Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215794.roa
File: AS215794.roa (raw, json)
Hash identifier: kXAOUNb9z4CrT0BAWK/MTnRQoP/JgJqQkCYHbU9QS+4=
Subject key identifier: 98:92:E3:91:D7:2A:22:8B:4B:56:8A:91:FF:62:0E:E5:CD:30:EB:7F
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 14A5A0C2800D0AD268694CD8CCC82DF9A9AD8FAA
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215794.roa
Signing time: Tue 02 Jan 2024 13:44:35 +0000
ROA not before: Tue 02 Jan 2024 13:39:35 +0000
ROA not after: Tue 31 Dec 2024 13:44:35 +0000
asID: 215794
IP address blocks: 2a13:df80:3c00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a5:a0:c2:80:0d:0a:d2:68:69:4c:d8:cc:c8:2d:f9:a9:ad:8f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Jan 2 13:39:35 2024 GMT
Not After : Dec 31 13:44:35 2024 GMT
Subject: CN=9892E391D72A228B4B568A91FF620EE5CD30EB7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:64:13:7a:0e:b3:b0:19:1f:d4:d2:6c:11:8e:
3b:4e:28:75:00:fc:d4:e7:3a:27:7d:7c:35:ec:eb:
4e:97:df:ff:a1:af:15:c3:56:10:80:1c:03:1f:84:
72:a6:39:a1:47:e4:4d:bc:60:fc:2c:9b:3c:59:b5:
3e:7e:d3:57:a1:b4:91:26:35:86:91:04:c8:6d:25:
f8:47:3b:46:75:0e:6c:90:d2:e0:38:ae:b9:38:04:
8b:f2:ee:0a:6d:dc:de:77:82:45:0d:d8:c0:59:2d:
c8:e7:2d:c6:80:6d:fe:46:20:b8:6a:cc:be:28:96:
12:26:62:00:1d:38:80:d0:27:10:fb:37:2d:cc:16:
45:ec:32:3d:6e:46:53:23:d7:15:c9:02:39:1f:d8:
12:c7:6f:2c:a1:08:b1:a5:bb:40:54:d0:b0:cb:9f:
63:ae:38:9c:44:23:df:bc:86:39:97:de:d0:2e:39:
2b:ac:dc:fa:9e:24:cf:32:8d:66:52:cc:f5:80:1b:
82:65:c5:8f:49:6d:bb:74:4f:c3:73:73:74:16:b3:
08:26:50:85:7f:6a:2f:0e:2e:30:a1:d2:8c:08:66:
fa:f7:67:f9:9d:cd:7b:38:76:b1:1f:ad:7b:cf:17:
b9:b0:e3:8f:e2:9b:ba:50:67:24:af:4a:62:a5:e1:
78:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:92:E3:91:D7:2A:22:8B:4B:56:8A:91:FF:62:0E:E5:CD:30:EB:7F
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215794.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3c00::/40
Signature Algorithm: sha256WithRSAEncryption
cb:39:d4:73:04:ab:f6:a3:0f:4c:7d:8b:14:60:f4:53:3e:fa:
01:a7:a6:50:b2:95:f9:1b:8d:96:0a:6a:f8:4c:75:b7:dd:76:
45:7a:a8:f2:d9:73:dd:75:b5:7b:59:24:a7:2d:eb:bd:5a:08:
03:82:89:ab:25:0a:fe:b0:bf:86:a8:a3:9a:9a:b8:36:62:f9:
82:94:ee:27:80:f6:f4:7c:a6:06:aa:32:1a:0a:41:2f:70:a9:
08:40:b3:83:e7:a6:2b:81:ea:ab:af:f6:05:61:51:5c:5e:92:
8c:3f:4e:4a:ce:85:eb:6c:8a:2b:d0:42:e5:03:e8:91:a1:99:
73:9f:84:ad:22:d2:c0:cd:3e:f8:0f:c5:90:b2:df:29:36:df:
91:b4:69:d0:a4:e9:7c:26:ef:0c:09:ff:64:20:ae:41:c2:22:
c1:d7:5b:6b:9b:d9:aa:70:e8:75:e7:1e:40:ec:a8:49:ae:86:
11:5a:00:4f:00:8b:b8:af:b2:98:02:b1:ac:44:46:ad:9e:b3:
5e:56:62:d9:c6:ca:5c:59:eb:22:23:e8:d0:b4:6e:e8:07:7b:
91:35:dc:58:19:bd:34:de:71:cf:03:1d:3e:48:7d:66:f8:85:
48:f5:e3:b3:9e:ad:dd:90:e6:c6:16:78:33:7f:bf:56:a6:16:
34:d9:12:6d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUFKWgwoANCtJoaUzYzMgt+amtj6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAxMDIxMzM5MzVaFw0yNDEyMzExMzQ0MzVaMDMxMTAvBgNV
BAMTKDk4OTJFMzkxRDcyQTIyOEI0QjU2OEE5MUZGNjIwRUU1Q0QzMEVCN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuZBN6DrOwGR/U0mwRjjtOKHUA
/NTnOid9fDXs606X3/+hrxXDVhCAHAMfhHKmOaFH5E28YPwsmzxZtT5+01ehtJEm
NYaRBMhtJfhHO0Z1DmyQ0uA4rrk4BIvy7gpt3N53gkUN2MBZLcjnLcaAbf5GILhq
zL4olhImYgAdOIDQJxD7Ny3MFkXsMj1uRlMj1xXJAjkf2BLHbyyhCLGlu0BU0LDL
n2OuOJxEI9+8hjmX3tAuOSus3PqeJM8yjWZSzPWAG4JlxY9Jbbt0T8Nzc3QWswgm
UIV/ai8OLjCh0owIZvr3Z/mdzXs4drEfrXvPF7mw44/im7pQZySvSmKl4XjXAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUmJLjkdcqIotLVoqR/2IO5c0w638wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1Nzk0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gDwwDQYJKoZIhvcNAQELBQADggEBAMs51HMEq/ajD0x9ixRg9FM++gGnplCylfkb
jZYKavhMdbfddkV6qPLZc911tXtZJKct671aCAOCiaslCv6wv4aoo5qauDZi+YKU
7ieA9vR8pgaqMhoKQS9wqQhAs4PnpiuB6quv9gVhUVxekow/TkrOhetsiivQQuUD
6JGhmXOfhK0i0sDNPvgPxZCy3yk235G0adCk6Xwm7wwJ/2QgrkHCIsHXW2ub2apw
6HXnHkDsqEmuhhFaAE8Ai7ivspgCsaxERq2es15WYtnGylxZ6yIj6NC0bugHe5E1
3FgZvTTecc8DHT5IfWb4hUj147Oerd2Q5sYWeDN/v1amFjTZEm0=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org