Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215972.roa
File: AS215972.roa (raw, json)
Hash identifier: oY10fanHa9f2tMEKafCucOBhMrqkZYfx0grB1i2lpI0=
Subject key identifier: B7:19:F7:C4:B6:76:D6:56:F4:D5:0E:EF:9B:AF:66:D8:4B:F8:80:57
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 49EAA640BB7F41E14EC90F9E38B9F854218915C5
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215972.roa
Signing time: Wed 20 Dec 2023 16:21:30 +0000
ROA not before: Wed 20 Dec 2023 16:16:30 +0000
ROA not after: Wed 18 Dec 2024 16:21:30 +0000
asID: 215972
IP address blocks: 2a13:df87:3001::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ea:a6:40:bb:7f:41:e1:4e:c9:0f:9e:38:b9:f8:54:21:89:15:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:30 2023 GMT
Not After : Dec 18 16:21:30 2024 GMT
Subject: CN=B719F7C4B676D656F4D50EEF9BAF66D84BF88057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:4c:81:d1:31:31:7d:94:f3:0f:c2:b7:83:
58:44:00:e2:00:b7:b4:8b:f6:42:fc:cc:2f:61:56:
67:47:6f:d8:bd:d0:d1:d4:f7:ba:5b:26:9b:be:fd:
31:be:4c:f5:92:d8:d7:fc:b1:c1:12:77:a2:2b:6a:
57:2b:7e:77:49:cb:df:e2:f9:4e:c1:45:02:b6:2d:
9c:3d:99:a4:48:0c:de:05:d1:31:cf:3d:fa:ad:fe:
ad:ba:09:06:2e:40:1d:41:21:41:47:84:49:5f:5c:
c5:51:57:48:9d:15:91:5a:32:f3:c2:1d:c9:5d:a5:
55:f0:39:0c:64:6c:6c:cc:61:b2:b5:e0:41:67:a9:
70:5e:da:90:0d:d6:4c:13:6b:28:bb:c8:26:ed:35:
d3:64:ea:c6:1b:12:50:4d:28:28:41:32:c9:09:10:
cc:c7:e4:f6:9f:05:e3:6b:95:84:55:76:c7:f8:85:
7e:75:de:cd:32:d1:68:55:3e:23:77:d3:6a:79:8d:
ec:be:5a:96:2b:d3:c9:03:15:ee:f3:a5:ce:52:c6:
7b:28:56:40:27:da:9e:41:87:08:71:2d:e9:f8:6b:
65:d5:14:ff:d4:41:95:95:e2:8c:b9:aa:ad:a8:ab:
0c:ad:5e:24:1a:ce:5e:c4:48:3a:ff:bd:99:a9:fd:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:19:F7:C4:B6:76:D6:56:F4:D5:0E:EF:9B:AF:66:D8:4B:F8:80:57
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215972.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:3001::/48
Signature Algorithm: sha256WithRSAEncryption
02:fd:99:a2:64:60:59:a5:31:ed:19:66:bd:e8:c4:eb:a5:eb:
c3:57:28:89:32:70:8d:7b:23:6e:88:3c:e7:c4:7b:e3:ed:f1:
a9:b9:b1:7c:9a:1d:53:0c:ed:2d:f5:21:3d:ed:50:87:81:de:
18:f7:c9:5b:23:43:67:ec:b3:5c:e1:47:5d:b1:01:57:0a:09:
31:cf:82:c8:91:ac:82:1b:b8:0d:0a:85:ee:1e:d2:35:01:dd:
d6:ef:d4:a1:e7:13:ad:36:81:0c:05:df:8a:6c:fd:57:24:5b:
9e:19:49:c6:2e:1d:b4:e4:76:4a:0e:82:fc:a1:44:79:15:c1:
b3:d4:68:9e:39:00:66:b2:cc:96:d7:30:9f:b6:8d:3c:47:0c:
14:cd:83:32:68:ae:24:41:91:ac:cd:f3:46:8d:3f:9b:70:ce:
97:08:4e:06:f5:73:5f:98:ad:06:45:23:b3:b8:27:dc:85:17:
23:01:b5:9f:2b:33:1d:fd:f5:94:c7:5a:d8:a0:06:e3:8c:27:
a0:ae:43:41:bb:7a:66:0c:ef:57:3f:47:78:df:02:40:77:e1:
36:72:ff:1e:ce:b4:fc:9b:1e:26:82:84:8c:a4:d8:b1:2f:11:
39:e6:20:68:ec:e3:13:20:88:ff:85:e2:b3:e2:86:17:1e:28:
4b:cd:f1:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUSeqmQLt/QeFOyQ+eOLn4VCGJFcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MzBaFw0yNDEyMTgxNjIxMzBaMDMxMTAvBgNV
BAMTKEI3MTlGN0M0QjY3NkQ2NTZGNEQ1MEVFRjlCQUY2NkQ4NEJGODgwNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwtEyB0TExfZTzD8K3g1hEAOIA
t7SL9kL8zC9hVmdHb9i90NHU97pbJpu+/TG+TPWS2Nf8scESd6IralcrfndJy9/i
+U7BRQK2LZw9maRIDN4F0THPPfqt/q26CQYuQB1BIUFHhElfXMVRV0idFZFaMvPC
HcldpVXwOQxkbGzMYbK14EFnqXBe2pAN1kwTayi7yCbtNdNk6sYbElBNKChBMskJ
EMzH5PafBeNrlYRVdsf4hX513s0y0WhVPiN302p5jey+WpYr08kDFe7zpc5Sxnso
VkAn2p5BhwhxLen4a2XVFP/UQZWV4oy5qq2oqwytXiQazl7ESDr/vZmp/fozAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUtxn3xLZ21lb01Q7vm69m2Ev4gFcwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1OTcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
hzABMA0GCSqGSIb3DQEBCwUAA4IBAQAC/ZmiZGBZpTHtGWa96MTrpevDVyiJMnCN
eyNuiDznxHvj7fGpubF8mh1TDO0t9SE97VCHgd4Y98lbI0Nn7LNc4UddsQFXCgkx
z4LIkayCG7gNCoXuHtI1Ad3W79Sh5xOtNoEMBd+KbP1XJFueGUnGLh205HZKDoL8
oUR5FcGz1GieOQBmssyW1zCfto08RwwUzYMyaK4kQZGszfNGjT+bcM6XCE4G9XNf
mK0GRSOzuCfchRcjAbWfKzMd/fWUx1rYoAbjjCegrkNBu3pmDO9XP0d43wJAd+E2
cv8ezrT8mx4mgoSMpNixLxE55iBo7OMTIIj/heKz4oYXHihLzfGu
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org