Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS63150.roa
File: AS63150.roa (raw, json)
Hash identifier: 3IBilJyh8HMHgeXMzlNRkT7dOxiyrJOcmFAAuFJ5CqM=
Subject key identifier: 81:CC:F9:E5:2E:01:19:71:1A:DC:4E:E5:E4:BF:0A:B0:BC:BB:1E:B8
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 07D465DB7387D759B77BCD3D0C96231D46FA9989
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS63150.roa
Signing time: Thu 28 Mar 2024 14:17:17 +0000
ROA not before: Thu 28 Mar 2024 14:12:17 +0000
ROA not after: Thu 27 Mar 2025 14:17:17 +0000
asID: 63150
IP address blocks: 2a13:df85:a100::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:d4:65:db:73:87:d7:59:b7:7b:cd:3d:0c:96:23:1d:46:fa:99:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Mar 28 14:12:17 2024 GMT
Not After : Mar 27 14:17:17 2025 GMT
Subject: CN=81CCF9E52E0119711ADC4EE5E4BF0AB0BCBB1EB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8d:2c:0b:26:3b:90:b5:b9:23:6a:c5:3e:8c:
f1:64:11:d3:01:8d:57:9e:04:51:d2:14:ed:95:52:
4b:d0:87:7d:a2:b1:04:0e:e4:29:9f:0b:10:e4:4a:
81:da:d6:fe:0b:bb:7e:9f:6d:37:c3:27:4b:1f:cb:
6e:37:25:8e:ea:13:a6:ee:7d:c4:18:45:5f:e9:b4:
60:cb:1e:0e:39:bb:26:b6:52:dd:34:26:f6:10:d5:
56:f2:61:ea:3f:6b:b9:37:50:b6:6e:59:f4:91:f1:
1a:d2:8c:e6:5f:30:ec:9c:60:b4:2f:be:dc:1c:ad:
fa:32:20:70:74:c4:a7:9e:73:00:78:75:0d:bb:5e:
5c:82:9d:62:52:b7:71:7e:26:fb:77:a6:1e:55:31:
dd:bd:23:c4:79:3e:80:09:0c:3d:7f:c5:bd:f6:8c:
0d:bb:64:ea:54:1d:02:ad:11:2c:7e:8a:16:a8:bb:
f7:ae:a1:f5:1c:16:62:85:de:ab:11:b7:2a:ed:ec:
59:38:66:31:31:6c:e8:22:d8:53:5e:49:22:6b:2c:
a9:c6:f7:ab:56:59:02:9d:59:b0:71:44:37:7e:cf:
31:32:3f:c8:7a:26:e7:e2:37:e0:12:42:78:f5:cd:
0e:da:e2:e7:09:ac:8d:40:f2:4e:d2:d3:c3:ce:6b:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CC:F9:E5:2E:01:19:71:1A:DC:4E:E5:E4:BF:0A:B0:BC:BB:1E:B8
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS63150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:a100::/40
Signature Algorithm: sha256WithRSAEncryption
75:53:77:80:b7:22:29:33:b0:1f:03:c9:16:f8:92:50:ba:84:
ba:b8:ab:06:da:52:fe:4f:7e:5e:a0:c2:82:89:be:85:28:8b:
8c:25:e8:fc:cc:e1:a3:33:84:76:9e:50:4f:99:6d:c5:e1:c2:
25:62:0a:2f:b0:4c:11:f7:66:41:e0:9b:b0:ae:eb:4e:3f:a2:
d8:e6:04:77:56:52:68:d0:32:e9:8d:f0:8b:0e:ba:25:f1:f8:
96:97:43:b3:47:a1:fb:bc:47:fa:e9:ae:eb:c4:34:a7:48:cf:
9e:a8:6b:e3:4c:6c:b3:be:14:c5:29:bc:8a:3f:86:e6:21:61:
81:a8:26:f5:85:c7:1c:f7:a7:a8:87:73:f3:64:4a:0b:d0:c6:
a6:02:25:c5:f1:84:70:73:db:14:15:07:7f:d9:d0:58:15:37:
56:8a:c8:62:59:44:d4:dc:a9:5f:98:5f:cd:c7:9e:4e:1f:c8:
58:f0:e1:19:a2:91:43:6a:f8:e1:0a:1f:2d:1d:88:d7:2c:99:
cb:03:6b:d9:1c:c4:96:10:3d:2a:1a:e7:3b:f5:67:c7:c7:63:
29:52:ef:0e:c1:49:cf:69:68:ce:df:92:ba:48:3a:14:89:f5:
cd:33:d5:48:23:7f:be:6e:52:7d:88:09:c8:1f:3e:e3:04:69:
65:88:3c:1d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUB9Rl23OH11m3e809DJYjHUb6mYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAzMjgxNDEyMTdaFw0yNTAzMjcxNDE3MTdaMDMxMTAvBgNV
BAMTKDgxQ0NGOUU1MkUwMTE5NzExQURDNEVFNUU0QkYwQUIwQkNCQjFFQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVjSwLJjuQtbkjasU+jPFkEdMB
jVeeBFHSFO2VUkvQh32isQQO5CmfCxDkSoHa1v4Lu36fbTfDJ0sfy243JY7qE6bu
fcQYRV/ptGDLHg45uya2Ut00JvYQ1VbyYeo/a7k3ULZuWfSR8RrSjOZfMOycYLQv
vtwcrfoyIHB0xKeecwB4dQ27XlyCnWJSt3F+Jvt3ph5VMd29I8R5PoAJDD1/xb32
jA27ZOpUHQKtESx+ihaou/euofUcFmKF3qsRtyrt7Fk4ZjExbOgi2FNeSSJrLKnG
96tWWQKdWbBxRDd+zzEyP8h6JufiN+ASQnj1zQ7a4ucJrI1A8k7S08POaxy1AgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUgcz55S4BGXEa3E7l5L8KsLy7HrgwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNjMxNTAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqE9+F
oTANBgkqhkiG9w0BAQsFAAOCAQEAdVN3gLciKTOwHwPJFviSULqEurirBtpS/k9+
XqDCgom+hSiLjCXo/MzhozOEdp5QT5ltxeHCJWIKL7BMEfdmQeCbsK7rTj+i2OYE
d1ZSaNAy6Y3wiw66JfH4lpdDs0eh+7xH+umu68Q0p0jPnqhr40xss74UxSm8ij+G
5iFhgagm9YXHHPenqIdz82RKC9DGpgIlxfGEcHPbFBUHf9nQWBU3VorIYllE1Nyp
X5hfzceeTh/IWPDhGaKRQ2r44QofLR2I1yyZywNr2RzElhA9KhrnO/Vnx8djKVLv
DsFJz2lozt+Sukg6FIn1zTPVSCN/vm5SfYgJyB8+4wRpZYg8HQ==
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org