Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216410.roa
File: AS216410.roa (raw, json)
Hash identifier: C61N7T9eueFijFNQqk91BGy5fdBs72mhd6LRACr7xKM=
Subject key identifier: 2C:C0:A8:E6:A9:A4:1C:5E:30:EF:18:18:64:0A:97:6F:CF:66:F5:C8
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3ABBFEAE3047E32F180A567DD892050471CC94CF
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216410.roa
Signing time: Wed 20 Dec 2023 16:22:02 +0000
ROA not before: Wed 20 Dec 2023 16:17:02 +0000
ROA not after: Wed 18 Dec 2024 16:22:02 +0000
asID: 216410
IP address blocks: 2a13:df80:3803::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:bb:fe:ae:30:47:e3:2f:18:0a:56:7d:d8:92:05:04:71:cc:94:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:02 2023 GMT
Not After : Dec 18 16:22:02 2024 GMT
Subject: CN=2CC0A8E6A9A41C5E30EF1818640A976FCF66F5C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:fd:f9:c0:9d:58:10:a1:17:b6:f0:fe:c1:
30:ab:24:25:ef:8e:32:33:01:7d:7f:02:a1:5f:b9:
4d:41:cd:70:c9:ba:a8:fb:0a:da:84:8f:ba:b9:b1:
7f:44:37:98:9f:f8:d2:71:0f:59:51:ba:98:8c:0e:
f7:24:33:61:8d:20:ad:fc:ef:a7:3a:37:e6:64:dc:
55:8c:e4:2d:a6:f5:a9:27:9b:b3:79:84:15:9e:ec:
6c:8c:c8:f5:7a:53:5e:cf:10:5c:dd:d9:21:77:b8:
29:d0:0f:ed:77:85:a1:ff:94:58:d1:60:d4:f2:00:
1b:f3:d8:15:37:4d:9d:b2:a8:c7:29:8f:46:d8:42:
45:19:d5:6b:c9:4a:36:21:99:0e:d6:f1:06:82:14:
04:06:c4:99:ba:1f:1f:57:ec:e5:0c:00:df:90:19:
25:8c:32:e6:59:4b:4f:34:84:4b:fb:c8:14:ef:bf:
1d:ab:d7:1a:8f:96:0d:9e:e2:1c:86:78:36:b2:55:
17:b0:d2:41:ef:56:7f:1e:7a:95:1e:ff:2a:eb:5c:
83:e6:f0:64:69:b0:98:88:98:ba:0c:77:f2:52:16:
ec:5f:14:50:33:35:b9:c2:09:a6:34:c9:27:c0:58:
b2:bc:c4:02:32:37:8b:63:d0:2e:5f:82:8c:7d:02:
82:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C0:A8:E6:A9:A4:1C:5E:30:EF:18:18:64:0A:97:6F:CF:66:F5:C8
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216410.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3803::/48
Signature Algorithm: sha256WithRSAEncryption
01:88:c2:06:b0:0f:83:76:5a:70:59:5a:4c:ed:77:3a:01:d6:
0b:94:14:54:ba:20:d9:b8:bc:85:d2:a9:0b:62:c1:da:7e:21:
a6:1f:70:9b:48:9f:9a:45:12:cd:a3:de:01:e0:d2:79:48:a4:
21:7c:78:48:f5:60:7d:58:48:69:8b:9c:e9:f7:09:52:4f:9a:
1b:9c:63:25:1b:e2:03:a5:dd:f9:83:33:09:86:4d:db:4d:d5:
2f:92:e3:14:ea:9f:c4:89:83:9e:f1:91:66:b2:03:b6:71:24:
83:1c:1e:bb:21:8c:d8:7c:e1:9e:59:85:cd:44:1f:5c:cf:62:
21:1d:70:f2:19:9b:2b:03:12:30:ef:89:5b:e2:2e:11:d8:24:
f9:16:8a:e1:2e:ce:a0:54:7d:47:2d:a8:30:48:af:74:c2:aa:
86:50:b6:ac:55:d3:58:2f:c3:48:31:d7:56:32:b1:1d:8c:5e:
19:c3:c4:f7:c5:3b:1a:25:61:9b:b5:0c:87:6a:a7:ba:49:72:
3e:90:48:de:a2:30:8f:f6:e4:24:b6:81:e0:66:a5:78:a1:59:
2b:5c:5b:e0:81:9a:30:e2:5d:cc:0c:e2:29:1a:39:c6:d0:3f:
d4:97:3a:6a:14:38:f7:cb:b9:93:52:9d:b5:5d:6f:46:61:c7:
78:4a:fe:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUOrv+rjBH4y8YClZ92JIFBHHMlM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MDJaFw0yNDEyMTgxNjIyMDJaMDMxMTAvBgNV
BAMTKDJDQzBBOEU2QTlBNDFDNUUzMEVGMTgxODY0MEE5NzZGQ0Y2NkY1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7pf35wJ1YEKEXtvD+wTCrJCXv
jjIzAX1/AqFfuU1BzXDJuqj7CtqEj7q5sX9EN5if+NJxD1lRupiMDvckM2GNIK38
76c6N+Zk3FWM5C2m9aknm7N5hBWe7GyMyPV6U17PEFzd2SF3uCnQD+13haH/lFjR
YNTyABvz2BU3TZ2yqMcpj0bYQkUZ1WvJSjYhmQ7W8QaCFAQGxJm6Hx9X7OUMAN+Q
GSWMMuZZS080hEv7yBTvvx2r1xqPlg2e4hyGeDayVRew0kHvVn8eepUe/yrrXIPm
8GRpsJiImLoMd/JSFuxfFFAzNbnCCaY0ySfAWLK8xAIyN4tj0C5fgox9AoJRAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQULMCo5qmkHF4w7xgYZAqXb89m9cgwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2NDEwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gDgDMA0GCSqGSIb3DQEBCwUAA4IBAQABiMIGsA+DdlpwWVpM7Xc6AdYLlBRUuiDZ
uLyF0qkLYsHafiGmH3CbSJ+aRRLNo94B4NJ5SKQhfHhI9WB9WEhpi5zp9wlST5ob
nGMlG+IDpd35gzMJhk3bTdUvkuMU6p/EiYOe8ZFmsgO2cSSDHB67IYzYfOGeWYXN
RB9cz2IhHXDyGZsrAxIw74lb4i4R2CT5ForhLs6gVH1HLagwSK90wqqGULasVdNY
L8NIMddWMrEdjF4Zw8T3xTsaJWGbtQyHaqe6SXI+kEjeojCP9uQktoHgZqV4oVkr
XFvggZow4l3MDOIpGjnG0D/UlzpqFDj3y7mTUp21XW9GYcd4Sv5/
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org