Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS208328.roa
File: AS208328.roa (raw, json)
Hash identifier: ShWgZ0xttTv2CZ/90PxnDtRxZO5/ZUEd7ytKRtaQ2eI=
Subject key identifier: 93:99:0C:0C:0C:79:25:D6:78:1A:67:79:EE:45:78:B2:3C:76:21:BE
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0B08493A6EE97F3F8C5A816E1FCD64501541C76C
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS208328.roa
Signing time: Wed 20 Dec 2023 16:22:21 +0000
ROA not before: Wed 20 Dec 2023 16:17:21 +0000
ROA not after: Wed 18 Dec 2024 16:22:21 +0000
asID: 208328
IP address blocks: 2a13:df87:a000::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:08:49:3a:6e:e9:7f:3f:8c:5a:81:6e:1f:cd:64:50:15:41:c7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:21 2023 GMT
Not After : Dec 18 16:22:21 2024 GMT
Subject: CN=93990C0C0C7925D6781A6779EE4578B23C7621BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:a8:d0:3d:08:b6:7b:e0:1a:b3:50:e1:35:
7f:40:62:7b:4b:e3:cf:e5:d8:0c:0e:0c:e5:1b:a0:
d5:76:f9:1f:64:1e:e8:38:85:ce:1b:d0:4e:c8:be:
86:b7:ef:83:df:11:08:d1:64:7e:a8:bb:df:89:c7:
0d:3c:1f:e1:a3:06:9e:ae:26:79:35:94:a9:2c:0d:
d7:48:a7:e7:72:76:f8:77:fc:5c:c8:2e:61:52:49:
4a:bf:84:43:15:26:5e:2d:e0:bf:7c:98:09:56:ce:
d7:44:78:29:72:15:79:a8:a0:c6:63:f2:75:47:cf:
17:1c:6f:d5:a8:e2:ad:dc:92:e5:18:9b:8a:54:f7:
5c:b5:c6:7e:1c:c6:82:7b:6f:0f:38:bc:84:3e:45:
80:37:0c:1e:1b:53:33:23:81:43:e8:f5:28:e2:6e:
ad:0d:b8:dc:f4:bb:a7:83:3c:70:df:7e:bd:53:d0:
62:83:d7:21:b4:1d:b4:61:7b:df:ba:ab:4d:e7:a1:
ef:cc:fe:70:02:cc:44:e4:19:22:b3:86:00:2d:9d:
80:15:09:35:e7:3f:55:c6:a5:b1:5a:c4:8d:68:c1:
29:25:58:1d:26:52:60:12:3b:02:3b:de:a6:0a:0e:
f0:d3:3d:4c:70:c7:29:cd:de:9a:aa:12:04:24:9b:
26:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:99:0C:0C:0C:79:25:D6:78:1A:67:79:EE:45:78:B2:3C:76:21:BE
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS208328.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:a000::/38
Signature Algorithm: sha256WithRSAEncryption
b0:63:b3:57:c7:03:76:e0:ae:86:cb:35:68:4b:1b:f8:f4:d0:
73:b8:3e:79:4b:d4:c0:0d:16:40:c0:f7:b4:61:84:91:13:4d:
8d:68:35:a0:d5:11:99:6e:c7:d3:e3:d2:df:d4:dd:44:a7:1e:
a0:7c:f0:2d:12:4e:e9:b7:49:ff:f6:e2:42:da:a3:68:1e:51:
b2:ae:58:c2:87:ec:13:71:66:42:a6:77:12:2c:30:18:56:db:
5c:1a:bd:f0:4b:9a:60:9f:0b:0f:f5:b4:e0:66:2f:9d:64:2b:
ec:42:db:49:54:4c:09:66:67:25:a9:2b:8c:b3:40:03:cd:2f:
92:e1:b0:6a:d4:88:d4:70:f6:cd:f5:5b:8b:15:44:0e:e5:06:
3a:ba:1a:c7:ac:38:c5:b0:7e:f3:f0:20:a4:2d:ca:b1:63:5c:
03:f0:5c:fd:00:ac:53:76:e5:c7:70:4e:7f:82:0a:7f:6a:05:
11:95:b7:e3:f5:16:a0:46:2a:df:24:b2:f9:68:37:72:9a:73:
89:11:ab:71:18:31:08:9b:95:c5:25:61:ff:3e:d7:40:94:ff:
69:f1:f6:27:18:04:34:ad:d7:ae:04:86:72:00:d5:7a:bc:14:
83:05:5a:db:2f:03:22:83:c0:ac:b7:dc:6c:f7:f6:90:ba:1a:
4a:15:63:b9
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUCwhJOm7pfz+MWoFuH81kUBVBx2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjFaFw0yNDEyMTgxNjIyMjFaMDMxMTAvBgNV
BAMTKDkzOTkwQzBDMEM3OTI1RDY3ODFBNjc3OUVFNDU3OEIyM0M3NjIxQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoFKjQPQi2e+Aas1DhNX9AYntL
48/l2AwODOUboNV2+R9kHug4hc4b0E7Ivoa374PfEQjRZH6ou9+Jxw08H+GjBp6u
Jnk1lKksDddIp+dydvh3/FzILmFSSUq/hEMVJl4t4L98mAlWztdEeClyFXmooMZj
8nVHzxccb9Wo4q3ckuUYm4pU91y1xn4cxoJ7bw84vIQ+RYA3DB4bUzMjgUPo9Sji
bq0NuNz0u6eDPHDffr1T0GKD1yG0HbRhe9+6q03noe/M/nACzETkGSKzhgAtnYAV
CTXnP1XGpbFaxI1owSklWB0mUmASOwI73qYKDvDTPUxwxynN3pqqEgQkmybBAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUk5kMDAx5JdZ4Gmd57kV4sjx2Ib4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjA4MzI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
h6AwDQYJKoZIhvcNAQELBQADggEBALBjs1fHA3bgrobLNWhLG/j00HO4PnlL1MAN
FkDA97RhhJETTY1oNaDVEZlux9Pj0t/U3USnHqB88C0STum3Sf/24kLao2geUbKu
WMKH7BNxZkKmdxIsMBhW21wavfBLmmCfCw/1tOBmL51kK+xC20lUTAlmZyWpK4yz
QAPNL5LhsGrUiNRw9s31W4sVRA7lBjq6GsesOMWwfvPwIKQtyrFjXAPwXP0ArFN2
5cdwTn+CCn9qBRGVt+P1FqBGKt8ksvloN3Kac4kRq3EYMQiblcUlYf8+10CU/2nx
9icYBDSt164EhnIA1Xq8FIMFWtsvAyKDwKy33Gz39pC6GkoVY7k=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org