Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197634.roa
File: AS197634.roa (raw, json)
Hash identifier: CEcfwoJ9JvlLfaoBBUdVzaEB5ulzPhY2/ofhYg8ar3U=
Subject key identifier: 83:34:1E:3F:FE:F4:30:6D:89:25:C4:40:54:FB:DF:54:D6:1D:0C:A9
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3EB905766D4FE3864511DA8F275DF04C4AF76D46
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197634.roa
Signing time: Wed 20 Dec 2023 16:21:47 +0000
ROA not before: Wed 20 Dec 2023 16:16:47 +0000
ROA not after: Wed 18 Dec 2024 16:21:47 +0000
asID: 197634
IP address blocks: 2a13:df80:1360::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:b9:05:76:6d:4f:e3:86:45:11:da:8f:27:5d:f0:4c:4a:f7:6d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:47 2023 GMT
Not After : Dec 18 16:21:47 2024 GMT
Subject: CN=83341E3FFEF4306D8925C44054FBDF54D61D0CA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:df:12:f2:56:47:6d:f3:d7:a7:d4:26:41:1d:
21:ff:bf:45:b8:4a:f2:2c:c3:1b:0b:08:1d:73:89:
10:cf:d9:be:8b:50:5a:89:5e:47:c0:59:fb:96:83:
c4:c1:56:7a:ad:bc:a1:bb:ee:f1:f6:34:88:32:75:
06:af:38:34:a6:1c:c8:15:23:d5:26:a6:b3:30:10:
ae:bf:5d:a9:4f:12:2a:61:ca:09:e2:8d:38:78:77:
8d:e3:d2:21:17:14:c9:8d:69:ea:75:a9:8a:61:9a:
76:ca:3b:1c:54:a4:f1:1e:96:03:e6:9e:fd:9d:74:
fc:cf:82:3a:f1:f8:19:71:a4:6a:c2:d6:35:a6:f6:
f3:dd:41:83:97:d7:2b:c1:bc:36:dc:df:f3:8c:61:
20:94:ee:08:f7:11:6d:a3:9f:41:8b:82:a4:c0:b3:
a6:53:bf:ab:88:a9:58:19:64:16:93:6a:1f:8f:7e:
89:f0:22:fe:13:20:70:37:cc:d6:88:4b:9d:23:e1:
05:ba:8f:8c:d7:94:2a:cf:55:e2:85:27:d4:5b:08:
30:8a:f6:6e:5e:5d:6c:2f:7b:50:6c:9b:a4:17:00:
da:84:23:01:6d:88:2f:49:3b:bf:58:dc:b6:c6:ac:
02:37:2e:03:39:e9:fd:6e:bf:09:4c:81:65:85:72:
1d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:34:1E:3F:FE:F4:30:6D:89:25:C4:40:54:FB:DF:54:D6:1D:0C:A9
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS197634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1360::/44
Signature Algorithm: sha256WithRSAEncryption
06:ca:4f:64:b9:8a:89:ab:21:ac:e1:3a:bf:27:e5:f0:bb:0a:
67:df:0b:4e:50:f6:33:48:c6:fd:ce:ad:2e:27:68:6c:1f:72:
b7:bd:98:77:55:53:81:b7:c1:c7:15:79:14:c4:6d:1f:a4:98:
d4:ea:a4:14:15:c3:15:45:74:3a:7e:36:cf:40:ae:32:87:3d:
0f:3e:a9:7c:26:bb:c8:57:ce:4d:12:84:87:ba:e3:82:23:b3:
6c:ff:d8:09:0d:ce:6c:e7:30:e8:11:e6:ab:c8:27:a3:27:29:
40:a0:4f:bb:b2:92:46:fd:09:bc:aa:90:3d:51:69:87:ac:c2:
8b:1d:71:22:64:8a:af:9a:e8:c4:72:68:1a:9a:c5:fd:ec:a0:
f1:f9:f7:fe:4a:d9:8a:ca:04:f5:2a:97:6c:60:a5:11:83:24:
56:57:91:4f:2d:19:1e:c7:39:5d:76:50:40:29:a3:40:4e:a8:
5b:bc:06:15:08:1d:28:86:24:b3:ae:1f:2f:27:59:5a:e5:6c:
3f:70:b1:2a:20:fb:1a:4e:9c:f1:ba:24:f7:d3:ba:58:8e:cc:
87:10:80:0c:f1:69:c9:43:32:aa:29:89:c7:27:47:41:7f:de:
38:d0:02:bd:b6:79:fe:72:bc:7e:d4:ca:fb:3b:05:d1:f0:88:
d0:97:44:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUPrkFdm1P44ZFEdqPJ13wTEr3bUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDdaFw0yNDEyMTgxNjIxNDdaMDMxMTAvBgNV
BAMTKDgzMzQxRTNGRkVGNDMwNkQ4OTI1QzQ0MDU0RkJERjU0RDYxRDBDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX3xLyVkdt89en1CZBHSH/v0W4
SvIswxsLCB1ziRDP2b6LUFqJXkfAWfuWg8TBVnqtvKG77vH2NIgydQavODSmHMgV
I9UmprMwEK6/XalPEiphygnijTh4d43j0iEXFMmNaep1qYphmnbKOxxUpPEelgPm
nv2ddPzPgjrx+BlxpGrC1jWm9vPdQYOX1yvBvDbc3/OMYSCU7gj3EW2jn0GLgqTA
s6ZTv6uIqVgZZBaTah+PfonwIv4TIHA3zNaIS50j4QW6j4zXlCrPVeKFJ9RbCDCK
9m5eXWwve1Bsm6QXANqEIwFtiC9JO79Y3LbGrAI3LgM56f1uvwlMgWWFch0TAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUgzQeP/70MG2JJcRAVPvfVNYdDKkwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk3NjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gBNgMA0GCSqGSIb3DQEBCwUAA4IBAQAGyk9kuYqJqyGs4Tq/J+Xwuwpn3wtOUPYz
SMb9zq0uJ2hsH3K3vZh3VVOBt8HHFXkUxG0fpJjU6qQUFcMVRXQ6fjbPQK4yhz0P
Pql8JrvIV85NEoSHuuOCI7Ns/9gJDc5s5zDoEearyCejJylAoE+7spJG/Qm8qpA9
UWmHrMKLHXEiZIqvmujEcmgamsX97KDx+ff+StmKygT1KpdsYKURgyRWV5FPLRke
xzlddlBAKaNATqhbvAYVCB0ohiSzrh8vJ1la5Ww/cLEqIPsaTpzxuiT307pYjsyH
EIAM8WnJQzKqKYnHJ0dBf9440AK9tnn+crx+1Mr7OwXR8IjQl0Q+
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org