Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS62414.roa
File: AS62414.roa (raw, json)
Hash identifier: nnd94E7smFmwRK76N3QfvNChBOWOeND/VZ1y3CQngjg=
Subject key identifier: F4:AE:47:69:5A:C7:80:68:D7:71:BC:E9:5A:82:B3:9F:52:0E:D6:E7
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 389D3C8D6A004D370AA1C42BC9BDA84834D7CE32
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS62414.roa
Signing time: Wed 20 Dec 2023 16:21:59 +0000
ROA not before: Wed 20 Dec 2023 16:16:59 +0000
ROA not after: Wed 18 Dec 2024 16:21:59 +0000
asID: 62414
IP address blocks: 2a13:df80:80::/44 maxlen: 44
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:9d:3c:8d:6a:00:4d:37:0a:a1:c4:2b:c9:bd:a8:48:34:d7:ce:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:59 2023 GMT
Not After : Dec 18 16:21:59 2024 GMT
Subject: CN=F4AE47695AC78068D771BCE95A82B39F520ED6E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f3:fb:87:ef:06:1f:f0:04:02:03:01:6a:3c:
97:c5:11:02:74:a8:e5:89:5a:f6:1d:19:c8:5c:9d:
70:75:dd:0c:19:cd:93:52:4b:cc:ec:36:8a:59:43:
12:b2:47:34:c0:38:d8:d9:79:10:89:3f:6e:7f:f7:
64:83:ad:47:70:59:bf:a8:84:b1:00:59:6b:91:64:
8f:be:af:7a:d1:ad:0e:52:66:fb:ed:ad:93:c9:97:
d6:71:8e:75:91:bb:02:3f:67:72:f1:7a:9a:d3:07:
1e:51:79:bd:02:03:b6:6c:df:ee:fe:d0:37:ce:bd:
98:0d:c2:0e:d5:ff:a6:a4:4c:51:1b:b2:2c:f2:2e:
00:d9:d3:48:d9:4c:a5:27:78:c9:10:88:f8:c8:57:
45:f6:b6:c1:a0:af:be:83:1e:ee:48:36:3a:d7:18:
0f:db:5c:ab:fc:53:d9:07:20:57:2b:52:0f:67:fa:
96:48:3b:b9:36:18:03:ee:97:5f:61:e9:fa:48:fc:
36:c5:72:cf:c6:38:1d:0e:ef:7f:39:a2:cd:11:9d:
39:1e:be:ce:f4:c7:cf:10:18:e9:b9:dc:da:c2:a1:
fa:73:ee:90:21:41:4f:da:50:9f:2f:45:0f:a2:bc:
5d:d5:14:7e:77:d6:8e:38:bc:c1:2c:36:68:be:75:
4e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AE:47:69:5A:C7:80:68:D7:71:BC:E9:5A:82:B3:9F:52:0E:D6:E7
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS62414.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:80::/44
Signature Algorithm: sha256WithRSAEncryption
a4:97:b0:4d:5c:26:08:30:b5:4a:6f:aa:c9:38:6e:9d:d5:b3:
53:35:37:bf:3a:aa:47:06:1d:be:87:8a:ce:88:bf:b0:79:de:
fb:79:1f:92:25:66:6f:d9:45:f7:8c:c5:bc:83:21:3d:ea:bd:
07:24:a3:8e:6b:be:b4:17:2a:38:99:bf:1d:09:bf:0e:3b:de:
06:59:42:ce:14:5e:e0:0c:38:b1:45:fe:c1:20:4a:d7:ab:ab:
96:ff:58:0e:62:ba:1a:d9:59:bd:f8:14:89:07:cb:e5:17:0d:
7e:a4:a9:11:02:e2:88:6c:5b:36:c5:4d:9d:99:86:a5:c1:b8:
1b:67:f4:a9:d5:e0:8e:ac:82:55:47:b7:75:c5:24:9d:cb:d2:
54:c2:c4:ba:8f:6a:e9:bc:55:6b:98:ad:bf:ee:1f:bc:e5:94:
dc:c5:ce:30:ec:6d:7e:35:85:b8:76:4c:18:53:e8:eb:ce:50:
2b:97:ef:4a:cf:0c:d5:67:17:c9:bb:fb:6b:44:4f:d9:22:0e:
10:9e:8a:dc:cd:b9:3d:40:1c:9d:94:fc:61:e4:bb:3f:fb:37:
0c:12:57:43:b1:47:6f:3a:06:01:9d:e1:45:e5:44:0c:84:47:
98:e0:dc:fb:42:da:66:f4:09:a9:7b:9f:02:76:d7:75:02:b1:
69:45:77:59
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUOJ08jWoATTcKocQryb2oSDTXzjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTlaFw0yNDEyMTgxNjIxNTlaMDMxMTAvBgNV
BAMTKEY0QUU0NzY5NUFDNzgwNjhENzcxQkNFOTVBODJCMzlGNTIwRUQ2RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR8/uH7wYf8AQCAwFqPJfFEQJ0
qOWJWvYdGchcnXB13QwZzZNSS8zsNopZQxKyRzTAONjZeRCJP25/92SDrUdwWb+o
hLEAWWuRZI++r3rRrQ5SZvvtrZPJl9ZxjnWRuwI/Z3LxeprTBx5Reb0CA7Zs3+7+
0DfOvZgNwg7V/6akTFEbsizyLgDZ00jZTKUneMkQiPjIV0X2tsGgr76DHu5INjrX
GA/bXKv8U9kHIFcrUg9n+pZIO7k2GAPul19h6fpI/DbFcs/GOB0O7385os0RnTke
vs70x88QGOm53NrCofpz7pAhQU/aUJ8vRQ+ivF3VFH531o44vMEsNmi+dU5nAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU9K5HaVrHgGjXcbzpWoKzn1IO1ucwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNjI0MTQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqE9+A
AIAwDQYJKoZIhvcNAQELBQADggEBAKSXsE1cJggwtUpvqsk4bp3Vs1M1N786qkcG
Hb6His6Iv7B53vt5H5IlZm/ZRfeMxbyDIT3qvQcko45rvrQXKjiZvx0Jvw473gZZ
Qs4UXuAMOLFF/sEgSterq5b/WA5iuhrZWb34FIkHy+UXDX6kqREC4ohsWzbFTZ2Z
hqXBuBtn9KnV4I6sglVHt3XFJJ3L0lTCxLqPaum8VWuYrb/uH7zllNzFzjDsbX41
hbh2TBhT6OvOUCuX70rPDNVnF8m7+2tET9kiDhCeitzNuT1AHJ2U/GHkuz/7NwwS
V0OxR286BgGd4UXlRAyER5jg3PtC2mb0Cal7nwJ213UCsWlFd1k=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org