Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215592.roa
File: AS215592.roa (raw, json)
Hash identifier: qVjnppoc4/iDHj6Nie/UNopjeRzjfs/XUnMyMtSlSvY=
Subject key identifier: 97:15:65:36:F6:B9:53:37:6C:22:3B:0B:78:BE:10:DC:C4:49:1C:2B
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 10822FE1CC04E1912DA7F26386264176AE181D38
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215592.roa
Signing time: Mon 05 Feb 2024 14:51:52 +0000
ROA not before: Mon 05 Feb 2024 14:46:52 +0000
ROA not after: Mon 03 Feb 2025 14:51:52 +0000
asID: 215592
IP address blocks: 2a13:df87:5000::/36 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:82:2f:e1:cc:04:e1:91:2d:a7:f2:63:86:26:41:76:ae:18:1d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Feb 5 14:46:52 2024 GMT
Not After : Feb 3 14:51:52 2025 GMT
Subject: CN=97156536F6B953376C223B0B78BE10DCC4491C2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:a4:5f:03:7c:b0:86:1f:63:1a:dd:a3:74:
71:8f:79:f8:9b:ca:a0:62:02:25:28:b2:96:13:7e:
59:e9:9f:e1:d0:00:a0:cb:42:15:65:f9:63:3c:60:
a3:0f:96:b9:24:00:2a:58:64:fa:fa:be:53:a5:a3:
02:87:ee:f6:20:b9:a1:56:4a:9f:0a:bb:df:f8:7a:
90:72:3b:1f:73:cc:3e:28:19:9b:7f:ec:4a:db:e4:
14:d8:96:89:4c:6d:06:ce:97:b8:a4:42:54:80:7b:
cc:69:8b:f3:79:41:bd:53:85:81:19:d1:3c:e8:ce:
a9:80:4b:d0:89:cf:91:ec:40:c7:06:ec:25:c4:05:
19:7c:b4:35:69:94:fe:c9:89:1e:6e:0d:54:2b:5e:
94:07:6a:f1:57:27:83:10:91:56:80:df:77:28:f6:
a0:24:56:14:38:1d:b2:50:45:60:69:8f:ba:e3:08:
56:e0:b4:d4:a4:18:4d:8a:71:15:ad:34:23:25:f3:
a7:ad:69:86:9a:d5:73:7c:b8:eb:17:3c:f5:b1:e1:
df:3d:d1:00:06:14:e0:c9:fc:50:c0:07:dd:99:3e:
57:4b:5e:1d:ab:35:07:3c:98:27:b1:e4:da:c7:a0:
1c:a2:af:c4:20:cd:c3:8c:d6:23:e9:c0:a0:f1:3d:
16:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:15:65:36:F6:B9:53:37:6C:22:3B:0B:78:BE:10:DC:C4:49:1C:2B
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215592.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:5000::/36
Signature Algorithm: sha256WithRSAEncryption
c9:0f:21:8c:1b:e6:ec:96:c4:74:5c:42:52:bf:c5:e0:a1:15:
1c:fb:ce:44:d9:31:ce:de:30:bd:88:35:5d:07:d2:da:cf:00:
58:d2:31:f3:54:84:da:0d:99:ce:0c:bc:dd:4f:ba:ba:7c:69:
43:95:b1:cd:d6:ab:b8:0f:c8:62:3d:b3:aa:74:1d:9c:1b:80:
9d:fe:90:e9:c4:4e:0e:3b:ed:02:42:57:a4:81:8a:2c:b7:f2:
23:0d:30:5c:e0:5c:a2:4b:71:d1:20:cf:3e:31:d2:ea:25:71:
df:cc:be:14:c8:0a:2a:0d:26:ba:b1:28:0a:2e:99:72:21:a0:
6b:64:df:3e:3a:3f:a7:75:40:ca:55:59:62:55:ee:86:fc:55:
41:3e:00:25:c1:79:1e:40:67:f0:ce:26:56:6a:73:4c:30:e4:
68:92:10:85:ec:11:cc:06:6e:e1:19:16:24:cb:d0:b8:03:80:
f5:ba:55:16:cf:1c:fb:f0:2a:19:f0:d2:98:1c:88:07:ba:37:
dc:fb:e0:8f:1a:5d:53:7a:46:d4:d0:33:66:19:05:4f:a1:bb:
29:51:bd:ca:3f:e9:45:ff:ad:c7:78:7c:02:76:a8:c4:ef:2e:
73:25:4e:68:1b:92:52:c6:41:e8:6e:c2:98:d3:7a:61:fa:73:
78:3d:4e:25
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUEIIv4cwE4ZEtp/JjhiZBdq4YHTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAyMDUxNDQ2NTJaFw0yNTAyMDMxNDUxNTJaMDMxMTAvBgNV
BAMTKDk3MTU2NTM2RjZCOTUzMzc2QzIyM0IwQjc4QkUxMERDQzQ0OTFDMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvyqRfA3ywhh9jGt2jdHGPefib
yqBiAiUospYTflnpn+HQAKDLQhVl+WM8YKMPlrkkACpYZPr6vlOlowKH7vYguaFW
Sp8Ku9/4epByOx9zzD4oGZt/7Erb5BTYlolMbQbOl7ikQlSAe8xpi/N5Qb1ThYEZ
0TzozqmAS9CJz5HsQMcG7CXEBRl8tDVplP7JiR5uDVQrXpQHavFXJ4MQkVaA33co
9qAkVhQ4HbJQRWBpj7rjCFbgtNSkGE2KcRWtNCMl86etaYaa1XN8uOsXPPWx4d89
0QAGFODJ/FDAB92ZPldLXh2rNQc8mCex5NrHoByir8QgzcOM1iPpwKDxPRaNAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUlxVlNva5UzdsIjsLeL4Q3MRJHCswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1NTkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhPf
h1AwDQYJKoZIhvcNAQELBQADggEBAMkPIYwb5uyWxHRcQlK/xeChFRz7zkTZMc7e
ML2INV0H0trPAFjSMfNUhNoNmc4MvN1Purp8aUOVsc3Wq7gPyGI9s6p0HZwbgJ3+
kOnETg477QJCV6SBiiy38iMNMFzgXKJLcdEgzz4x0uolcd/MvhTICioNJrqxKAou
mXIhoGtk3z46P6d1QMpVWWJV7ob8VUE+ACXBeR5AZ/DOJlZqc0ww5GiSEIXsEcwG
buEZFiTL0LgDgPW6VRbPHPvwKhnw0pgciAe6N9z74I8aXVN6RtTQM2YZBU+huylR
vco/6UX/rcd4fAJ2qMTvLnMlTmgbklLGQehuwpjTemH6c3g9TiU=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org