Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS53667.roa
File: AS53667.roa (raw, json)
Hash identifier: oIEi3NTwHkFJCQxR916LegouVlBAYJReF3iOR3HWKnI=
Subject key identifier: 16:7F:99:40:0F:46:6B:4D:3E:57:03:A8:12:D8:06:3B:8D:56:29:8A
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2201D3DD1C373DDBD7312A3DA55BA92B2C314B3A
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS53667.roa
Signing time: Wed 20 Dec 2023 16:21:46 +0000
ROA not before: Wed 20 Dec 2023 16:16:46 +0000
ROA not after: Wed 18 Dec 2024 16:21:46 +0000
asID: 53667
IP address blocks: 2a13:df80:3f00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:01:d3:dd:1c:37:3d:db:d7:31:2a:3d:a5:5b:a9:2b:2c:31:4b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:46 2023 GMT
Not After : Dec 18 16:21:46 2024 GMT
Subject: CN=167F99400F466B4D3E5703A812D8063B8D56298A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ca:62:a5:a1:73:c7:0b:51:95:8f:c0:27:0d:
b9:32:33:10:ba:6e:60:83:8c:aa:cd:8b:46:59:54:
08:45:ae:e4:8d:bc:f5:b1:14:1d:d3:47:1a:7f:b5:
62:2c:e9:9e:fa:3d:6d:38:e9:4b:a1:d6:e5:5d:e9:
58:02:30:0c:e9:6f:6c:e2:87:b5:0f:a4:d7:28:eb:
d5:0d:a0:9c:d8:12:07:bc:e8:23:e1:9f:e8:ae:e8:
40:d5:55:61:38:ea:34:04:f6:a1:6e:6d:91:b3:e7:
08:61:96:bf:95:93:2f:f6:99:91:28:bd:08:7c:aa:
98:d9:e1:87:9b:66:0d:35:95:54:da:63:f0:07:31:
a6:85:a2:f1:a1:63:44:3c:2f:e2:c4:1f:37:f8:ba:
2b:82:97:7e:f6:be:d5:df:ee:27:36:d8:2e:a1:a1:
10:39:82:21:e3:9c:92:1b:72:65:a0:41:11:fe:4c:
1e:af:59:ef:62:44:5e:26:9e:5d:48:30:67:1e:ca:
34:31:ac:1b:fa:ce:93:f8:22:f5:12:97:f5:4d:cb:
c3:5c:a1:c3:c3:85:8f:13:fb:52:87:16:63:57:44:
f0:b5:96:9b:80:0c:41:8e:97:9c:d4:53:cc:56:a7:
ee:3b:63:48:1a:5f:39:6c:e7:6e:13:83:8d:fe:0d:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7F:99:40:0F:46:6B:4D:3E:57:03:A8:12:D8:06:3B:8D:56:29:8A
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS53667.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3f00::/40
Signature Algorithm: sha256WithRSAEncryption
28:a9:fc:e9:1a:6b:be:1a:14:99:74:26:d7:4f:00:9d:56:13:
9d:97:b7:92:fa:61:4d:4d:bd:d6:a5:51:94:0a:cd:d6:81:cb:
44:71:4c:80:8c:84:85:b5:21:30:05:cb:cb:0a:e1:97:5c:0c:
34:ce:6b:62:6b:de:74:7a:1c:02:bf:ab:c8:b1:17:b9:30:5d:
63:3b:bf:a9:8e:87:83:70:61:89:32:a2:b5:d7:65:f9:bf:b8:
1e:95:31:10:fc:42:7c:e6:c2:a7:63:de:12:8d:ff:b5:9a:e5:
59:94:68:a2:76:08:4a:24:cf:6b:67:ec:fc:1b:de:be:8b:7e:
4a:1a:09:2e:8c:c7:ab:c0:49:84:c8:bb:3a:62:55:cd:40:36:
f1:c3:85:e1:68:37:e1:84:fd:a3:8b:96:65:33:f8:26:fd:5f:
fe:8a:f6:48:36:f0:06:c0:19:94:bb:94:ee:8e:d7:28:cb:bf:
65:b6:73:4f:50:40:84:b1:78:15:19:2a:10:e2:c5:21:c1:5e:
85:5d:22:93:78:f8:c5:f8:6f:4f:97:2f:df:18:17:47:48:94:
91:f0:85:64:d6:93:28:ec:4e:0f:35:93:82:da:b6:bd:29:d6:
68:1c:89:99:5e:77:59:e6:69:d2:05:0d:d8:20:58:1e:f4:7d:
e8:26:f3:0d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUIgHT3Rw3PdvXMSo9pVupKywxSzowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDZaFw0yNDEyMTgxNjIxNDZaMDMxMTAvBgNV
BAMTKDE2N0Y5OTQwMEY0NjZCNEQzRTU3MDNBODEyRDgwNjNCOEQ1NjI5OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDymKloXPHC1GVj8AnDbkyMxC6
bmCDjKrNi0ZZVAhFruSNvPWxFB3TRxp/tWIs6Z76PW046Uuh1uVd6VgCMAzpb2zi
h7UPpNco69UNoJzYEge86CPhn+iu6EDVVWE46jQE9qFubZGz5whhlr+Vky/2mZEo
vQh8qpjZ4YebZg01lVTaY/AHMaaFovGhY0Q8L+LEHzf4uiuCl372vtXf7ic22C6h
oRA5giHjnJIbcmWgQRH+TB6vWe9iRF4mnl1IMGceyjQxrBv6zpP4IvUSl/VNy8Nc
ocPDhY8T+1KHFmNXRPC1lpuADEGOl5zUU8xWp+47Y0gaXzls524Tg43+DThvAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUFn+ZQA9Ga00+VwOoEtgGO41WKYowHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNTM2Njcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqE9+A
PzANBgkqhkiG9w0BAQsFAAOCAQEAKKn86RprvhoUmXQm108AnVYTnZe3kvphTU29
1qVRlArN1oHLRHFMgIyEhbUhMAXLywrhl1wMNM5rYmvedHocAr+ryLEXuTBdYzu/
qY6Hg3BhiTKitddl+b+4HpUxEPxCfObCp2PeEo3/tZrlWZRoonYISiTPa2fs/Bve
vot+ShoJLozHq8BJhMi7OmJVzUA28cOF4Wg34YT9o4uWZTP4Jv1f/or2SDbwBsAZ
lLuU7o7XKMu/ZbZzT1BAhLF4FRkqEOLFIcFehV0ik3j4xfhvT5cv3xgXR0iUkfCF
ZNaTKOxODzWTgtq2vSnWaByJmV53WeZp0gUN2CBYHvR96CbzDQ==
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org