Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48465.roa
File: AS48465.roa (raw, json)
Hash identifier: Rcyjm29FOsHVzJjiVEJ+qcIDYEBvB0HPooTqV0ZrlXY=
Subject key identifier: 0E:9B:EA:77:27:C3:DB:C7:A4:09:BB:15:94:27:B0:76:F7:EB:51:2D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 576694D696A6C6869477EC032D4DA0284F29CBA5
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48465.roa
Signing time: Wed 20 Dec 2023 16:22:12 +0000
ROA not before: Wed 20 Dec 2023 16:17:12 +0000
ROA not after: Wed 18 Dec 2024 16:22:12 +0000
asID: 48465
IP address blocks: 2a13:df82:9200::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:66:94:d6:96:a6:c6:86:94:77:ec:03:2d:4d:a0:28:4f:29:cb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:12 2023 GMT
Not After : Dec 18 16:22:12 2024 GMT
Subject: CN=0E9BEA7727C3DBC7A409BB159427B076F7EB512D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:17:8a:9d:76:65:b8:0e:94:b5:22:a5:b1:49:
39:4c:f2:94:3a:1e:a6:3c:1c:ad:c7:fd:22:f7:48:
c5:36:b0:22:ae:c6:31:f7:a6:0c:99:b1:b9:11:92:
0b:76:26:26:98:9f:ba:f3:db:84:39:f7:eb:d1:12:
4f:5b:a0:43:c5:47:b0:38:36:ec:f1:ae:79:78:7e:
3c:c8:de:7e:4e:98:20:b6:7d:41:92:ab:59:82:f7:
81:3a:16:ee:00:d9:fc:7f:36:13:6e:52:57:2a:29:
38:f8:ad:dc:fe:ba:58:b7:3d:e4:fc:67:41:f4:91:
76:0f:e8:e5:ae:57:4f:7a:cd:37:0e:45:78:d9:97:
5b:3a:f7:20:53:7e:39:9f:fb:c5:52:72:c7:5d:69:
94:8d:c5:5d:6c:8d:c4:e2:db:c5:19:aa:5d:8b:4d:
9c:90:f7:80:0b:47:10:bb:f6:6b:ae:07:9d:09:c1:
7d:ad:94:6b:5f:68:21:5a:e2:4b:59:de:77:b9:57:
01:ce:93:95:5f:96:30:0e:f3:9c:fb:c9:9c:f3:f7:
1f:1d:69:82:2e:f8:fe:ad:4e:b5:f3:47:b3:4b:9c:
aa:58:0a:3e:a1:b6:dc:ce:76:60:0b:0d:37:ed:17:
a9:59:00:7e:1f:42:66:95:67:8e:51:3f:49:cc:f5:
b8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:9B:EA:77:27:C3:DB:C7:A4:09:BB:15:94:27:B0:76:F7:EB:51:2D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48465.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df82:9200::/40
Signature Algorithm: sha256WithRSAEncryption
a2:8c:13:e7:48:fd:65:5b:5e:89:4f:49:96:00:05:25:08:30:
09:3f:12:3d:6f:0b:5c:04:8d:04:a8:00:28:87:ac:26:56:00:
53:30:cf:57:77:bc:a0:1a:23:0b:d4:54:1e:ae:2d:c8:ca:df:
81:f5:89:35:d9:7c:26:3d:fb:c4:1f:c7:6c:7d:76:2f:fb:4f:
d5:3c:12:89:0a:40:44:27:3a:ff:32:1a:8d:55:cc:2e:4a:61:
81:2e:b3:ae:a3:03:1a:50:16:91:2c:41:c1:f7:64:ac:9e:3d:
cc:46:7b:7c:c8:9e:4d:f2:48:5c:a8:66:c7:f7:9b:82:b4:63:
19:ab:82:4d:76:fa:bc:a2:f4:27:de:0a:91:d7:48:33:51:91:
09:00:3e:50:4b:7f:55:bd:82:98:ed:79:e4:30:5c:ce:e5:02:
35:81:ef:b0:d0:f1:3a:0f:c5:36:e1:e2:09:5b:a9:ea:78:6d:
7e:1f:4f:9d:75:f0:d8:31:c4:ff:78:29:99:2d:84:7a:59:f1:
94:bd:85:3f:ed:4b:4d:8b:94:1c:21:84:52:05:e1:8b:34:c9:
e1:5a:c6:77:c9:46:7a:ae:ae:d7:a8:68:be:15:91:a1:bd:95:
31:14:c2:c5:b2:15:3d:a9:52:8d:10:55:f1:28:4c:ef:48:62:
0f:de:f7:b9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUV2aU1pamxoaUd+wDLU2gKE8py6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTJaFw0yNDEyMTgxNjIyMTJaMDMxMTAvBgNV
BAMTKDBFOUJFQTc3MjdDM0RCQzdBNDA5QkIxNTk0MjdCMDc2RjdFQjUxMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGF4qddmW4DpS1IqWxSTlM8pQ6
HqY8HK3H/SL3SMU2sCKuxjH3pgyZsbkRkgt2JiaYn7rz24Q59+vREk9boEPFR7A4
Nuzxrnl4fjzI3n5OmCC2fUGSq1mC94E6Fu4A2fx/NhNuUlcqKTj4rdz+uli3PeT8
Z0H0kXYP6OWuV096zTcORXjZl1s69yBTfjmf+8VScsddaZSNxV1sjcTi28UZql2L
TZyQ94ALRxC79muuB50JwX2tlGtfaCFa4ktZ3ne5VwHOk5VfljAO85z7yZzz9x8d
aYIu+P6tTrXzR7NLnKpYCj6httzOdmALDTftF6lZAH4fQmaVZ45RP0nM9bgHAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUDpvqdyfD28ekCbsVlCewdvfrUS0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDg0NjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqE9+C
kjANBgkqhkiG9w0BAQsFAAOCAQEAoowT50j9ZVteiU9JlgAFJQgwCT8SPW8LXASN
BKgAKIesJlYAUzDPV3e8oBojC9RUHq4tyMrfgfWJNdl8Jj37xB/HbH12L/tP1TwS
iQpARCc6/zIajVXMLkphgS6zrqMDGlAWkSxBwfdkrJ49zEZ7fMieTfJIXKhmx/eb
grRjGauCTXb6vKL0J94KkddIM1GRCQA+UEt/Vb2CmO155DBczuUCNYHvsNDxOg/F
NuHiCVup6nhtfh9PnXXw2DHE/3gpmS2EelnxlL2FP+1LTYuUHCGEUgXhizTJ4VrG
d8lGeq6u16hovhWRob2VMRTCxbIVPalSjRBV8ShM70hiD973uQ==
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org