Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44817.roa
File: AS44817.roa (raw, json)
Hash identifier: Gr62bfOCilzY6nW/pUmqf4gGt2l6HGgbY2jmAZb1T+Q=
Subject key identifier: DD:56:B1:CA:72:DF:C6:89:04:FC:92:89:E4:5F:B3:15:45:14:C6:7D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 79141615E8FE0D79566C35D6915986305540A11E
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44817.roa
Signing time: Tue 16 Apr 2024 07:48:40 +0000
ROA not before: Tue 16 Apr 2024 07:43:40 +0000
ROA not after: Tue 15 Apr 2025 07:48:40 +0000
asID: 44817
IP address blocks: 2a13:df80:e800::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:14:16:15:e8:fe:0d:79:56:6c:35:d6:91:59:86:30:55:40:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 16 07:43:40 2024 GMT
Not After : Apr 15 07:48:40 2025 GMT
Subject: CN=DD56B1CA72DFC68904FC9289E45FB3154514C67D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:b2:a4:50:8b:19:fe:b4:0f:ff:91:c2:8e:
fb:5c:d5:d8:75:1c:ec:3e:81:fb:a7:e3:78:cb:07:
40:72:79:af:cc:0f:0b:f7:7f:8f:31:1d:9b:7a:0f:
c2:10:7b:ed:07:3e:a0:19:4b:08:50:ff:72:55:f2:
02:1b:01:cd:63:81:88:27:e4:40:d5:fc:f5:9b:5a:
cd:b8:35:de:9e:a8:9a:f9:d7:36:99:da:cc:d7:58:
3a:71:74:aa:7b:62:1a:85:9d:52:2e:0a:e2:cc:32:
d9:ff:cf:bf:d1:ac:9c:aa:69:99:37:89:a8:78:b6:
c9:33:88:90:79:bf:d4:08:a2:51:88:09:ea:df:ed:
7d:ae:7d:83:ac:13:8b:3a:93:13:a6:c8:50:1d:56:
d6:3e:67:7c:fa:25:12:a7:b8:9b:4c:89:04:fe:2e:
4e:93:d4:44:f3:d1:f0:37:b2:b0:83:04:2d:6e:a5:
52:02:bc:22:1c:08:be:0f:01:6d:e1:ff:9c:80:7c:
7a:7c:59:ce:96:af:14:7a:a9:f9:fb:c1:2c:87:16:
4a:5d:31:10:c1:48:4f:3b:ff:d6:aa:d3:64:06:22:
3d:a3:33:f7:65:9c:82:f9:ea:d1:a6:d9:22:66:21:
32:42:42:85:71:01:c5:a0:32:48:fd:28:aa:b3:11:
bf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:56:B1:CA:72:DF:C6:89:04:FC:92:89:E4:5F:B3:15:45:14:C6:7D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44817.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:e800::/38
Signature Algorithm: sha256WithRSAEncryption
72:03:6d:e8:42:29:06:ad:1c:d6:dd:b3:8c:dd:4a:0f:07:82:
51:f4:6e:13:06:00:e2:44:6b:b5:d9:38:4c:81:b7:2b:84:16:
a0:b9:33:9e:ba:b9:31:36:45:8d:72:04:ed:25:d9:1c:2e:a2:
94:bf:ba:56:f4:be:30:d5:22:d9:4d:c4:52:3f:1a:15:fe:2d:
cb:21:2c:1f:f5:c7:34:3b:70:ca:59:6f:d9:7d:8c:7e:a7:40:
2a:d2:be:a6:8d:5f:d4:2b:9f:72:35:39:63:57:aa:22:05:44:
5a:e9:29:e7:0c:0a:c0:56:b8:6b:a0:ca:7c:4d:19:a8:a0:66:
59:09:16:d5:30:ba:c1:7d:86:8f:0b:51:d8:a5:df:bc:de:ab:
81:be:08:b6:60:59:64:70:7b:cd:d3:34:3c:50:8a:81:c9:c4:
25:10:42:16:9a:91:a2:83:1a:28:94:73:f6:45:6f:55:fe:bf:
27:55:19:33:6d:fb:08:f8:ca:f4:54:37:9c:f3:e3:e6:65:7d:
75:76:06:46:94:18:bd:94:ee:0c:dc:05:42:c2:ac:22:eb:f1:
80:91:3b:7d:bd:e0:25:28:f4:2d:ce:8b:df:1b:d7:03:b0:bf:
89:34:05:cd:91:b7:4d:35:f8:e1:3d:ad:4f:55:bf:f5:a1:12:
2d:77:64:74
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUeRQWFej+DXlWbDXWkVmGMFVAoR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MTYwNzQzNDBaFw0yNTA0MTUwNzQ4NDBaMDMxMTAvBgNV
BAMTKERENTZCMUNBNzJERkM2ODkwNEZDOTI4OUU0NUZCMzE1NDUxNEM2N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMfbKkUIsZ/rQP/5HCjvtc1dh1
HOw+gfun43jLB0Byea/MDwv3f48xHZt6D8IQe+0HPqAZSwhQ/3JV8gIbAc1jgYgn
5EDV/PWbWs24Nd6eqJr51zaZ2szXWDpxdKp7YhqFnVIuCuLMMtn/z7/RrJyqaZk3
iah4tskziJB5v9QIolGICerf7X2ufYOsE4s6kxOmyFAdVtY+Z3z6JRKnuJtMiQT+
Lk6T1ETz0fA3srCDBC1upVICvCIcCL4PAW3h/5yAfHp8Wc6WrxR6qfn7wSyHFkpd
MRDBSE87/9aq02QGIj2jM/dlnIL56tGm2SJmITJCQoVxAcWgMkj9KKqzEb+bAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQU3VaxynLfxokE/JKJ5F+zFUUUxn0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDQ4MTcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgIqE9+A
6DANBgkqhkiG9w0BAQsFAAOCAQEAcgNt6EIpBq0c1t2zjN1KDweCUfRuEwYA4kRr
tdk4TIG3K4QWoLkznrq5MTZFjXIE7SXZHC6ilL+6VvS+MNUi2U3EUj8aFf4tyyEs
H/XHNDtwyllv2X2MfqdAKtK+po1f1CufcjU5Y1eqIgVEWukp5wwKwFa4a6DKfE0Z
qKBmWQkW1TC6wX2GjwtR2KXfvN6rgb4ItmBZZHB7zdM0PFCKgcnEJRBCFpqRooMa
KJRz9kVvVf6/J1UZM237CPjK9FQ3nPPj5mV9dXYGRpQYvZTuDNwFQsKsIuvxgJE7
fb3gJSj0Lc6L3xvXA7C/iTQFzZG3TTX44T2tT1W/9aESLXdkdA==
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org