Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216290.roa
File: AS216290.roa (raw, json)
Hash identifier: qa70LZR8qPU2dREVnqy3gQYaKaLCsgLMtmGdn+SfMT0=
Subject key identifier: 6C:F4:22:AD:BD:C5:97:81:7F:F2:1A:2D:05:F8:C3:73:1C:A4:D4:B5
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0BBFB6CCC915D4E2A855781D7B16662BBFA37CEA
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216290.roa
Signing time: Wed 20 Dec 2023 16:21:59 +0000
ROA not before: Wed 20 Dec 2023 16:16:59 +0000
ROA not after: Wed 18 Dec 2024 16:21:59 +0000
asID: 216290
IP address blocks: 2a13:df80:1290::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:bf:b6:cc:c9:15:d4:e2:a8:55:78:1d:7b:16:66:2b:bf:a3:7c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:59 2023 GMT
Not After : Dec 18 16:21:59 2024 GMT
Subject: CN=6CF422ADBDC597817FF21A2D05F8C3731CA4D4B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d4:93:f7:15:4b:1c:16:fc:4e:41:68:59:7e:
34:92:10:18:27:11:ab:4d:5b:96:55:af:88:7f:a0:
27:58:e6:9a:cd:f2:15:42:e5:a3:11:9e:b3:cd:0c:
88:69:e9:ec:26:3e:dd:bb:a1:39:cb:c1:5b:6b:21:
9d:4d:7a:79:2d:9d:fb:d9:77:32:12:1c:05:3c:fb:
4f:74:28:30:e5:8b:cc:1a:a9:47:88:3d:f1:9f:29:
9b:58:e7:5e:fa:44:79:b8:69:0b:d0:0c:1d:7b:f7:
62:66:66:a9:ba:0e:29:15:46:54:32:99:9c:87:98:
65:c8:14:2a:e3:40:79:9a:48:80:9e:35:af:42:7a:
6b:8c:04:cc:2c:50:e6:12:d3:a8:77:a1:91:7a:1e:
ca:a9:75:d2:f9:cf:45:8b:7d:23:cb:4c:60:82:b2:
d5:c7:45:b1:6d:52:53:c6:1e:c0:6b:1c:2a:7f:53:
ac:14:48:7e:6c:16:e1:ec:04:ab:f1:02:b6:4d:60:
8b:dd:1b:ef:8b:be:d5:7a:31:76:26:ec:99:18:61:
e8:0f:cd:68:b3:ec:c8:7d:46:6c:e3:69:9f:1f:13:
0f:a6:e2:d3:a2:7f:f0:83:4d:e5:44:fc:ba:48:7d:
e9:b7:7f:43:86:8d:f7:a0:c5:b4:d1:09:7c:78:7a:
b7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F4:22:AD:BD:C5:97:81:7F:F2:1A:2D:05:F8:C3:73:1C:A4:D4:B5
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216290.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1290::/44
Signature Algorithm: sha256WithRSAEncryption
4e:9b:75:9b:6d:cb:4a:d8:e7:23:d1:f8:3c:4c:23:3b:80:a5:
03:a0:b2:b7:83:32:67:94:ae:6d:f9:a3:27:2c:f2:31:9e:11:
09:c5:67:14:8b:0a:98:25:4d:d0:a3:ee:73:b8:0d:90:ee:63:
19:4b:be:f1:b3:85:53:79:79:40:93:61:a4:04:60:e0:14:a8:
bf:49:66:f7:69:78:34:c9:d9:ed:88:d9:7e:b8:b8:5f:24:2b:
56:95:8b:40:50:53:82:98:2f:d7:9d:b7:15:ea:8b:d0:31:83:
49:8f:f3:91:54:bd:4b:19:4d:01:af:18:77:38:16:83:81:05:
09:7d:80:3c:66:52:57:c3:f3:c6:7c:6c:65:23:c7:6e:f3:9b:
04:37:5a:a0:f6:9b:e6:c7:0e:f5:39:e7:5a:94:64:57:35:0f:
82:62:f7:b2:82:25:c2:32:6d:10:05:38:50:d0:c2:37:95:73:
d4:6a:9b:03:03:51:7f:8b:57:4b:b3:b7:7e:64:e7:a8:ad:02:
31:25:e9:14:8d:7d:33:9e:06:24:0c:d4:6e:74:6f:c2:df:30:
76:ea:49:43:2f:04:da:f9:8d:b1:db:94:b4:4b:3e:ee:bb:69:
ee:68:a9:0b:37:32:69:67:4c:24:f3:7c:25:cb:b5:24:31:69:
3d:79:e9:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUC7+2zMkV1OKoVXgdexZmK7+jfOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTlaFw0yNDEyMTgxNjIxNTlaMDMxMTAvBgNV
BAMTKDZDRjQyMkFEQkRDNTk3ODE3RkYyMUEyRDA1RjhDMzczMUNBNEQ0QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh1JP3FUscFvxOQWhZfjSSEBgn
EatNW5ZVr4h/oCdY5prN8hVC5aMRnrPNDIhp6ewmPt27oTnLwVtrIZ1NenktnfvZ
dzISHAU8+090KDDli8waqUeIPfGfKZtY5176RHm4aQvQDB1792JmZqm6DikVRlQy
mZyHmGXIFCrjQHmaSICeNa9CemuMBMwsUOYS06h3oZF6HsqpddL5z0WLfSPLTGCC
stXHRbFtUlPGHsBrHCp/U6wUSH5sFuHsBKvxArZNYIvdG++LvtV6MXYm7JkYYegP
zWiz7Mh9RmzjaZ8fEw+m4tOif/CDTeVE/LpIfem3f0OGjfegxbTRCXx4erdRAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbPQirb3Fl4F/8hotBfjDcxyk1LUwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MjkwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gBKQMA0GCSqGSIb3DQEBCwUAA4IBAQBOm3WbbctK2Ocj0fg8TCM7gKUDoLK3gzJn
lK5t+aMnLPIxnhEJxWcUiwqYJU3Qo+5zuA2Q7mMZS77xs4VTeXlAk2GkBGDgFKi/
SWb3aXg0ydntiNl+uLhfJCtWlYtAUFOCmC/XnbcV6ovQMYNJj/ORVL1LGU0Brxh3
OBaDgQUJfYA8ZlJXw/PGfGxlI8du85sEN1qg9pvmxw71OedalGRXNQ+CYveygiXC
Mm0QBThQ0MI3lXPUapsDA1F/i1dLs7d+ZOeorQIxJekUjX0zngYkDNRudG/C3zB2
6klDLwTa+Y2x25S0Sz7uu2nuaKkLNzJpZ0wk83wly7UkMWk9eemp
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org