Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215925.roa
File: AS215925.roa (raw, json)
Hash identifier: jfiDlwzADnrtScI6WNKeExeqy55LN1wXNrgBz4jSeJo=
Subject key identifier: AE:DC:AA:F5:B1:90:EC:28:4A:76:8F:C1:89:88:F3:0A:DC:50:D5:10
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4271BA79887506795F7E7F7F2B3429B9B0EEF09B
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215925.roa
Signing time: Wed 20 Dec 2023 16:22:10 +0000
ROA not before: Wed 20 Dec 2023 16:17:10 +0000
ROA not after: Wed 18 Dec 2024 16:22:10 +0000
asID: 215925
IP address blocks: 2a13:df85:bc00::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:71:ba:79:88:75:06:79:5f:7e:7f:7f:2b:34:29:b9:b0:ee:f0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:10 2023 GMT
Not After : Dec 18 16:22:10 2024 GMT
Subject: CN=AEDCAAF5B190EC284A768FC18988F30ADC50D510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:60:8a:9d:63:30:a8:0e:4a:73:e8:b9:d1:e0:
44:69:0e:fa:b7:9b:9c:be:1d:99:72:25:ad:f3:4e:
49:17:78:6f:03:27:50:80:53:14:59:9a:a5:2c:eb:
c6:65:2f:82:eb:92:77:a3:d4:5a:61:87:ed:56:73:
e8:df:39:9a:8d:ae:a2:2a:e9:34:0a:f3:fc:e5:bf:
62:7e:94:2a:63:cf:a8:85:3d:4d:94:e5:9f:6e:a3:
26:13:6b:be:84:91:57:ba:0b:8a:78:df:72:c1:54:
77:69:18:06:4e:2b:80:fb:aa:19:7a:f6:3b:7a:b0:
67:70:29:69:a1:33:4b:de:7d:d8:b8:ed:6c:6f:c5:
60:fa:32:bf:bc:d4:36:29:1d:aa:f0:5f:11:38:1a:
43:9e:f4:05:a2:6f:73:4e:4c:73:51:fa:5f:14:b1:
d6:17:0e:40:4f:91:94:7b:fc:c5:72:83:61:3e:41:
77:3a:f2:2f:e6:cc:56:94:86:7f:f4:c3:cd:0f:d1:
06:d2:9f:96:38:b8:f2:23:32:d7:f4:30:9d:95:92:
34:3a:6c:c7:fc:8e:af:fa:b0:ec:3c:40:a1:70:cc:
e6:59:15:1f:47:19:4f:bd:a7:41:b3:ee:c4:d8:fd:
3d:4f:c3:c3:3b:a1:31:00:f0:88:e0:45:f9:66:da:
d6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:AA:F5:B1:90:EC:28:4A:76:8F:C1:89:88:F3:0A:DC:50:D5:10
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215925.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:bc00::/40
Signature Algorithm: sha256WithRSAEncryption
85:d1:9d:ec:98:81:51:a4:71:31:67:dd:5e:09:b0:1f:6e:04:
e3:43:0c:da:98:fd:d8:b0:41:6b:11:0e:49:c3:2d:8d:23:c2:
9f:e2:29:93:ff:d3:59:30:a3:1a:b4:49:b8:d9:03:c3:b4:d4:
ce:07:f2:5d:34:22:7c:52:d9:33:9d:2f:d4:9c:e1:44:04:3d:
11:8e:32:8a:4f:23:f9:fd:9f:9e:a5:53:aa:e7:3e:59:28:5a:
11:81:06:d5:35:af:bd:1b:f0:ff:3a:34:fc:f2:7a:94:cd:f5:
42:bb:d2:0b:84:d0:b3:0e:9d:2a:36:af:e9:fe:d5:9b:bf:68:
8d:ff:64:71:ab:fd:56:5a:16:d5:8c:42:c9:81:32:da:0b:30:
2d:84:42:f3:5c:f5:25:bd:08:55:97:d6:ca:bd:56:6e:d6:17:
4b:3e:e6:1f:e1:a0:1c:5b:a2:65:87:c7:35:e0:4f:62:32:9b:
b9:c0:b0:02:e8:73:43:8d:6d:9f:09:a6:52:ad:80:3d:21:96:
ce:8c:eb:3d:e7:e4:9a:27:34:72:15:e4:00:2e:47:10:70:32:
52:f9:ca:67:c4:4c:01:1e:1c:c0:f2:be:4f:6c:3a:18:bb:02:
a4:37:8d:54:c6:d8:a9:b0:09:4b:70:7c:58:89:a8:3b:a0:75:
c2:29:99:c7
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUQnG6eYh1Bnlffn9/KzQpubDu8JswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTBaFw0yNDEyMTgxNjIyMTBaMDMxMTAvBgNV
BAMTKEFFRENBQUY1QjE5MEVDMjg0QTc2OEZDMTg5ODhGMzBBREM1MEQ1MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoYIqdYzCoDkpz6LnR4ERpDvq3
m5y+HZlyJa3zTkkXeG8DJ1CAUxRZmqUs68ZlL4Lrknej1Fphh+1Wc+jfOZqNrqIq
6TQK8/zlv2J+lCpjz6iFPU2U5Z9uoyYTa76EkVe6C4p433LBVHdpGAZOK4D7qhl6
9jt6sGdwKWmhM0vefdi47WxvxWD6Mr+81DYpHarwXxE4GkOe9AWib3NOTHNR+l8U
sdYXDkBPkZR7/MVyg2E+QXc68i/mzFaUhn/0w80P0QbSn5Y4uPIjMtf0MJ2VkjQ6
bMf8jq/6sOw8QKFwzOZZFR9HGU+9p0Gz7sTY/T1Pw8M7oTEA8IjgRflm2tYHAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUrtyq9bGQ7ChKdo/BiYjzCtxQ1RAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1OTI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
hbwwDQYJKoZIhvcNAQELBQADggEBAIXRneyYgVGkcTFn3V4JsB9uBONDDNqY/diw
QWsRDknDLY0jwp/iKZP/01kwoxq0SbjZA8O01M4H8l00InxS2TOdL9Sc4UQEPRGO
MopPI/n9n56lU6rnPlkoWhGBBtU1r70b8P86NPzyepTN9UK70guE0LMOnSo2r+n+
1Zu/aI3/ZHGr/VZaFtWMQsmBMtoLMC2EQvNc9SW9CFWX1sq9Vm7WF0s+5h/hoBxb
omWHxzXgT2Iym7nAsALoc0ONbZ8JplKtgD0hls6M6z3n5JonNHIV5AAuRxBwMlL5
ymfETAEeHMDyvk9sOhi7AqQ3jVTG2KmwCUtwfFiJqDugdcIpmcc=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org