Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS206501.roa
File: AS206501.roa (raw, json)
Hash identifier: xqB5fyGASxTfJCNE+TG2L6DxHadSrXjMjU2cshoFDUw=
Subject key identifier: D8:88:CD:16:3E:FC:4A:89:16:38:7B:12:67:DD:8B:6A:83:3D:77:0F
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 046B55BDDC677F8620D7678CCEA98E5A446E01D3
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS206501.roa
Signing time: Wed 01 May 2024 22:33:36 +0000
ROA not before: Wed 01 May 2024 22:28:36 +0000
ROA not after: Wed 30 Apr 2025 22:33:36 +0000
asID: 206501
IP address blocks: 2a13:df80:5::/48 maxlen: 64
2a13:df80:f100::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:6b:55:bd:dc:67:7f:86:20:d7:67:8c:ce:a9:8e:5a:44:6e:01:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 1 22:28:36 2024 GMT
Not After : Apr 30 22:33:36 2025 GMT
Subject: CN=D888CD163EFC4A8916387B1267DD8B6A833D770F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d0:1e:b2:85:5f:8a:52:08:9b:e7:5f:0c:29:
ca:48:dc:2a:c7:53:ab:60:0d:e2:f1:db:5e:2a:66:
dd:da:3a:65:08:56:58:9e:51:4b:b4:d2:a1:f0:ed:
85:33:45:40:67:c3:03:bb:6f:14:e2:3e:7f:33:26:
87:3f:c9:7d:cf:20:20:3a:b5:51:c0:f1:a2:00:63:
bd:c7:08:a9:c5:78:ea:3d:73:48:02:6d:94:fb:66:
fe:e2:56:06:17:3c:9c:47:4c:f7:54:25:79:5b:45:
10:5a:1b:f0:bb:4b:12:09:56:e0:86:1f:bd:07:f1:
d2:78:80:05:54:d2:96:cb:91:8f:23:b2:f0:4f:52:
87:9a:5d:5a:4d:a6:da:57:e9:0a:bf:77:16:1d:d3:
c1:23:7a:d7:86:c8:79:8d:13:e9:f1:c1:c3:a6:34:
75:0d:5d:a7:d5:7d:65:e7:9b:ab:17:d7:0e:1b:1e:
cf:d1:d7:7c:68:db:57:74:10:ad:29:55:c0:b5:25:
06:89:70:33:1e:38:0a:df:22:e7:ca:37:19:4b:0c:
02:19:f7:e0:af:f4:8c:f4:41:33:8f:0b:c5:74:4f:
45:e1:5e:6e:18:c1:80:2e:98:31:79:3d:e9:66:81:
d9:90:85:67:84:a7:6b:5f:33:65:c9:54:5b:d6:be:
e8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:88:CD:16:3E:FC:4A:89:16:38:7B:12:67:DD:8B:6A:83:3D:77:0F
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS206501.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:5::/48
2a13:df80:f100::/40
Signature Algorithm: sha256WithRSAEncryption
2a:70:64:f2:a1:13:40:c4:a9:7d:6e:06:ab:dd:e1:2e:fb:61:
a0:39:4b:51:68:ad:90:7d:47:ba:b4:f5:61:ec:20:99:9b:a0:
60:3f:fc:08:4c:b7:ef:09:4d:2c:f2:2f:c0:16:3b:dd:54:52:
bc:b4:8b:0b:d0:5a:e8:d9:8c:44:56:bb:54:fc:9e:24:c0:0e:
74:d5:0d:b7:81:5f:c6:a5:cf:b6:bc:52:4b:65:77:c1:58:c4:
6d:5c:38:47:02:8d:40:b0:dc:68:de:40:bd:15:ef:fb:10:7d:
21:c2:29:e5:28:e5:3c:f7:ca:91:01:5d:98:73:a8:4f:de:57:
b3:ac:c2:bf:e8:c4:06:aa:72:60:e7:9c:22:87:27:7c:5b:ed:
98:f2:f1:ee:55:e7:63:08:09:2e:bb:d1:52:dc:f8:1c:9a:fc:
32:86:a7:62:ab:8c:65:af:d5:81:c5:af:9f:2c:18:46:0e:90:
6f:77:7a:74:4c:8b:77:fb:1c:3f:22:5c:3b:74:dd:ce:c2:72:
c6:ee:5d:62:f5:8f:22:84:c8:ad:84:82:71:95:3e:e8:0e:47:
f6:bd:86:0f:b8:43:1a:be:2a:a4:a1:eb:ad:1b:8f:eb:b3:a1:
00:88:0d:57:d9:f7:61:f3:e5:03:f4:4f:bd:9c:12:24:41:74:
80:f5:ef:7d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUBGtVvdxnf4Yg12eMzqmOWkRuAdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MDEyMjI4MzZaFw0yNTA0MzAyMjMzMzZaMDMxMTAvBgNV
BAMTKEQ4ODhDRDE2M0VGQzRBODkxNjM4N0IxMjY3REQ4QjZBODMzRDc3MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCI0B6yhV+KUgib518MKcpI3CrH
U6tgDeLx214qZt3aOmUIVlieUUu00qHw7YUzRUBnwwO7bxTiPn8zJoc/yX3PICA6
tVHA8aIAY73HCKnFeOo9c0gCbZT7Zv7iVgYXPJxHTPdUJXlbRRBaG/C7SxIJVuCG
H70H8dJ4gAVU0pbLkY8jsvBPUoeaXVpNptpX6Qq/dxYd08EjeteGyHmNE+nxwcOm
NHUNXafVfWXnm6sX1w4bHs/R13xo21d0EK0pVcC1JQaJcDMeOArfIufKNxlLDAIZ
9+Cv9Iz0QTOPC8V0T0XhXm4YwYAumDF5PelmgdmQhWeEp2tfM2XJVFvWvuh5AgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU2IjNFj78SokWOHsSZ92LaoM9dw8wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjA2NTAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhPf
gAAFAwYAKhPfgPEwDQYJKoZIhvcNAQELBQADggEBACpwZPKhE0DEqX1uBqvd4S77
YaA5S1ForZB9R7q09WHsIJmboGA//AhMt+8JTSzyL8AWO91UUry0iwvQWujZjERW
u1T8niTADnTVDbeBX8alz7a8Uktld8FYxG1cOEcCjUCw3GjeQL0V7/sQfSHCKeUo
5Tz3ypEBXZhzqE/eV7Oswr/oxAaqcmDnnCKHJ3xb7Zjy8e5V52MICS670VLc+Bya
/DKGp2KrjGWv1YHFr58sGEYOkG93enRMi3f7HD8iXDt03c7CcsbuXWL1jyKEyK2E
gnGVPugOR/a9hg+4Qxq+KqSh660bj+uzoQCIDVfZ92Hz5QP0T72cEiRBdID1730=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org