Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212049.roa
File: AS212049.roa (raw, json)
Hash identifier: is2uUv1b9tmFeAj5aTCbC23y7gTegJT3WUSkXtsjBqY=
Subject key identifier: 03:D0:E0:F3:68:85:E0:D4:2E:05:14:B6:FB:22:B3:D4:89:9C:5C:31
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4239A94EBDD879AA67812B66CA3CEAC324AFA14A
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212049.roa
Signing time: Wed 20 Dec 2023 16:22:11 +0000
ROA not before: Wed 20 Dec 2023 16:17:11 +0000
ROA not after: Wed 18 Dec 2024 16:22:11 +0000
asID: 212049
IP address blocks: 2a13:df80:1200::/40 maxlen: 48
2a13:df80:1222::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:39:a9:4e:bd:d8:79:aa:67:81:2b:66:ca:3c:ea:c3:24:af:a1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:11 2023 GMT
Not After : Dec 18 16:22:11 2024 GMT
Subject: CN=03D0E0F36885E0D42E0514B6FB22B3D4899C5C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:88:35:69:47:67:68:33:9d:10:ab:82:7e:fc:
cc:6a:c3:82:97:6d:d3:61:a7:38:64:64:ac:62:65:
99:ca:4b:b9:4d:95:4d:3b:c5:1b:47:3a:eb:d2:88:
5f:25:ba:ac:c9:8b:d6:00:3b:40:5d:7d:7d:a1:37:
71:f6:ed:db:0b:3d:19:8b:48:89:d7:2f:78:e3:89:
93:74:a2:fb:62:4f:be:cf:f4:ea:ef:71:51:d2:cd:
e2:28:f4:f2:9d:34:ac:ab:e2:39:8d:64:dc:01:4d:
d2:46:95:20:66:da:51:1c:5f:43:de:d9:9c:26:8a:
f6:60:e5:6a:5c:0b:51:1d:c7:e6:0a:cc:7a:85:4b:
b2:ab:d0:6d:de:08:0d:e9:ba:ab:d6:11:fc:b6:b9:
92:2a:a7:dc:e9:be:d5:b2:43:b3:90:88:08:54:f8:
28:19:fe:f4:d2:2f:e3:31:fc:19:57:38:4e:b1:40:
2f:81:bc:4f:39:19:6e:a3:bb:ba:56:39:48:d8:0c:
c2:1c:7c:da:73:d7:47:a4:88:0a:be:66:2d:22:e1:
77:f4:d7:a5:b9:5b:6c:04:db:58:34:0f:87:04:9f:
a8:5b:06:5e:65:4a:89:0f:ac:c3:10:53:89:2c:25:
be:ae:41:53:6d:7c:bd:a1:1c:87:94:ad:ff:96:b1:
c0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D0:E0:F3:68:85:E0:D4:2E:05:14:B6:FB:22:B3:D4:89:9C:5C:31
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212049.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1200::/40
Signature Algorithm: sha256WithRSAEncryption
6f:2e:2a:fe:a1:1f:ef:66:e5:4b:d1:3c:0b:2f:cb:3b:20:30:
f8:da:6e:bd:73:c7:84:47:98:6d:99:45:c6:31:85:61:4e:5d:
60:8f:c4:b3:0e:9a:82:0d:20:6c:98:25:04:ae:9c:8b:16:0a:
d3:b2:34:31:17:f9:bf:c7:85:de:a5:c0:5b:c1:13:60:f0:36:
c2:56:d4:78:33:2c:47:95:f0:e4:be:b0:2e:0f:6e:2c:f6:8c:
be:4e:4b:44:26:74:37:b0:d1:2e:ea:64:d1:6a:d1:3c:41:91:
87:2d:a0:27:99:22:30:0a:76:ce:9a:ca:c0:84:1c:c9:b5:31:
07:aa:ad:5f:bc:69:23:11:82:52:c4:1e:87:28:6a:ef:f7:9c:
07:9b:ac:a0:0e:48:3c:73:b8:94:95:30:00:69:91:ab:66:c2:
59:6e:c3:4b:a8:b8:82:a2:dd:ff:c9:aa:d7:9c:28:87:cc:63:
2a:88:3b:aa:a4:94:35:76:d6:27:3f:a6:1f:e1:b9:56:bf:6f:
2a:5f:3c:87:96:07:c6:c3:13:7c:33:08:d0:7a:7e:69:ad:9d:
d1:52:30:8d:fa:cc:05:2d:dc:60:64:00:4d:12:85:07:2f:22:
b6:d4:39:e2:88:3a:a0:90:7f:1e:fa:98:a9:bf:51:a1:f1:07:
35:b2:a1:94
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUQjmpTr3YeapngStmyjzqwySvoUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTFaFw0yNDEyMTgxNjIyMTFaMDMxMTAvBgNV
BAMTKDAzRDBFMEYzNjg4NUUwRDQyRTA1MTRCNkZCMjJCM0Q0ODk5QzVDMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCriDVpR2doM50Qq4J+/Mxqw4KX
bdNhpzhkZKxiZZnKS7lNlU07xRtHOuvSiF8luqzJi9YAO0BdfX2hN3H27dsLPRmL
SInXL3jjiZN0ovtiT77P9OrvcVHSzeIo9PKdNKyr4jmNZNwBTdJGlSBm2lEcX0Pe
2ZwmivZg5WpcC1Edx+YKzHqFS7Kr0G3eCA3puqvWEfy2uZIqp9zpvtWyQ7OQiAhU
+CgZ/vTSL+Mx/BlXOE6xQC+BvE85GW6ju7pWOUjYDMIcfNpz10ekiAq+Zi0i4Xf0
16W5W2wE21g0D4cEn6hbBl5lSokPrMMQU4ksJb6uQVNtfL2hHIeUrf+WscBJAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUA9Dg82iF4NQuBRS2+yKz1ImcXDEwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjEyMDQ5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gBIwDQYJKoZIhvcNAQELBQADggEBAG8uKv6hH+9m5UvRPAsvyzsgMPjabr1zx4RH
mG2ZRcYxhWFOXWCPxLMOmoINIGyYJQSunIsWCtOyNDEX+b/Hhd6lwFvBE2DwNsJW
1HgzLEeV8OS+sC4Pbiz2jL5OS0QmdDew0S7qZNFq0TxBkYctoCeZIjAKds6aysCE
HMm1MQeqrV+8aSMRglLEHocoau/3nAebrKAOSDxzuJSVMABpkatmwlluw0uouIKi
3f/JqtecKIfMYyqIO6qklDV21ic/ph/huVa/bypfPIeWB8bDE3wzCNB6fmmtndFS
MI36zAUt3GBkAE0ShQcvIrbUOeKIOqCQfx76mKm/UaHxBzWyoZQ=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org