Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216342.roa
File: AS216342.roa (raw, json)
Hash identifier: IlsU3fP93Z2kHD91NySRnMncXTHe+Ni1NCXz317zmvY=
Subject key identifier: 36:C7:7B:C3:AB:6C:89:2C:44:4F:CA:F4:0E:4D:9C:80:81:86:3C:19
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 1BE6A28901585F3DFD085501A90A3E765DD1A67B
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216342.roa
Signing time: Wed 20 Dec 2023 16:21:55 +0000
ROA not before: Wed 20 Dec 2023 16:16:55 +0000
ROA not after: Wed 18 Dec 2024 16:21:55 +0000
asID: 216342
IP address blocks: 2a13:df80:3809::/48 maxlen: 48
2a13:df85:be00::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:e6:a2:89:01:58:5f:3d:fd:08:55:01:a9:0a:3e:76:5d:d1:a6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:55 2023 GMT
Not After : Dec 18 16:21:55 2024 GMT
Subject: CN=36C77BC3AB6C892C444FCAF40E4D9C8081863C19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d8:c6:27:b6:1e:87:ec:d9:9f:f8:d5:5c:11:
a1:8b:31:6a:f2:aa:fa:65:07:5f:f4:d4:e8:f5:96:
72:4f:c9:ce:22:6a:4c:33:48:0b:33:b2:8d:d5:a4:
39:a9:93:a4:01:1b:7a:7b:d9:a0:6d:8c:df:dc:71:
e1:cf:f3:60:5f:3d:1c:2f:99:4f:60:6d:d0:bf:6b:
35:b8:92:5e:95:44:ad:8e:46:65:dc:60:27:42:37:
b6:6e:4f:88:28:52:a4:50:47:5f:e0:46:5e:6a:7c:
82:da:0d:71:6c:6e:63:b3:2f:ec:65:12:24:aa:f6:
e6:6e:f4:d5:e2:b3:ed:8f:ca:83:55:a9:bb:9b:6a:
b2:20:57:79:b4:ca:a0:dc:e1:f7:5f:fb:b7:50:b4:
fd:43:7d:f4:c2:5b:78:0a:5a:54:26:a8:5f:21:95:
83:82:f9:45:e7:64:31:fc:4b:d2:2c:35:cd:7c:d4:
95:86:96:45:6b:f4:9d:89:53:bb:23:87:83:1f:c9:
8b:67:49:c9:22:9c:7b:75:10:8a:b2:b1:ba:13:c6:
a5:6a:81:7a:20:fe:cc:a4:e2:09:85:2b:36:81:40:
27:3d:59:99:5e:5c:a2:e8:86:04:60:17:a2:ab:8a:
df:e3:23:cb:4f:d2:8d:0b:a4:bc:1b:0c:12:7c:75:
a7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C7:7B:C3:AB:6C:89:2C:44:4F:CA:F4:0E:4D:9C:80:81:86:3C:19
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216342.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3809::/48
2a13:df85:be00::/40
Signature Algorithm: sha256WithRSAEncryption
6b:fd:98:5b:24:67:e9:19:86:fe:55:1c:1d:1c:0a:f9:ab:c1:
9c:d0:ba:5d:e3:ca:90:2f:1f:63:96:79:2c:2d:db:55:9b:8c:
76:f7:82:0a:8f:bc:33:f9:e5:03:77:fe:7f:f8:be:c0:b5:05:
40:f3:21:c9:aa:59:53:41:2d:03:cc:7e:95:1c:28:81:62:bc:
5a:af:a4:13:c3:be:97:d5:3c:a6:63:b1:f7:8d:67:e5:3d:27:
14:f4:a4:fd:f0:cb:3f:d4:27:7f:b7:3a:59:62:5b:43:1d:46:
bc:2a:74:d3:4a:0c:62:21:2f:a2:3f:8b:0f:c5:97:cc:a2:39:
1c:13:81:cc:81:9a:4a:cd:ba:18:ed:b3:81:bb:04:89:06:53:
3c:b2:f9:4d:f1:80:e6:3f:58:38:2f:0f:33:32:4e:ba:9d:8c:
8f:4d:f7:12:93:53:5d:1e:00:2d:7c:d9:c8:fc:f3:9e:10:1f:
20:06:8f:f4:46:fa:b0:27:08:df:9b:64:bc:05:e4:6a:67:f0:
11:7d:a1:91:96:43:ae:10:cb:81:85:02:14:14:f1:aa:bd:ca:
1c:58:9b:50:1e:d7:b1:6d:81:22:3a:47:06:a1:3a:fc:9d:7d:
89:49:ea:af:91:34:cc:da:22:4e:9c:95:62:8e:bc:f5:b6:d3:
fa:bf:0a:d1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUG+aiiQFYXz39CFUBqQo+dl3RpnswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTVaFw0yNDEyMTgxNjIxNTVaMDMxMTAvBgNV
BAMTKDM2Qzc3QkMzQUI2Qzg5MkM0NDRGQ0FGNDBFNEQ5QzgwODE4NjNDMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz2MYnth6H7Nmf+NVcEaGLMWry
qvplB1/01Oj1lnJPyc4iakwzSAszso3VpDmpk6QBG3p72aBtjN/cceHP82BfPRwv
mU9gbdC/azW4kl6VRK2ORmXcYCdCN7ZuT4goUqRQR1/gRl5qfILaDXFsbmOzL+xl
EiSq9uZu9NXis+2PyoNVqbubarIgV3m0yqDc4fdf+7dQtP1DffTCW3gKWlQmqF8h
lYOC+UXnZDH8S9IsNc181JWGlkVr9J2JU7sjh4MfyYtnSckinHt1EIqysboTxqVq
gXog/syk4gmFKzaBQCc9WZleXKLohgRgF6Krit/jI8tP0o0LpLwbDBJ8dadlAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUNsd7w6tsiSxET8r0Dk2cgIGGPBkwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MzQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhPf
gDgJAwYAKhPfhb4wDQYJKoZIhvcNAQELBQADggEBAGv9mFskZ+kZhv5VHB0cCvmr
wZzQul3jypAvH2OWeSwt21WbjHb3ggqPvDP55QN3/n/4vsC1BUDzIcmqWVNBLQPM
fpUcKIFivFqvpBPDvpfVPKZjsfeNZ+U9JxT0pP3wyz/UJ3+3OlliW0MdRrwqdNNK
DGIhL6I/iw/Fl8yiORwTgcyBmkrNuhjts4G7BIkGUzyy+U3xgOY/WDgvDzMyTrqd
jI9N9xKTU10eAC182cj8854QHyAGj/RG+rAnCN+bZLwF5Gpn8BF9oZGWQ64Qy4GF
AhQU8aq9yhxYm1Ae17FtgSI6RwahOvydfYlJ6q+RNMzaIk6clWKOvPW20/q/CtE=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org