Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215978.roa
File: AS215978.roa (raw, json)
Hash identifier: r0XAEgnt2sA6bisMsNTdipP4t5wWT2C2E6R97Cgej5Q=
Subject key identifier: 2A:CC:57:8A:45:CD:3B:4A:B8:46:36:5D:DE:D9:E6:47:F5:F9:BA:A8
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4A2B83CF4DF7699CFE474261C05066B8835BD0AC
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215978.roa
Signing time: Thu 11 Jan 2024 18:08:40 +0000
ROA not before: Thu 11 Jan 2024 18:03:40 +0000
ROA not after: Thu 09 Jan 2025 18:08:40 +0000
asID: 215978
IP address blocks: 2a13:df80:6811::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:2b:83:cf:4d:f7:69:9c:fe:47:42:61:c0:50:66:b8:83:5b:d0:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Jan 11 18:03:40 2024 GMT
Not After : Jan 9 18:08:40 2025 GMT
Subject: CN=2ACC578A45CD3B4AB846365DDED9E647F5F9BAA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:0d:8a:27:b3:96:fa:3a:f6:eb:f9:6e:ee:
87:71:a3:53:47:e2:0b:87:66:3e:dc:8f:67:3c:c6:
69:b5:b8:31:33:73:b7:0d:a8:d9:77:b0:c8:0d:6d:
b2:b0:54:5c:24:d9:0b:81:c4:49:d2:ed:28:6e:19:
1c:e9:bd:23:b5:41:33:7a:0d:22:f5:0d:6f:68:c5:
82:a2:85:9c:19:b4:f7:c8:c1:c5:ff:6a:e5:66:65:
a1:b8:51:37:04:9c:b2:13:66:26:03:89:f9:dc:f6:
16:73:dc:68:a9:62:f5:d1:67:76:58:f7:f2:3d:c5:
81:cd:db:95:e9:09:d0:78:ad:46:f3:a4:30:3d:ef:
1d:bd:57:97:fd:c4:77:6a:94:11:41:ae:a0:ee:52:
3a:e3:c9:b7:f1:8b:0e:1d:50:49:cd:f1:c0:7d:13:
dd:0f:bb:cc:46:b1:79:20:6e:cd:33:8d:0c:15:7e:
27:f7:20:d3:1d:a5:2a:cf:7e:a4:92:98:4c:a8:fb:
56:ac:83:e6:36:bc:50:24:9a:30:aa:56:0f:e2:02:
17:a1:7c:6d:d5:11:a3:26:2f:2c:da:02:b5:42:2d:
f9:43:5c:cf:1c:df:37:ce:05:7e:2d:53:3e:6e:10:
e2:a5:23:f5:7e:f9:1d:9f:25:2c:dc:39:7c:c0:5e:
ce:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CC:57:8A:45:CD:3B:4A:B8:46:36:5D:DE:D9:E6:47:F5:F9:BA:A8
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215978.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:6811::/48
Signature Algorithm: sha256WithRSAEncryption
3f:f5:b6:eb:ba:3d:a9:f4:e5:bf:0a:5a:1d:79:6e:a5:e3:5e:
14:10:af:65:60:d0:43:15:dc:03:9f:42:f6:39:17:9f:67:44:
fe:d1:03:2d:ef:5c:ff:74:5d:93:36:70:7a:d2:a4:00:77:2e:
4d:c8:5f:91:68:2d:93:d6:e4:75:21:30:75:ca:8d:4b:ca:3f:
d8:ac:9c:0e:f7:40:a9:43:94:4d:de:00:88:d6:a4:30:80:6b:
64:ea:2a:09:a5:92:c6:e5:8c:83:20:bf:09:89:ff:58:e3:f6:
15:6f:bf:89:54:71:cf:f1:26:3e:17:68:77:71:7b:8f:d0:97:
29:09:4a:7c:03:7f:14:7d:e7:0c:f1:16:8b:7a:44:4c:4b:9d:
c1:18:c1:18:02:cb:9b:5c:23:b5:e0:5d:bf:65:b2:fd:4a:fb:
14:63:b8:cd:d3:be:fb:8f:43:12:bb:76:84:67:5f:1c:ed:4d:
d2:19:87:10:01:c2:3e:32:1c:7a:ee:46:4c:70:15:ae:15:cf:
53:0f:ba:64:dd:43:b0:58:40:35:ba:27:0e:cb:e3:e6:b9:00:
64:5d:80:7a:a1:1c:dd:61:89:2f:40:f4:20:e2:e1:0e:35:ba:
3b:fe:11:fc:48:62:53:37:1f:f0:ed:1d:a6:c5:6c:7d:c4:ac:
21:07:82:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUSiuDz033aZz+R0JhwFBmuINb0KwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAxMTExODAzNDBaFw0yNTAxMDkxODA4NDBaMDMxMTAvBgNV
BAMTKDJBQ0M1NzhBNDVDRDNCNEFCODQ2MzY1RERFRDlFNjQ3RjVGOUJBQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkkg2KJ7OW+jr26/lu7odxo1NH
4guHZj7cj2c8xmm1uDEzc7cNqNl3sMgNbbKwVFwk2QuBxEnS7ShuGRzpvSO1QTN6
DSL1DW9oxYKihZwZtPfIwcX/auVmZaG4UTcEnLITZiYDifnc9hZz3GipYvXRZ3ZY
9/I9xYHN25XpCdB4rUbzpDA97x29V5f9xHdqlBFBrqDuUjrjybfxiw4dUEnN8cB9
E90Pu8xGsXkgbs0zjQwVfif3INMdpSrPfqSSmEyo+1asg+Y2vFAkmjCqVg/iAheh
fG3VEaMmLyzaArVCLflDXM8c3zfOBX4tUz5uEOKlI/V++R2fJSzcOXzAXs6dAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUKsxXikXNO0q4RjZd3tnmR/X5uqgwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1OTc4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gGgRMA0GCSqGSIb3DQEBCwUAA4IBAQA/9bbruj2p9OW/ClodeW6l414UEK9lYNBD
FdwDn0L2ORefZ0T+0QMt71z/dF2TNnB60qQAdy5NyF+RaC2T1uR1ITB1yo1Lyj/Y
rJwO90CpQ5RN3gCI1qQwgGtk6ioJpZLG5YyDIL8Jif9Y4/YVb7+JVHHP8SY+F2h3
cXuP0JcpCUp8A38UfecM8RaLekRMS53BGMEYAsubXCO14F2/ZbL9SvsUY7jN0777
j0MSu3aEZ18c7U3SGYcQAcI+Mhx67kZMcBWuFc9TD7pk3UOwWEA1uicOy+PmuQBk
XYB6oRzdYYkvQPQg4uEONbo7/hH8SGJTNx/w7R2mxWx9xKwhB4Kx
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org