Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS204844.roa
File: AS204844.roa (raw, json)
Hash identifier: w5tzDjpc6CgK10KNLtjnb3SAML+haTGNGty8ViPMHqI=
Subject key identifier: 90:D7:7F:19:15:92:8F:F9:5E:02:ED:78:65:15:AF:CC:D7:69:3A:E2
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 6A804B936F1F7F962BB0321D4E9C06FC413B793B
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS204844.roa
Signing time: Mon 08 Apr 2024 20:10:20 +0000
ROA not before: Mon 08 Apr 2024 20:05:20 +0000
ROA not after: Mon 07 Apr 2025 20:10:20 +0000
asID: 204844
IP address blocks: 2a13:df80:7e00::/44 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:80:4b:93:6f:1f:7f:96:2b:b0:32:1d:4e:9c:06:fc:41:3b:79:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 8 20:05:20 2024 GMT
Not After : Apr 7 20:10:20 2025 GMT
Subject: CN=90D77F1915928FF95E02ED786515AFCCD7693AE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:be:0d:72:b4:c1:14:72:be:17:c8:cb:7f:
98:8e:3d:3f:46:72:ea:83:48:6b:28:4b:3e:01:03:
81:71:4f:26:5f:f0:f0:0e:db:de:d2:37:01:be:5e:
cf:70:f8:85:fd:a2:af:84:b7:2c:ae:b3:92:a6:2c:
4e:d9:bc:1c:09:0f:a5:a0:63:2f:b2:94:ab:03:6d:
5b:5e:29:50:4b:5a:b0:9b:82:53:e1:0a:c5:33:5a:
e1:9e:08:f6:ec:5d:9f:23:e0:26:47:42:99:13:f4:
4d:9c:23:63:59:b9:bc:51:7d:0d:9a:9c:86:8c:9a:
8b:57:5a:90:67:5f:af:c7:6c:64:6a:8a:e5:03:f7:
7c:53:df:aa:e0:b7:70:1f:8e:39:dd:96:bd:7d:ab:
36:82:3f:fd:9a:d6:5f:ae:5c:3d:56:04:c6:22:65:
25:41:4e:6a:f5:4f:ec:ba:4c:1e:f8:49:20:09:c7:
f3:78:b4:f8:d5:06:53:fc:b8:ef:1a:4d:bb:9a:ca:
2a:78:5e:05:88:e2:f1:aa:af:12:6b:82:99:a4:c4:
26:e6:5d:4a:ec:9f:f2:5a:34:cc:52:48:11:e2:84:
c8:4b:7c:78:64:30:b2:b5:e5:02:ce:62:c6:e9:4b:
16:66:93:51:3b:f9:68:ce:9d:c3:ca:2d:b0:b0:0b:
21:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D7:7F:19:15:92:8F:F9:5E:02:ED:78:65:15:AF:CC:D7:69:3A:E2
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS204844.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:7e00::/44
Signature Algorithm: sha256WithRSAEncryption
ac:ac:e6:fe:e4:d7:c3:ff:fa:40:cc:46:fa:aa:aa:32:b4:12:
be:4c:87:9f:52:cc:3b:62:64:a5:1c:d4:82:97:e5:f6:3d:84:
02:97:95:bc:9a:cf:35:c6:0a:86:3e:a8:91:21:fa:d8:07:c5:
09:2f:c0:86:6f:c4:ee:02:e1:91:77:49:fe:51:dd:11:f0:2a:
6d:3f:6d:ea:6c:63:07:51:2b:ae:fa:f8:3a:9d:33:cf:34:78:
4e:90:1a:59:15:e8:6a:78:73:b7:c7:fa:04:95:e0:c9:94:57:
b3:65:62:d6:f6:fe:42:2a:79:c9:68:b6:3f:1c:7b:f1:e5:d8:
68:e2:eb:69:a6:cd:96:30:26:09:19:20:ff:d2:68:76:5b:56:
41:e8:f2:d7:7e:8e:0e:35:02:a3:9a:cf:f5:ab:7e:6e:46:3e:
11:bd:00:6b:df:85:b4:bb:db:82:fb:46:92:9f:e6:44:a8:30:
aa:1a:f9:38:e1:14:bc:40:77:b0:57:89:7c:c8:75:19:bd:49:
cb:07:c9:71:88:88:f9:56:45:ff:23:be:79:dc:43:8f:51:0e:
28:4c:87:94:00:d8:31:7f:3f:bb:6a:68:b4:52:6a:0b:68:12:
9c:1f:da:1e:4e:43:26:11:d7:40:59:09:d0:c4:3b:9b:68:3c:
14:b3:ad:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUaoBLk28ff5YrsDIdTpwG/EE7eTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDgyMDA1MjBaFw0yNTA0MDcyMDEwMjBaMDMxMTAvBgNV
BAMTKDkwRDc3RjE5MTU5MjhGRjk1RTAyRUQ3ODY1MTVBRkNDRDc2OTNBRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwiL4NcrTBFHK+F8jLf5iOPT9G
cuqDSGsoSz4BA4FxTyZf8PAO297SNwG+Xs9w+IX9oq+Etyyus5KmLE7ZvBwJD6Wg
Yy+ylKsDbVteKVBLWrCbglPhCsUzWuGeCPbsXZ8j4CZHQpkT9E2cI2NZubxRfQ2a
nIaMmotXWpBnX6/HbGRqiuUD93xT36rgt3Afjjndlr19qzaCP/2a1l+uXD1WBMYi
ZSVBTmr1T+y6TB74SSAJx/N4tPjVBlP8uO8aTbuayip4XgWI4vGqrxJrgpmkxCbm
XUrsn/JaNMxSSBHihMhLfHhkMLK15QLOYsbpSxZmk1E7+WjOncPKLbCwCyE7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUkNd/GRWSj/leAu14ZRWvzNdpOuIwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjA0ODQ0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gH4AMA0GCSqGSIb3DQEBCwUAA4IBAQCsrOb+5NfD//pAzEb6qqoytBK+TIefUsw7
YmSlHNSCl+X2PYQCl5W8ms81xgqGPqiRIfrYB8UJL8CGb8TuAuGRd0n+Ud0R8Cpt
P23qbGMHUSuu+vg6nTPPNHhOkBpZFehqeHO3x/oEleDJlFezZWLW9v5CKnnJaLY/
HHvx5dho4utpps2WMCYJGSD/0mh2W1ZB6PLXfo4ONQKjms/1q35uRj4RvQBr34W0
u9uC+0aSn+ZEqDCqGvk44RS8QHewV4l8yHUZvUnLB8lxiIj5VkX/I7553EOPUQ4o
TIeUANgxfz+7ami0UmoLaBKcH9oeTkMmEddAWQnQxDubaDwUs63C
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org