Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203913.roa
File: AS203913.roa (raw, json)
Hash identifier: VtdSLqbAhjYuvtTiqNlpvEJM6PGT1VvHeaVhBHcBtQg=
Subject key identifier: F9:B5:C4:49:4E:DA:7B:C9:98:1F:DD:35:1A:FC:E3:FC:32:FC:3F:08
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 476E39DC27463A5BF465411BD19ED100F112CAD5
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203913.roa
Signing time: Wed 20 Dec 2023 16:21:34 +0000
ROA not before: Wed 20 Dec 2023 16:16:34 +0000
ROA not after: Wed 18 Dec 2024 16:21:34 +0000
asID: 203913
IP address blocks: 2a13:df87:9800::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6e:39:dc:27:46:3a:5b:f4:65:41:1b:d1:9e:d1:00:f1:12:ca:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:34 2023 GMT
Not After : Dec 18 16:21:34 2024 GMT
Subject: CN=F9B5C4494EDA7BC9981FDD351AFCE3FC32FC3F08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f7:08:78:0d:c1:09:e6:1e:04:ea:75:22:b9:
59:e2:1d:9f:fe:d9:05:c0:c0:f0:3f:18:41:46:40:
38:5c:51:6e:ce:d8:2f:dc:79:2a:65:93:7f:df:a0:
19:20:c6:14:e7:e7:6d:62:df:f8:4e:f4:17:bf:7c:
0c:1a:51:0b:a4:14:23:cf:c4:a8:86:fc:d5:1a:e5:
d8:a7:83:f7:7a:d7:98:9d:5c:cb:86:fe:1e:bf:7a:
6f:ed:21:f6:12:b7:08:2f:60:bc:b0:56:84:e3:a7:
7a:b0:10:76:01:46:1b:ab:72:03:04:cc:e8:4f:b5:
dd:86:2e:27:01:c8:4d:6e:e6:27:51:f6:49:59:47:
d1:30:86:c4:6a:40:b3:04:4a:af:34:7d:f4:4a:b1:
b8:92:90:de:99:0d:50:26:7e:c2:3f:31:02:89:8c:
06:e1:4c:cb:ed:ae:e4:ae:ce:fa:eb:4c:55:92:e1:
56:85:88:12:17:91:f3:ba:be:5b:44:d0:85:39:83:
a1:07:4a:ea:df:a5:5a:18:64:26:d9:3b:65:ba:b6:
04:bf:57:4a:47:1a:15:09:a0:7f:53:43:0c:60:c2:
04:42:49:c4:24:bb:f8:de:b5:ce:fb:8f:24:a6:00:
82:00:2c:81:d8:bf:ea:82:66:bc:4b:0f:e7:c5:32:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B5:C4:49:4E:DA:7B:C9:98:1F:DD:35:1A:FC:E3:FC:32:FC:3F:08
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203913.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:9800::/38
Signature Algorithm: sha256WithRSAEncryption
02:66:c2:ce:9c:6f:67:d0:8e:21:fc:3a:f1:a4:22:d0:e9:63:
73:dc:c5:92:42:8b:55:f4:02:c0:b5:c7:e7:49:ea:69:f1:94:
7b:f0:56:f0:1c:e2:e3:e2:78:a6:41:0f:22:a3:a7:75:7a:35:
a7:df:01:e2:90:dd:60:03:76:17:2e:b7:e8:45:75:f6:58:e3:
38:e0:9c:38:9c:19:04:7f:ee:41:81:a7:de:cb:78:cf:a1:fd:
ff:43:97:6b:da:00:15:e9:cb:a3:2c:ba:fb:e1:1a:8b:11:50:
c6:d6:3c:3e:ab:f7:a5:64:07:a1:2c:b3:f1:97:7d:39:61:2a:
3a:ae:b4:97:80:17:0c:7a:ec:d8:a6:d3:67:f6:ba:bf:a5:56:
12:0c:5a:34:67:69:2a:82:37:f2:a4:ea:84:4c:6f:4b:cd:c9:
39:f1:fa:ed:7f:c3:7a:c7:5a:3d:de:98:2c:bd:3b:0e:ec:51:
e0:25:b2:56:40:bf:c7:ff:52:48:e8:d1:73:3b:34:4f:11:73:
36:ed:91:9d:8e:d0:5d:8b:c5:a8:b6:d7:79:33:99:c9:08:26:
2a:f4:0d:17:ca:a9:5b:fa:fd:3e:b0:1f:ee:6d:d4:4f:7c:06:
13:f3:81:00:e5:97:6e:f4:1c:79:8f:72:8d:c8:71:3d:d1:cb:
21:46:f3:12
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUR2453CdGOlv0ZUEb0Z7RAPESytUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzRaFw0yNDEyMTgxNjIxMzRaMDMxMTAvBgNV
BAMTKEY5QjVDNDQ5NEVEQTdCQzk5ODFGREQzNTFBRkNFM0ZDMzJGQzNGMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9wh4DcEJ5h4E6nUiuVniHZ/+
2QXAwPA/GEFGQDhcUW7O2C/ceSplk3/foBkgxhTn521i3/hO9Be/fAwaUQukFCPP
xKiG/NUa5ding/d615idXMuG/h6/em/tIfYStwgvYLywVoTjp3qwEHYBRhurcgME
zOhPtd2GLicByE1u5idR9klZR9EwhsRqQLMESq80ffRKsbiSkN6ZDVAmfsI/MQKJ
jAbhTMvtruSuzvrrTFWS4VaFiBIXkfO6vltE0IU5g6EHSurfpVoYZCbZO2W6tgS/
V0pHGhUJoH9TQwxgwgRCScQku/jetc77jySmAIIALIHYv+qCZrxLD+fFMuvbAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU+bXESU7ae8mYH901Gvzj/DL8PwgwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjAzOTEzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
h5gwDQYJKoZIhvcNAQELBQADggEBAAJmws6cb2fQjiH8OvGkItDpY3PcxZJCi1X0
AsC1x+dJ6mnxlHvwVvAc4uPieKZBDyKjp3V6NaffAeKQ3WADdhcut+hFdfZY4zjg
nDicGQR/7kGBp97LeM+h/f9Dl2vaABXpy6MsuvvhGosRUMbWPD6r96VkB6Ess/GX
fTlhKjqutJeAFwx67Nim02f2ur+lVhIMWjRnaSqCN/Kk6oRMb0vNyTnx+u1/w3rH
Wj3emCy9Ow7sUeAlslZAv8f/Ukjo0XM7NE8RczbtkZ2O0F2Lxai213kzmckIJir0
DRfKqVv6/T6wH+5t1E98BhPzgQDll270HHmPco3IcT3RyyFG8xI=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org