Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60743.roa
File: AS60743.roa (raw, json)
Hash identifier: iMF9uaH0p24H3X39348NfgVKo7Pg0AbpFepfpKMkcn4=
Subject key identifier: 2F:E5:06:18:BA:DC:B6:26:6F:5A:96:57:1F:99:8F:70:B4:B3:B2:35
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 507C95C01CFCD58087C6300B557B72D3988E7FBE
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60743.roa
Signing time: Wed 20 Dec 2023 16:22:06 +0000
ROA not before: Wed 20 Dec 2023 16:17:06 +0000
ROA not after: Wed 18 Dec 2024 16:22:06 +0000
asID: 60743
IP address blocks: 2a13:df85:b00b::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:7c:95:c0:1c:fc:d5:80:87:c6:30:0b:55:7b:72:d3:98:8e:7f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:06 2023 GMT
Not After : Dec 18 16:22:06 2024 GMT
Subject: CN=2FE50618BADCB6266F5A96571F998F70B4B3B235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:c3:74:a0:b4:7c:b6:be:29:45:ed:0f:c2:
ac:12:31:f9:b4:bf:58:4a:3f:ff:d1:b4:06:79:dc:
95:1b:bd:04:f1:a8:b3:b0:bb:44:3a:93:84:9f:5c:
6a:c5:fc:02:56:81:ed:77:a9:0e:37:76:a9:7d:b5:
cb:b2:8a:23:9f:48:ea:33:52:02:33:04:8b:76:9b:
80:fb:41:0f:3f:f7:32:09:a8:a9:f1:a8:31:c8:3b:
14:99:00:b9:49:ba:e0:bb:1c:d1:07:e1:1f:4f:23:
99:10:8e:92:f4:e6:e0:34:78:99:f7:41:19:7f:36:
bc:1a:4a:b6:31:f2:39:27:48:40:c3:f7:77:a8:69:
12:aa:90:40:cc:b2:fd:0f:d2:55:6e:cf:cd:83:6a:
3d:eb:39:a0:db:1a:51:c7:10:cc:65:e2:ae:b1:47:
39:c7:aa:dc:69:4e:c1:0a:39:23:4c:41:94:b4:f2:
bf:f0:3c:b4:d9:99:68:69:31:3e:17:6d:09:0e:48:
ce:fc:3a:c4:cc:08:4e:83:5c:d2:78:bb:c5:8b:dd:
93:17:f6:b2:8d:65:de:a9:6b:17:27:87:d2:ee:d0:
c7:d1:cd:53:97:be:9c:8e:d0:6f:fa:38:e5:4e:0b:
0b:af:10:9d:82:93:23:21:ef:96:21:84:48:92:bd:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E5:06:18:BA:DC:B6:26:6F:5A:96:57:1F:99:8F:70:B4:B3:B2:35
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60743.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
58:59:a3:68:b2:5b:fc:7b:25:ff:f1:b1:36:35:e8:07:82:ff:
90:00:18:b7:fc:2f:a8:36:df:ce:7b:5c:25:e3:a4:51:f8:68:
df:e1:0c:33:56:92:1e:f9:e3:39:a2:f5:9d:5c:d1:63:26:8f:
ca:48:d0:19:21:76:d4:db:71:05:e7:8f:1c:a6:5d:e0:8d:2a:
f9:20:43:8b:49:81:72:ee:dd:49:24:79:16:1a:41:6d:dc:f5:
18:14:ef:7e:41:f4:55:f9:7d:ab:6d:65:0a:d9:aa:43:46:99:
e3:b4:66:f5:5e:6a:c1:5e:40:5b:02:23:2c:59:6d:0b:9f:2d:
cb:a3:d2:d2:7a:65:bb:5f:8e:3c:f6:2f:19:ea:58:87:02:79:
85:73:b0:26:80:4f:e9:04:80:0b:fb:c5:01:42:3e:68:7d:8e:
13:40:ed:8f:6f:81:49:cd:ce:ce:8b:df:55:9c:13:16:8a:d8:
57:18:cb:f7:ac:1f:a2:77:51:b3:2a:71:c6:29:0a:db:a0:66:
17:23:05:ea:25:da:f3:fd:99:10:d2:20:af:8d:62:06:c2:73:
d5:c2:02:7b:c7:ad:0f:71:4e:f3:1b:4f:7d:e0:5e:b6:60:e2:
3d:51:e2:c1:11:eb:c3:2a:5d:38:f0:a5:fb:e6:5e:67:3c:38:
8a:fd:d0:48
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUUHyVwBz81YCHxjALVXty05iOf74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MDZaFw0yNDEyMTgxNjIyMDZaMDMxMTAvBgNV
BAMTKDJGRTUwNjE4QkFEQ0I2MjY2RjVBOTY1NzFGOTk4RjcwQjRCM0IyMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4sN0oLR8tr4pRe0PwqwSMfm0
v1hKP//RtAZ53JUbvQTxqLOwu0Q6k4SfXGrF/AJWge13qQ43dql9tcuyiiOfSOoz
UgIzBIt2m4D7QQ8/9zIJqKnxqDHIOxSZALlJuuC7HNEH4R9PI5kQjpL05uA0eJn3
QRl/NrwaSrYx8jknSEDD93eoaRKqkEDMsv0P0lVuz82Daj3rOaDbGlHHEMxl4q6x
RznHqtxpTsEKOSNMQZS08r/wPLTZmWhpMT4XbQkOSM78OsTMCE6DXNJ4u8WL3ZMX
9rKNZd6paxcnh9Lu0MfRzVOXvpyO0G/6OOVOCwuvEJ2CkyMh75YhhEiSvQz/AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUL+UGGLrctiZvWpZXH5mPcLSzsjUwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNjA3NDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE9+F
sAswDQYJKoZIhvcNAQELBQADggEBAFhZo2iyW/x7Jf/xsTY16AeC/5AAGLf8L6g2
3857XCXjpFH4aN/hDDNWkh754zmi9Z1c0WMmj8pI0BkhdtTbcQXnjxymXeCNKvkg
Q4tJgXLu3UkkeRYaQW3c9RgU735B9FX5fattZQrZqkNGmeO0ZvVeasFeQFsCIyxZ
bQufLcuj0tJ6Zbtfjjz2LxnqWIcCeYVzsCaAT+kEgAv7xQFCPmh9jhNA7Y9vgUnN
zs6L31WcExaK2FcYy/esH6J3UbMqccYpCtugZhcjBeol2vP9mRDSIK+NYgbCc9XC
AnvHrQ9xTvMbT33gXrZg4j1R4sER68MqXTjwpfvmXmc8OIr90Eg=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org