Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216132.roa
File: AS216132.roa (raw, json)
Hash identifier: Ts2Zo/aggHHl2PGpKgU4U0ta/02mpQhAZ3WzCYiPIgA=
Subject key identifier: EA:5C:9E:CF:CE:E4:AF:8C:63:48:7F:08:DE:A5:FF:3E:19:A5:E1:AA
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 7D1B76CBA89AD1BD3D52925F57E15D8B5EFB5368
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216132.roa
Signing time: Sat 13 Apr 2024 12:19:18 +0000
ROA not before: Sat 13 Apr 2024 12:14:18 +0000
ROA not after: Sat 12 Apr 2025 12:19:18 +0000
asID: 216132
IP address blocks: 2a13:df80:3817::/48 maxlen: 48
2a13:df87:8000::/38 maxlen: 48
2a13:df87:8000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:1b:76:cb:a8:9a:d1:bd:3d:52:92:5f:57:e1:5d:8b:5e:fb:53:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 13 12:14:18 2024 GMT
Not After : Apr 12 12:19:18 2025 GMT
Subject: CN=EA5C9ECFCEE4AF8C63487F08DEA5FF3E19A5E1AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:11:2e:92:d6:1d:57:bc:f0:67:5e:1a:c3:
86:94:40:f1:d5:cf:d2:c4:7d:7f:df:70:c0:eb:cb:
6e:f0:61:85:c3:04:c4:5b:bb:da:af:2f:0a:5c:f5:
b9:a0:02:71:c1:76:c0:3a:25:0c:4c:00:46:cf:24:
62:32:df:ac:66:a6:e3:59:d6:0c:7d:41:e5:f6:98:
0d:4e:f1:56:24:17:58:9a:ec:d6:07:a6:2d:59:c2:
df:10:d4:04:cb:14:85:31:99:bc:7f:5b:d8:0a:f5:
b5:d3:6b:2f:f4:c5:91:44:da:71:6d:4d:72:91:11:
0d:7f:ed:0f:f1:29:04:11:89:50:aa:ff:65:61:95:
4e:dd:30:87:57:7f:2b:fd:bd:dc:5f:a7:ad:e1:d1:
44:3c:65:9d:40:34:4b:3c:83:83:08:98:4f:39:a9:
49:3b:fe:23:d2:c3:d6:10:7b:e5:68:ee:a0:1b:06:
51:ae:26:a0:56:e0:d4:bc:a7:3b:75:d3:e1:82:54:
78:72:c2:15:93:72:4f:e8:00:89:4b:c1:b2:de:45:
77:e7:2c:19:fb:9a:28:6c:e2:32:3d:b4:2c:0d:3d:
ed:d4:17:54:57:4c:0a:1e:b6:2c:f8:0f:52:bc:64:
64:03:f3:3c:7c:c6:a2:51:08:1e:f4:c7:80:1c:fe:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:5C:9E:CF:CE:E4:AF:8C:63:48:7F:08:DE:A5:FF:3E:19:A5:E1:AA
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3817::/48
2a13:df87:8000::/38
Signature Algorithm: sha256WithRSAEncryption
42:41:4b:44:32:75:80:5a:63:2c:37:8d:af:d1:4c:d3:c8:ac:
4e:af:bc:de:9b:5a:dc:88:13:d2:67:ee:b2:56:aa:aa:7c:0d:
16:ab:b3:99:40:87:a7:6e:b1:0d:78:1e:80:4b:42:85:ed:15:
c7:7e:01:de:05:3f:53:4e:cc:e8:df:cb:aa:2e:d8:b1:f5:b6:
a9:07:1a:7e:02:59:aa:ba:1a:cb:39:a4:09:b6:d5:e2:5f:64:
ed:c6:e3:78:e7:c2:9d:20:40:a4:bb:b3:83:d4:29:3e:87:89:
37:fc:66:12:65:7a:5c:12:ae:e5:77:e9:d9:2b:bc:7e:5d:f0:
cf:cc:36:14:c5:f3:9c:a5:f4:fe:88:7a:74:37:b8:ef:e4:cd:
ec:84:7d:03:ef:f2:60:f3:bb:f9:dc:e9:9c:2c:6a:13:71:cc:
27:da:45:74:97:4e:9d:38:11:2f:ca:e0:1d:61:ce:fe:e0:00:
11:30:54:fa:de:cc:d1:b6:fe:e5:7c:10:8a:bb:23:51:10:74:
c1:29:96:ba:cd:81:7d:41:b5:41:20:9a:cc:0f:1f:c6:5f:ba:
b6:8b:47:66:13:76:2c:f6:17:4c:bf:00:7c:ff:bd:5f:5e:66:
1e:c5:14:b7:f2:8d:51:da:7b:4c:eb:f7:39:f4:0f:99:b2:fd:
57:09:7e:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUfRt2y6ia0b09UpJfV+Fdi177U2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MTMxMjE0MThaFw0yNTA0MTIxMjE5MThaMDMxMTAvBgNV
BAMTKEVBNUM5RUNGQ0VFNEFGOEM2MzQ4N0YwOERFQTVGRjNFMTlBNUUxQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDobhEuktYdV7zwZ14aw4aUQPHV
z9LEfX/fcMDry27wYYXDBMRbu9qvLwpc9bmgAnHBdsA6JQxMAEbPJGIy36xmpuNZ
1gx9QeX2mA1O8VYkF1ia7NYHpi1Zwt8Q1ATLFIUxmbx/W9gK9bXTay/0xZFE2nFt
TXKREQ1/7Q/xKQQRiVCq/2VhlU7dMIdXfyv9vdxfp63h0UQ8ZZ1ANEs8g4MImE85
qUk7/iPSw9YQe+Vo7qAbBlGuJqBW4NS8pzt10+GCVHhywhWTck/oAIlLwbLeRXfn
LBn7mihs4jI9tCwNPe3UF1RXTAoetiz4D1K8ZGQD8zx8xqJRCB70x4Ac/rRnAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU6lyez87kr4xjSH8I3qX/Phml4aowHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MTMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhPf
gDgXAwYCKhPfh4AwDQYJKoZIhvcNAQELBQADggEBAEJBS0QydYBaYyw3ja/RTNPI
rE6vvN6bWtyIE9Jn7rJWqqp8DRars5lAh6dusQ14HoBLQoXtFcd+Ad4FP1NOzOjf
y6ou2LH1tqkHGn4CWaq6Gss5pAm21eJfZO3G43jnwp0gQKS7s4PUKT6HiTf8ZhJl
elwSruV36dkrvH5d8M/MNhTF85yl9P6IenQ3uO/kzeyEfQPv8mDzu/nc6ZwsahNx
zCfaRXSXTp04ES/K4B1hzv7gABEwVPrezNG2/uV8EIq7I1EQdMEplrrNgX1BtUEg
mswPH8ZfuraLR2YTdiz2F0y/AHz/vV9eZh7FFLfyjVHae0zr9zn0D5my/VcJfss=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org