Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS29484.roa
File: AS29484.roa (raw, json)
Hash identifier: X+EiGCHOxp9eYdUHmWy9cVyQlLUgapsX7KVDZBVLTMU=
Subject key identifier: FE:C8:EC:B9:40:26:7F:D2:46:EB:19:67:77:43:5D:41:28:60:86:4E
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 5C4A534F42B2AFC74EDE3C814EA87AFDF478A7B7
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS29484.roa
Signing time: Wed 20 Dec 2023 16:22:18 +0000
ROA not before: Wed 20 Dec 2023 16:17:18 +0000
ROA not after: Wed 18 Dec 2024 16:22:18 +0000
asID: 29484
IP address blocks: 2a13:df80:1340::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:4a:53:4f:42:b2:af:c7:4e:de:3c:81:4e:a8:7a:fd:f4:78:a7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:18 2023 GMT
Not After : Dec 18 16:22:18 2024 GMT
Subject: CN=FEC8ECB940267FD246EB196777435D412860864E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f5:c5:f9:7d:87:24:e9:a8:35:6b:75:7d:a6:
ea:0c:f6:90:49:ad:de:d5:74:b0:12:1f:7f:fa:5f:
2a:76:b4:04:74:b2:78:37:46:fc:f6:3b:6e:ee:84:
5a:d8:89:18:a5:e8:6d:19:6a:47:7b:eb:69:4a:29:
8d:0c:37:0c:1c:87:8d:88:03:73:46:98:97:57:b3:
39:2e:df:69:f0:d5:e8:9c:38:bd:56:23:7d:30:7d:
c6:28:fb:09:10:20:05:4c:24:e2:b2:8e:d4:1a:47:
7e:b4:12:5a:ef:78:d8:a7:4c:af:c6:bc:38:fa:6a:
3c:dc:c8:da:41:12:06:06:9e:94:aa:c5:c2:ba:1a:
ae:3b:df:0a:2d:c4:12:03:59:ad:c1:c7:01:74:33:
db:84:7e:a7:53:12:d3:8c:52:95:e1:ce:b1:00:77:
4b:33:88:71:67:d5:c7:39:87:32:61:f8:ae:ee:46:
51:55:35:9c:dc:32:a1:12:cf:90:10:48:8f:f2:1d:
58:a3:bc:cc:30:e3:fa:f3:ad:5e:94:fa:21:ab:99:
b9:7a:c6:dc:aa:e7:c4:fd:6b:e1:ff:1a:76:47:e0:
c4:ae:3b:e1:d9:fd:66:37:64:79:11:f2:7f:2d:0e:
df:e2:2e:5a:ba:85:6b:4c:0f:e1:29:d7:10:e2:18:
e9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C8:EC:B9:40:26:7F:D2:46:EB:19:67:77:43:5D:41:28:60:86:4E
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS29484.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1340::/44
Signature Algorithm: sha256WithRSAEncryption
69:04:ac:ad:53:f3:ba:ec:76:22:31:9d:f1:0d:eb:79:16:08:
68:9e:50:b2:11:ad:1b:2b:e5:8b:56:59:61:1c:22:58:23:67:
fc:34:93:cd:0e:cf:52:cd:c9:d1:9f:27:3a:78:27:25:70:d5:
49:77:85:a0:55:9d:59:f8:fe:7e:a4:15:bb:38:95:de:08:b0:
3c:57:4e:3b:15:bb:12:41:5d:2b:ef:21:07:00:59:eb:42:fd:
17:c9:51:36:f6:97:98:e9:cc:57:e3:ce:82:ea:ef:9c:fc:60:
e0:77:e9:5d:8b:c8:4c:74:b0:07:73:ba:44:a9:ab:fc:03:f4:
09:f0:58:9e:c3:eb:84:dc:54:f6:cb:91:97:f7:3e:56:76:5a:
0c:8c:6e:ce:db:66:8e:54:b5:85:58:bd:12:44:21:4f:41:34:
7e:cc:0a:3d:6d:8d:49:a2:09:7f:0b:74:16:35:84:19:5e:d5:
ad:81:3f:6a:19:89:e6:26:b9:e1:82:79:5b:e0:ca:ec:93:2b:
ba:1b:c0:1c:40:03:48:a3:3e:e8:18:bd:41:96:0e:21:18:af:
4e:af:4c:b1:06:f3:a1:64:4f:7f:f5:de:20:9a:16:32:96:3e:
21:30:72:06:ad:ee:04:8c:07:26:19:2a:bb:54:4d:4d:c3:e5:
ee:67:6f:8d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUXEpTT0Kyr8dO3jyBTqh6/fR4p7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MThaFw0yNDEyMTgxNjIyMThaMDMxMTAvBgNV
BAMTKEZFQzhFQ0I5NDAyNjdGRDI0NkVCMTk2Nzc3NDM1RDQxMjg2MDg2NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp9cX5fYck6ag1a3V9puoM9pBJ
rd7VdLASH3/6Xyp2tAR0sng3Rvz2O27uhFrYiRil6G0Zakd762lKKY0MNwwch42I
A3NGmJdXszku32nw1eicOL1WI30wfcYo+wkQIAVMJOKyjtQaR360ElrveNinTK/G
vDj6ajzcyNpBEgYGnpSqxcK6Gq473wotxBIDWa3BxwF0M9uEfqdTEtOMUpXhzrEA
d0sziHFn1cc5hzJh+K7uRlFVNZzcMqESz5AQSI/yHVijvMww4/rzrV6U+iGrmbl6
xtyq58T9a+H/GnZH4MSuO+HZ/WY3ZHkR8n8tDt/iLlq6hWtMD+Ep1xDiGOn7AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU/sjsuUAmf9JG6xlnd0NdQShghk4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjk0ODQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqE9+A
E0AwDQYJKoZIhvcNAQELBQADggEBAGkErK1T87rsdiIxnfEN63kWCGieULIRrRsr
5YtWWWEcIlgjZ/w0k80Oz1LNydGfJzp4JyVw1Ul3haBVnVn4/n6kFbs4ld4IsDxX
TjsVuxJBXSvvIQcAWetC/RfJUTb2l5jpzFfjzoLq75z8YOB36V2LyEx0sAdzukSp
q/wD9AnwWJ7D64TcVPbLkZf3PlZ2WgyMbs7bZo5UtYVYvRJEIU9BNH7MCj1tjUmi
CX8LdBY1hBle1a2BP2oZieYmueGCeVvgyuyTK7obwBxAA0ijPugYvUGWDiEYr06v
TLEG86FkT3/13iCaFjKWPiEwcgat7gSMByYZKrtUTU3D5e5nb40=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org