Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216320.roa
File: AS216320.roa (raw, json)
Hash identifier: vdtvOjpaOuP4/W6DA5tdjHQxYn2CD7vhGrpxyvQ82q4=
Subject key identifier: 00:95:FD:47:5E:2D:AF:CE:75:7E:72:16:13:D7:A0:D9:DB:AF:0F:72
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 61D175D2DA92E23376C49F893EA156F6C8BAB607
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216320.roa
Signing time: Wed 20 Dec 2023 16:22:19 +0000
ROA not before: Wed 20 Dec 2023 16:17:19 +0000
ROA not after: Wed 18 Dec 2024 16:22:19 +0000
asID: 216320
IP address blocks: 2a13:df80:3815::/48 maxlen: 48
2a13:df80:6805::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d1:75:d2:da:92:e2:33:76:c4:9f:89:3e:a1:56:f6:c8:ba:b6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:19 2023 GMT
Not After : Dec 18 16:22:19 2024 GMT
Subject: CN=0095FD475E2DAFCE757E721613D7A0D9DBAF0F72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:55:d6:0c:8a:ab:f1:ad:23:43:b2:ff:bc:
2b:08:d9:a0:5f:b6:3f:e0:95:02:ce:05:91:56:97:
ab:9a:71:1b:03:77:b8:e4:43:5c:a5:71:3f:0d:2c:
15:4a:6a:e0:2c:34:b8:e3:bd:c4:f9:4f:49:15:6a:
c4:76:eb:7b:78:1f:ee:d1:3d:86:28:de:f8:ad:9c:
9f:6d:38:38:74:38:fc:ac:41:ec:cc:bf:06:f3:26:
1d:f3:d2:0a:96:ae:eb:ea:83:ec:77:c9:b5:05:52:
3a:aa:85:9a:ef:95:72:be:b0:d9:ae:4e:6c:b6:e3:
11:59:32:b2:0b:8b:8f:d2:49:63:ee:c3:96:35:b9:
97:fd:c1:90:48:48:96:91:ea:df:e3:5d:9e:85:1e:
62:07:e4:4b:3b:b2:51:15:05:ce:c2:f1:c0:e7:11:
99:21:e3:a9:91:00:e0:57:47:ae:ab:dd:3f:30:42:
9a:07:19:41:79:68:43:34:c1:14:7f:8d:96:57:df:
5b:8a:a8:23:c6:e5:96:62:ed:00:30:cd:aa:dc:71:
0e:bc:ee:99:fd:d4:84:cd:0b:56:d2:d0:ca:07:f9:
ab:c7:c7:3f:e1:1e:67:58:ce:5e:79:05:fa:21:93:
54:1a:32:b4:9c:1a:0c:76:91:97:69:2b:05:58:c8:
a9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:95:FD:47:5E:2D:AF:CE:75:7E:72:16:13:D7:A0:D9:DB:AF:0F:72
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3815::/48
2a13:df80:6805::/48
Signature Algorithm: sha256WithRSAEncryption
3c:5f:a0:d8:f4:61:4d:d8:08:89:bf:60:d2:02:3d:f3:59:4f:
56:e7:2b:b9:bd:07:eb:b3:50:3e:49:76:59:e8:9d:18:50:9b:
61:6c:71:c6:9b:a3:e1:d5:7b:85:c5:54:83:2d:86:56:ad:82:
48:e8:0a:30:ad:a4:4c:7d:2c:bf:09:1d:f6:3c:bd:ea:af:64:
14:90:1f:2e:7d:95:80:ca:f0:61:c7:dc:ba:3a:3a:aa:1e:97:
a7:0b:99:c8:6c:6a:f0:72:e6:8c:be:67:03:98:f9:41:1f:96:
a0:54:19:21:68:cf:31:e7:23:4d:27:b2:95:c7:9f:8a:4c:e6:
55:6c:dd:18:e1:38:5d:31:fd:a5:61:ad:ef:4c:ab:b5:ab:58:
2c:04:c0:79:19:46:2f:4c:a6:d1:cb:2d:f2:e4:cb:16:a9:da:
53:ea:63:de:0e:0f:bb:9f:23:49:63:33:34:91:48:27:2a:a3:
70:f5:71:23:9b:3a:09:7d:27:36:d8:52:ec:0e:20:d5:e4:2e:
75:47:b1:ea:29:90:6d:ff:96:d8:de:c6:d4:25:48:cf:9b:98:
db:a5:bd:2c:2d:c4:37:e8:e3:5b:a9:3b:b2:e9:54:ee:6a:77:
5d:c0:f1:f4:15:84:c1:a2:ba:a8:f3:89:c9:6a:83:1c:0c:e5:
1f:e2:a1:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUYdF10tqS4jN2xJ+JPqFW9si6tgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTlaFw0yNDEyMTgxNjIyMTlaMDMxMTAvBgNV
BAMTKDAwOTVGRDQ3NUUyREFGQ0U3NTdFNzIxNjEzRDdBMEQ5REJBRjBGNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIrlXWDIqr8a0jQ7L/vCsI2aBf
tj/glQLOBZFWl6uacRsDd7jkQ1ylcT8NLBVKauAsNLjjvcT5T0kVasR263t4H+7R
PYYo3vitnJ9tODh0OPysQezMvwbzJh3z0gqWruvqg+x3ybUFUjqqhZrvlXK+sNmu
Tmy24xFZMrILi4/SSWPuw5Y1uZf9wZBISJaR6t/jXZ6FHmIH5Es7slEVBc7C8cDn
EZkh46mRAOBXR66r3T8wQpoHGUF5aEM0wRR/jZZX31uKqCPG5ZZi7QAwzarccQ68
7pn91ITNC1bS0MoH+avHxz/hHmdYzl55Bfohk1QaMrScGgx2kZdpKwVYyKlDAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUAJX9R14tr851fnIWE9eg2duvD3IwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MzIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhPf
gDgVAwcAKhPfgGgFMA0GCSqGSIb3DQEBCwUAA4IBAQA8X6DY9GFN2AiJv2DSAj3z
WU9W5yu5vQfrs1A+SXZZ6J0YUJthbHHGm6Ph1XuFxVSDLYZWrYJI6AowraRMfSy/
CR32PL3qr2QUkB8ufZWAyvBhx9y6OjqqHpenC5nIbGrwcuaMvmcDmPlBH5agVBkh
aM8x5yNNJ7KVx5+KTOZVbN0Y4ThdMf2lYa3vTKu1q1gsBMB5GUYvTKbRyy3y5MsW
qdpT6mPeDg+7nyNJYzM0kUgnKqNw9XEjmzoJfSc22FLsDiDV5C51R7HqKZBt/5bY
3sbUJUjPm5jbpb0sLcQ36ONbqTuy6VTuanddwPH0FYTBorqo84nJaoMcDOUf4qGf
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org