Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS134666.roa
File: AS134666.roa (raw, json)
Hash identifier: ZW1hxXbn4CpjBA7Ydx4rxZ0f6P4GCuNb0GNqgesWtco=
Subject key identifier: 27:85:9A:CB:2C:C0:D7:EB:10:E9:C7:D6:A5:8A:52:35:09:9F:7A:FC
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 6DDF8773FACFCC5F87A95FDE5195B31BBAF34567
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS134666.roa
Signing time: Thu 21 Dec 2023 09:01:33 +0000
ROA not before: Thu 21 Dec 2023 08:56:33 +0000
ROA not after: Thu 19 Dec 2024 09:01:33 +0000
asID: 134666
IP address blocks: 2a13:df80:9c00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:df:87:73:fa:cf:cc:5f:87:a9:5f:de:51:95:b3:1b:ba:f3:45:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 21 08:56:33 2023 GMT
Not After : Dec 19 09:01:33 2024 GMT
Subject: CN=27859ACB2CC0D7EB10E9C7D6A58A5235099F7AFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0f:d6:68:34:28:d8:f8:33:15:eb:2a:d5:6c:
c7:51:79:61:e2:59:cd:ed:31:75:83:10:64:fb:90:
e1:4d:b4:6b:45:c8:ef:47:89:3f:52:2e:55:cc:20:
a8:76:fa:5f:4e:be:02:9e:14:03:81:84:5b:29:69:
4f:e8:33:9d:d1:dd:5d:22:32:28:00:11:77:38:df:
de:67:28:fb:c6:96:63:76:91:a3:f2:d6:30:4b:70:
33:7b:bd:ef:30:e8:56:50:8e:ce:e5:69:d2:a4:4e:
07:50:f7:2a:d2:df:a7:84:5c:62:7d:23:95:e2:d4:
dd:7a:e4:86:f6:2c:45:f1:d7:12:09:3c:15:9e:f7:
d6:a7:8d:83:d6:b3:cf:be:56:e9:a2:ad:22:b1:06:
af:76:b1:5b:6b:02:04:55:0f:1f:ed:5e:ba:68:c9:
36:d6:ff:8c:51:71:31:8c:f0:f3:3a:c4:44:e4:a6:
00:56:73:1f:62:e4:b1:88:bb:f2:22:62:4d:d8:08:
1b:e9:11:1c:23:fa:65:cc:16:cc:5d:07:d6:74:6f:
25:56:6d:78:a1:c9:a8:80:b0:ed:ca:ed:bc:51:c5:
bf:00:e7:fa:c6:4e:7f:e8:3a:b5:bd:a5:be:37:f3:
04:d2:97:61:0a:69:5c:28:68:d3:6b:5f:a3:0e:8f:
e2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:85:9A:CB:2C:C0:D7:EB:10:E9:C7:D6:A5:8A:52:35:09:9F:7A:FC
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS134666.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
78:61:45:81:61:87:33:e4:ea:63:0d:eb:06:22:fe:8d:b3:2c:
b2:70:19:49:6d:bd:00:a3:3a:4d:b6:b5:f2:02:16:cb:e0:05:
85:7a:6f:5b:bf:d5:ca:bf:62:25:95:8b:65:2b:38:47:d0:f5:
3e:8a:30:20:2c:d2:bd:85:71:ab:1a:85:35:d7:ad:6c:90:b8:
fe:27:65:f4:89:7b:ad:ea:84:c5:f2:7f:ec:fb:e7:a1:96:b0:
51:c9:e6:68:13:d8:d5:2c:31:ae:14:2c:5f:bb:d7:d6:80:4b:
11:06:fc:d5:f8:11:aa:1b:cb:e2:21:ef:5e:de:68:b0:60:fc:
8e:05:9b:e2:24:4d:63:e1:66:d3:59:fd:ff:71:6e:d6:6f:c1:
50:eb:44:41:23:dc:2c:3f:1e:28:ca:da:94:68:0e:26:38:ca:
77:0a:be:a1:e4:57:1f:18:bc:8d:57:14:70:5c:7c:94:e0:ba:
4a:58:fc:c7:47:e5:f5:bb:25:f1:a6:5a:39:27:59:e4:5b:cb:
3d:9e:80:5a:7e:39:4d:28:80:a0:2b:19:a9:22:df:87:8c:63:
38:ec:43:e2:a6:de:27:e1:36:7d:d8:a2:9b:bd:2e:fa:16:60:
59:64:59:8c:a4:35:cf:5b:ab:2e:9b:90:35:38:f2:11:2c:c7:
79:8b:4c:0d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUbd+Hc/rPzF+HqV/eUZWzG7rzRWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjEwODU2MzNaFw0yNDEyMTkwOTAxMzNaMDMxMTAvBgNV
BAMTKDI3ODU5QUNCMkNDMEQ3RUIxMEU5QzdENkE1OEE1MjM1MDk5RjdBRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnD9ZoNCjY+DMV6yrVbMdReWHi
Wc3tMXWDEGT7kOFNtGtFyO9HiT9SLlXMIKh2+l9OvgKeFAOBhFspaU/oM53R3V0i
MigAEXc4395nKPvGlmN2kaPy1jBLcDN7ve8w6FZQjs7ladKkTgdQ9yrS36eEXGJ9
I5Xi1N165Ib2LEXx1xIJPBWe99anjYPWs8++VumirSKxBq92sVtrAgRVDx/tXrpo
yTbW/4xRcTGM8PM6xETkpgBWcx9i5LGIu/IiYk3YCBvpERwj+mXMFsxdB9Z0byVW
bXihyaiAsO3K7bxRxb8A5/rGTn/oOrW9pb438wTSl2EKaVwoaNNrX6MOj+IJAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUJ4WayyzA1+sQ6cfWpYpSNQmfevwwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTM0NjY2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gJwwDQYJKoZIhvcNAQELBQADggEBAHhhRYFhhzPk6mMN6wYi/o2zLLJwGUltvQCj
Ok22tfICFsvgBYV6b1u/1cq/YiWVi2UrOEfQ9T6KMCAs0r2FcasahTXXrWyQuP4n
ZfSJe63qhMXyf+z756GWsFHJ5mgT2NUsMa4ULF+719aASxEG/NX4Eaoby+Ih717e
aLBg/I4Fm+IkTWPhZtNZ/f9xbtZvwVDrREEj3Cw/HijK2pRoDiY4yncKvqHkVx8Y
vI1XFHBcfJTgukpY/MdH5fW7JfGmWjknWeRbyz2egFp+OU0ogKArGaki34eMYzjs
Q+Km3ifhNn3Yopu9LvoWYFlkWYykNc9bqy6bkDU48hEsx3mLTA0=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org