Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS214999.roa
File: AS214999.roa (raw, json)
Hash identifier: 9fXQ8qxpoKAsFNmOF7okuWFO/aYzoxz4AzGnR79f64A=
Subject key identifier: BC:1F:FB:7E:F8:31:E2:A9:F0:AF:FC:E2:1C:FA:D4:6E:87:94:E0:64
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4CD735BB2F4EABD28F5DB8E41879AC6437B07975
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS214999.roa
Signing time: Sun 12 May 2024 10:07:38 +0000
ROA not before: Sun 12 May 2024 10:02:38 +0000
ROA not after: Sun 11 May 2025 10:07:38 +0000
asID: 214999
IP address blocks: 2a13:df80:70::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:d7:35:bb:2f:4e:ab:d2:8f:5d:b8:e4:18:79:ac:64:37:b0:79:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 12 10:02:38 2024 GMT
Not After : May 11 10:07:38 2025 GMT
Subject: CN=BC1FFB7EF831E2A9F0AFFCE21CFAD46E8794E064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:1c:7c:af:dd:4b:99:1e:bd:52:7c:6d:94:
91:89:6b:c6:9f:e1:21:19:22:fc:b3:95:16:d3:d2:
34:f7:0f:23:40:b1:b9:08:39:a2:4b:fa:a0:5c:b0:
9a:c3:e0:e8:d0:96:de:da:f1:15:11:9e:59:1a:1c:
d1:3e:12:89:16:c0:c9:26:18:f6:24:ff:e0:cb:f7:
01:08:c2:55:0f:a1:0d:8a:70:f4:47:0a:7e:9e:68:
80:04:f1:d8:74:87:ea:6a:b4:59:65:80:7c:55:a2:
49:48:ff:7f:e4:1f:02:09:04:8f:e9:ed:b3:0b:b4:
56:e9:b1:2f:43:47:d1:fa:f5:3c:8d:f7:fb:38:4d:
47:34:55:b9:3a:c7:ef:64:52:c8:ef:8f:f1:fa:60:
a0:15:0c:40:f7:8b:a4:1b:9b:29:21:b5:c4:b5:1c:
e6:90:fb:57:44:66:fd:b0:b4:f7:c4:5b:a6:ba:5c:
ec:0e:45:f7:38:f2:3b:6b:f2:fd:3e:02:9b:bb:c6:
34:a2:64:d1:fa:01:16:36:4a:78:69:f6:9e:3e:79:
d2:40:3c:d2:5d:d3:c4:ef:04:a7:08:f3:71:8f:a6:
7b:84:e3:71:df:e7:47:fe:b1:37:d5:ee:18:96:78:
f0:b5:b8:05:0d:5d:c9:90:8f:73:f6:ae:31:5c:5f:
9a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1F:FB:7E:F8:31:E2:A9:F0:AF:FC:E2:1C:FA:D4:6E:87:94:E0:64
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS214999.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:70::/44
Signature Algorithm: sha256WithRSAEncryption
bd:7a:7e:8e:b0:5d:66:21:06:35:9f:16:82:c3:2c:ef:30:99:
43:60:93:3b:ce:2b:76:79:d8:9d:6f:8f:51:3c:a2:f6:fc:04:
36:17:bf:d3:67:26:e4:2a:c4:da:5f:a3:d0:ad:4a:be:5d:d5:
ef:21:1d:ae:85:58:62:01:29:10:3d:a2:ac:99:2d:fd:6c:1a:
ea:d0:87:69:b3:0e:d0:9e:c0:6f:61:2e:91:88:f5:18:03:f0:
63:2f:88:b1:7a:2f:f5:95:ae:eb:b7:5e:b2:46:74:c4:58:b0:
29:46:d4:e0:d5:6a:99:33:96:f1:53:42:a9:71:de:fd:a1:2d:
73:1b:c7:28:75:8b:5b:45:f1:00:75:19:ba:70:4c:0f:96:80:
20:24:f2:d4:96:81:06:dc:60:f5:57:93:48:5d:72:ed:ad:14:
12:b1:b2:de:7d:2f:66:64:5b:9f:6e:f5:7a:fa:c3:2b:20:b0:
96:48:1a:95:bf:b2:6c:01:8f:08:e7:7c:f8:bb:d0:e3:0e:4e:
bf:58:04:30:37:5a:4d:73:62:84:ac:6c:82:4c:fd:3f:3e:dd:
c3:60:4c:6e:f8:ec:f0:aa:21:9e:b9:a3:fc:a5:97:4e:f3:52:
40:fe:01:e6:39:29:19:77:e7:2c:5b:9f:c0:11:81:58:88:13:
9d:34:f5:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUTNc1uy9Oq9KPXbjkGHmsZDeweXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MTIxMDAyMzhaFw0yNTA1MTExMDA3MzhaMDMxMTAvBgNV
BAMTKEJDMUZGQjdFRjgzMUUyQTlGMEFGRkNFMjFDRkFENDZFODc5NEUwNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzxBx8r91LmR69UnxtlJGJa8af
4SEZIvyzlRbT0jT3DyNAsbkIOaJL+qBcsJrD4OjQlt7a8RURnlkaHNE+EokWwMkm
GPYk/+DL9wEIwlUPoQ2KcPRHCn6eaIAE8dh0h+pqtFllgHxVoklI/3/kHwIJBI/p
7bMLtFbpsS9DR9H69TyN9/s4TUc0Vbk6x+9kUsjvj/H6YKAVDED3i6QbmykhtcS1
HOaQ+1dEZv2wtPfEW6a6XOwORfc48jtr8v0+Apu7xjSiZNH6ARY2Snhp9p4+edJA
PNJd08TvBKcI83GPpnuE43Hf50f+sTfV7hiWePC1uAUNXcmQj3P2rjFcX5rnAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUvB/7fvgx4qnwr/ziHPrUboeU4GQwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE0OTk5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gABwMA0GCSqGSIb3DQEBCwUAA4IBAQC9en6OsF1mIQY1nxaCwyzvMJlDYJM7zit2
edidb49RPKL2/AQ2F7/TZybkKsTaX6PQrUq+XdXvIR2uhVhiASkQPaKsmS39bBrq
0Idpsw7QnsBvYS6RiPUYA/BjL4ixei/1la7rt16yRnTEWLApRtTg1WqZM5bxU0Kp
cd79oS1zG8codYtbRfEAdRm6cEwPloAgJPLUloEG3GD1V5NIXXLtrRQSsbLefS9m
ZFufbvV6+sMrILCWSBqVv7JsAY8I53z4u9DjDk6/WAQwN1pNc2KErGyCTP0/Pt3D
YExu+OzwqiGeuaP8pZdO81JA/gHmOSkZd+csW5/AEYFYiBOdNPWH
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org