b8:e4:a4:ea:8e:33:59:42:e8:21:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 8 13:09:07 2024 GMT
Not After : Apr 7 13:14:07 2025 GMT
Subject: CN=A3E62852B8C509A726E11FEE3B633487AD08AD66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:08:59:b0:1e:3b:02:45:90:66:15:d9:7d:94:
74:6f:33:e4:9e:1e:71:4b:9d:5e:09:da:9a:94:d9:
3b:4d:1d:e8:3d:88:58:a5:71:81:ec:4d:9d:a1:17:
61:9e:32:ab:19:b7:13:1a:6c:9e:dd:ce:35:83:31:
75:f9:f7:c2:57:4e:b5:ee:c5:5b:ba:29:54:43:b4:
f9:c8:dc:cd:de:fd:17:67:84:3c:2a:19:66:7e:75:
e6:8f:63:01:3a:75:46:a8:71:d8:85:50:86:ca:91:
61:17:f5:3b:6f:e5:e1:77:b5:b4:14:85:19:e6:f3:
c7:fc:b8:f4:c8:6d:0a:7b:48:ba:3c:3d:45:a1:c9:
57:71:7d:b2:52:a5:32:c9:86:12:85:ef:43:74:0d:
4d:88:8c:05:e0:ba:6c:34:38:cc:86:15:cb:32:fd:
3f:7e:70:a7:97:2c:a7:87:8b:72:42:a0:ef:9e:00:
c5:e5:10:d2:dc:bc:4b:c1:d2:b6:6c:c2:80:de:2e:
e5:97:b6:ee:b5:19:76:36:e0:b5:d8:42:56:2a:bd:
4b:5a:2a:43:59:87:79:6a:65:55:80:b5:a6:f7:2e:
62:d5:f6:24:80:a6:06:97:85:2b:eb:b0:19:fe:61:
52:e5:d9:42:11:14:2b:38:0a:14:be:47:77:56:db:
8c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E6:28:52:B8:C5:09:A7:26:E1:1F:EE:3B:63:34:87:AD:08:AD:66
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203686.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:2440::/44
2a13:df80:3821::/48
Signature Algorithm: sha256WithRSAEncryption
4b:bb:49:48:04:18:ad:58:f2:73:1e:a8:5d:68:38:8e:c3:19:
6e:54:7a:08:96:98:00:69:7b:1a:b0:fd:7e:8a:26:5c:3e:e3:
6a:2a:20:69:39:8f:07:5f:4a:93:93:a9:55:b4:11:58:b0:34:
50:38:b1:41:e7:83:a6:e1:d0:21:db:f4:4b:db:35:69:11:d5:
a8:f4:6c:25:13:19:81:16:1b:de:f4:7e:df:5d:f3:10:27:7e:
d8:c5:a1:63:c1:01:c5:82:8c:15:f6:63:62:fe:a0:85:59:4f:
ff:4e:ab:e5:68:28:38:34:59:87:91:23:1b:78:d9:e6:38:71:
f2:c3:93:e3:fb:03:8a:d2:20:66:70:22:4d:58:22:bc:69:1f:
5d:9c:60:87:4f:e7:ae:ce:7c:76:8e:5e:42:2b:42:13:0b:7a:
a1:6e:1d:25:d8:75:ee:bb:51:4a:68:85:84:72:15:0c:bf:61:
bd:59:02:01:4e:91:09:7f:af:8a:2c:67:ea:3c:f1:0d:d3:06:
87:ae:c6:63:1a:8b:ce:0b:6d:2f:c9:73:e0:9b:f6:b9:29:ee:
15:89:3f:22:1c:ef:da:ae:0a:f4:8d:f4:dc:28:c2:5e:47:b6:
3a:60:9d:c0:c1:3b:9d:63:51:19:e1:70:56:88:a3:19:73:8d:
20:8d:9b:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUVDU9v0nUL/cauOSk6o4zWULoIXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDgxMzA5MDdaFw0yNTA0MDcxMzE0MDdaMDMxMTAvBgNV
BAMTKEEzRTYyODUyQjhDNTA5QTcyNkUxMUZFRTNCNjMzNDg3QUQwOEFENjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYCFmwHjsCRZBmFdl9lHRvM+Se
HnFLnV4J2pqU2TtNHeg9iFilcYHsTZ2hF2GeMqsZtxMabJ7dzjWDMXX598JXTrXu
xVu6KVRDtPnI3M3e/RdnhDwqGWZ+deaPYwE6dUaocdiFUIbKkWEX9Ttv5eF3tbQU
hRnm88f8uPTIbQp7SLo8PUWhyVdxfbJSpTLJhhKF70N0DU2IjAXgumw0OMyGFcsy
/T9+cKeXLKeHi3JCoO+eAMXlENLcvEvB0rZswoDeLuWXtu61GXY24LXYQlYqvUta
KkNZh3lqZVWAtab3LmLV9iSApgaXhSvrsBn+YVLl2UIRFCs4ChS+R3dW24xfAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUo+YoUrjFCacm4R/uO2M0h60IrWYwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjAzNjg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhPf
gCRAAwcAKhPfgDghMA0GCSqGSIb3DQEBCwUAA4IBAQBLu0lIBBitWPJzHqhdaDiO
wxluVHoIlpgAaXsasP1+iiZcPuNqKiBpOY8HX0qTk6lVtBFYsDRQOLFB54Om4dAh
2/RL2zVpEdWo9GwlExmBFhve9H7fXfMQJ37YxaFjwQHFgowV9mNi/qCFWU//Tqvl
aCg4NFmHkSMbeNnmOHHyw5Pj+wOK0iBmcCJNWCK8aR9dnGCHT+euznx2jl5CK0IT
C3qhbh0l2HXuu1FKaIWEchUMv2G9WQIBTpEJf6+KLGfqPPEN0waHrsZjGovOC20v
yXPgm/a5Ke4ViT8iHO/argr0jfTcKMJeR7Y6YJ3AwTudY1EZ4XBWiKMZc40gjZue
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org