Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47614.roa
File: AS47614.roa (raw, json)
Hash identifier: o6HwvOtEQ3ie5UeLPHRQgDoqMXNtZuEiuAJehR9KwUs=
Subject key identifier: 07:8C:88:F6:89:FD:45:82:C6:BA:6E:94:1C:46:63:2B:95:1B:DD:9D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 7C532937143DC0C5BB6610E644F18627E9E9A975
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47614.roa
Signing time: Wed 07 Feb 2024 18:08:35 +0000
ROA not before: Wed 07 Feb 2024 18:03:35 +0000
ROA not after: Wed 05 Feb 2025 18:08:35 +0000
asID: 47614
IP address blocks: 2a13:df85:ec00::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:53:29:37:14:3d:c0:c5:bb:66:10:e6:44:f1:86:27:e9:e9:a9:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Feb 7 18:03:35 2024 GMT
Not After : Feb 5 18:08:35 2025 GMT
Subject: CN=078C88F689FD4582C6BA6E941C46632B951BDD9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cd:21:62:f4:52:44:53:9c:e5:37:d7:5c:c7:
a0:40:a2:7c:34:bb:3f:aa:92:9e:5d:fa:17:ea:34:
de:8b:8a:f5:d8:a8:e1:cf:02:8e:1b:81:e7:92:d0:
5d:82:b9:ba:5a:0b:78:e6:f2:50:5a:22:47:c3:eb:
14:ec:49:55:9f:98:cd:fd:7b:c8:17:ad:01:e5:67:
52:4b:00:00:b8:86:05:f7:21:c7:8f:6e:7b:c3:20:
74:51:67:24:5f:b9:26:0f:37:be:0e:2a:9b:63:9b:
33:b9:7c:f5:5c:f4:a8:4b:08:be:1b:b4:cd:27:09:
75:2e:74:69:47:fd:87:48:a7:d0:90:bb:af:6c:67:
b1:d5:7b:5e:10:38:13:7a:20:3b:65:10:06:6c:58:
31:10:aa:7d:ce:b9:a0:89:21:0b:47:89:82:e1:f2:
f6:7a:df:8c:72:aa:21:b9:05:79:97:76:e9:b1:c3:
c7:7f:52:9e:84:78:3c:0d:40:b2:36:e5:dc:95:3a:
a1:bc:d3:38:c0:2b:1c:9c:cb:dc:c7:97:9a:86:69:
46:69:c3:4b:aa:59:5f:cb:5e:4c:1b:f3:d4:3f:4d:
62:1b:2b:db:35:eb:76:d4:63:16:35:0c:5c:f7:07:
16:f0:69:7d:6c:07:1c:4f:77:2f:54:38:b5:50:3e:
dd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8C:88:F6:89:FD:45:82:C6:BA:6E:94:1C:46:63:2B:95:1B:DD:9D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS47614.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:ec00::/38
Signature Algorithm: sha256WithRSAEncryption
4a:f9:83:91:f6:1c:3c:83:f5:d8:09:71:fb:bb:55:19:5f:e8:
52:6e:7a:ac:cb:61:c0:99:58:d6:37:0e:54:98:b8:47:d1:a6:
b4:5b:43:c8:ba:da:b6:79:01:f7:6c:7f:93:99:3e:20:8d:a2:
27:25:94:12:32:62:6b:47:cd:b1:6d:22:42:5c:f9:83:2f:a2:
03:bb:dc:20:1a:34:96:4e:da:5c:cf:57:f5:a6:8b:69:d5:84:
50:5c:18:8a:57:76:f4:94:98:73:8f:c6:b0:2c:67:7d:5c:eb:
5a:18:5e:9c:c4:a9:90:4f:16:b5:ed:cb:7d:04:f4:1c:c9:c3:
2f:03:a2:e4:42:e4:8e:cc:e3:c3:f1:ab:3c:ee:0f:a1:7e:70:
f4:21:66:a2:54:8d:ed:01:b5:b5:92:4c:1a:f8:15:38:1c:79:
40:6d:a6:6e:e8:1c:aa:c5:52:48:91:88:d3:b5:0f:a4:8d:8d:
f0:20:b8:13:b2:64:10:a4:d1:9c:0e:1c:ba:2e:02:95:9b:b4:
84:f0:7e:d8:69:67:35:9b:02:fc:07:52:2b:fc:c7:45:e8:91:
8c:36:00:cb:31:a4:69:43:bf:96:c5:73:10:ff:9c:d8:3e:69:
5d:44:53:d6:6d:6c:25:d6:23:5a:c1:7c:2a:c5:b7:ab:3b:a4:
95:dd:74:ef
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUfFMpNxQ9wMW7ZhDmRPGGJ+npqXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAyMDcxODAzMzVaFw0yNTAyMDUxODA4MzVaMDMxMTAvBgNV
BAMTKDA3OEM4OEY2ODlGRDQ1ODJDNkJBNkU5NDFDNDY2MzJCOTUxQkREOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4zSFi9FJEU5zlN9dcx6BAonw0
uz+qkp5d+hfqNN6LivXYqOHPAo4bgeeS0F2CubpaC3jm8lBaIkfD6xTsSVWfmM39
e8gXrQHlZ1JLAAC4hgX3IcePbnvDIHRRZyRfuSYPN74OKptjmzO5fPVc9KhLCL4b
tM0nCXUudGlH/YdIp9CQu69sZ7HVe14QOBN6IDtlEAZsWDEQqn3OuaCJIQtHiYLh
8vZ634xyqiG5BXmXdumxw8d/Up6EeDwNQLI25dyVOqG80zjAKxycy9zHl5qGaUZp
w0uqWV/LXkwb89Q/TWIbK9s163bUYxY1DFz3BxbwaX1sBxxPdy9UOLVQPt2TAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUB4yI9on9RYLGum6UHEZjK5Ub3Z0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDc2MTQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgIqE9+F
7DANBgkqhkiG9w0BAQsFAAOCAQEASvmDkfYcPIP12Alx+7tVGV/oUm56rMthwJlY
1jcOVJi4R9GmtFtDyLratnkB92x/k5k+II2iJyWUEjJia0fNsW0iQlz5gy+iA7vc
IBo0lk7aXM9X9aaLadWEUFwYild29JSYc4/GsCxnfVzrWhhenMSpkE8Wte3LfQT0
HMnDLwOi5ELkjszjw/GrPO4PoX5w9CFmolSN7QG1tZJMGvgVOBx5QG2mbugcqsVS
SJGI07UPpI2N8CC4E7JkEKTRnA4cui4ClZu0hPB+2GlnNZsC/AdSK/zHReiRjDYA
yzGkaUO/lsVzEP+c2D5pXURT1m1sJdYjWsF8KsW3qzukld107w==
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org