Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216265.roa
File: AS216265.roa (raw, json)
Hash identifier: 3JmQ5LUXsxsCNIBrM/tXjDeFkhtf4BADZgrMexx/MKc=
Subject key identifier: 6E:30:EC:C0:09:11:C3:24:03:D7:43:96:85:5B:AB:F0:94:E7:3D:DF
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 26837B2E1998FDE6CF00D1673A92DC2FBE53AC83
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216265.roa
Signing time: Sat 30 Dec 2023 19:23:20 +0000
ROA not before: Sat 30 Dec 2023 19:18:20 +0000
ROA not after: Sat 28 Dec 2024 19:23:20 +0000
asID: 216265
IP address blocks: 2a13:df80:5800::/48 maxlen: 48
2a13:df80:5802::/48 maxlen: 48
2a13:df80:5803::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:83:7b:2e:19:98:fd:e6:cf:00:d1:67:3a:92:dc:2f:be:53:ac:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 30 19:18:20 2023 GMT
Not After : Dec 28 19:23:20 2024 GMT
Subject: CN=6E30ECC00911C32403D74396855BABF094E73DDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ec:1d:93:53:9c:6f:25:ec:ab:1a:ee:7f:1d:
e5:3b:6b:42:8c:ff:8c:9e:3a:e5:e4:a2:ea:70:76:
f7:37:87:94:4c:36:ff:e1:49:dd:5c:d2:0d:c1:d6:
60:26:a1:ed:ab:cb:68:14:0b:60:36:9c:ba:2e:b0:
3d:87:55:0c:e8:71:58:f4:8b:a6:0e:82:f5:5a:aa:
89:66:29:33:e8:8a:8e:5f:ed:12:3c:35:78:dd:0f:
87:49:dc:86:32:55:7b:c2:fc:57:05:1e:7e:f6:7a:
ac:47:f5:b7:43:ac:30:13:cb:77:6e:f3:15:f5:9f:
40:31:24:42:bb:5a:b9:49:11:f7:47:a8:af:6e:07:
d4:20:d8:77:e1:d7:e1:5a:c1:b7:24:de:fd:58:bd:
f7:d4:4b:d4:a3:99:c4:00:b9:1c:b2:2c:0c:ce:c0:
b5:41:20:34:a3:e9:b0:6e:60:45:e6:68:bd:a7:c6:
5b:64:2b:ff:c2:d8:92:d0:74:df:4f:7d:e8:ae:7e:
7b:f7:25:89:65:dc:8f:36:98:2b:a5:78:2d:4b:7c:
1b:8b:8a:58:05:e0:2f:5c:b2:b4:18:12:50:77:24:
cf:f9:70:6b:c1:cc:15:0b:7e:67:54:16:d8:94:f2:
e4:c7:cc:c1:2c:ae:e4:48:9f:d2:73:f1:d2:21:57:
97:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:30:EC:C0:09:11:C3:24:03:D7:43:96:85:5B:AB:F0:94:E7:3D:DF
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216265.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:5800::/48
2a13:df80:5802::/47
Signature Algorithm: sha256WithRSAEncryption
8c:da:bc:1d:1d:cd:17:24:ed:32:63:e7:43:63:33:f5:65:af:
48:89:4a:9f:bb:c4:0c:2d:33:45:eb:95:a8:9a:e2:6a:ff:e2:
f9:cc:1d:6f:bf:70:a8:8f:1b:70:62:54:ee:28:31:cf:00:62:
78:a3:89:d7:7d:47:71:cf:9e:24:48:84:79:71:b3:e6:29:20:
28:5d:43:04:0c:b6:0d:4e:51:7b:b9:21:a3:74:e3:06:46:a9:
dc:77:4b:b7:e9:f7:0a:3a:75:2c:02:34:7b:22:39:86:f8:8a:
90:b9:1b:4f:c7:5d:27:5c:1b:a7:d8:c4:ac:e0:7d:30:c4:3f:
df:5a:29:7a:a4:a0:ff:55:1c:df:cf:8f:55:a5:10:cd:de:bd:
9a:dc:16:d7:aa:69:0f:e3:b2:61:14:ef:02:fb:29:38:ec:54:
8f:68:de:d1:9a:bb:79:c2:a2:d5:ba:26:a0:11:35:46:38:00:
0b:c1:df:47:6b:57:6f:52:5c:39:0b:19:c0:74:b6:66:b1:53:
0e:74:70:f8:b6:fb:70:12:8d:b0:87:e8:24:03:5a:f7:c0:dd:
58:93:bd:92:a4:cc:c1:ac:fa:26:6d:b4:74:e5:ea:b1:76:eb:
85:56:78:21:f0:94:4c:4a:dc:6a:05:4d:5f:e3:9a:f2:c9:d9:
26:79:81:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUJoN7LhmY/ebPANFnOpLcL75TrIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMzAxOTE4MjBaFw0yNDEyMjgxOTIzMjBaMDMxMTAvBgNV
BAMTKDZFMzBFQ0MwMDkxMUMzMjQwM0Q3NDM5Njg1NUJBQkYwOTRFNzNEREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC77B2TU5xvJeyrGu5/HeU7a0KM
/4yeOuXkoupwdvc3h5RMNv/hSd1c0g3B1mAmoe2ry2gUC2A2nLousD2HVQzocVj0
i6YOgvVaqolmKTPoio5f7RI8NXjdD4dJ3IYyVXvC/FcFHn72eqxH9bdDrDATy3du
8xX1n0AxJEK7WrlJEfdHqK9uB9Qg2Hfh1+Fawbck3v1YvffUS9SjmcQAuRyyLAzO
wLVBIDSj6bBuYEXmaL2nxltkK//C2JLQdN9Pfeiufnv3JYll3I82mCuleC1LfBuL
ilgF4C9csrQYElB3JM/5cGvBzBULfmdUFtiU8uTHzMEsruRIn9Jz8dIhV5f5AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUbjDswAkRwyQD10OWhVur8JTnPd8wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MjY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhPf
gFgAAwcBKhPfgFgCMA0GCSqGSIb3DQEBCwUAA4IBAQCM2rwdHc0XJO0yY+dDYzP1
Za9IiUqfu8QMLTNF65WomuJq/+L5zB1vv3CojxtwYlTuKDHPAGJ4o4nXfUdxz54k
SIR5cbPmKSAoXUMEDLYNTlF7uSGjdOMGRqncd0u36fcKOnUsAjR7IjmG+IqQuRtP
x10nXBun2MSs4H0wxD/fWil6pKD/VRzfz49VpRDN3r2a3BbXqmkP47JhFO8C+yk4
7FSPaN7Rmrt5wqLVuiagETVGOAALwd9Ha1dvUlw5CxnAdLZmsVMOdHD4tvtwEo2w
h+gkA1r3wN1Yk72SpMzBrPombbR05eqxduuFVngh8JRMStxqBU1f45ryydkmeYGM
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org