Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa
File: AS199186.roa (raw, json)
Hash identifier: cHWmRlDcJdkSqA0nPr8HfFjn7jYIwjMYxkMgP9COMn0=
Subject key identifier: F4:4A:11:34:F9:7C:D5:1F:F2:87:B8:1A:D6:46:06:C6:37:88:CC:E0
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4B80022F3710D4ECDE8385BFF3EB3AEBD3E500A9
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa
Signing time: Wed 20 Dec 2023 16:21:46 +0000
ROA not before: Wed 20 Dec 2023 16:16:46 +0000
ROA not after: Wed 18 Dec 2024 16:21:46 +0000
asID: 199186
IP address blocks: 2a13:df87:9c00::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:80:02:2f:37:10:d4:ec:de:83:85:bf:f3:eb:3a:eb:d3:e5:00:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:46 2023 GMT
Not After : Dec 18 16:21:46 2024 GMT
Subject: CN=F44A1134F97CD51FF287B81AD64606C63788CCE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:df:35:29:76:32:23:2a:ee:a1:21:b8:35:7f:
75:65:df:9c:1a:cb:fd:9a:ad:5e:a6:e8:c4:f5:07:
87:f8:0d:83:dc:d3:63:f2:bb:19:41:9c:08:f9:da:
2c:20:ef:16:f0:f4:23:f9:d3:9b:91:01:b7:cc:15:
aa:1e:54:c3:63:54:81:78:8a:31:45:9e:c5:95:37:
44:0e:12:50:4b:e5:80:30:65:41:d0:8d:c6:87:49:
13:a4:d4:f3:7f:48:38:04:a9:14:0a:83:f8:92:15:
2f:ec:e1:eb:a7:4f:f2:d1:01:8d:e2:7c:0a:8f:84:
31:11:ce:b7:0f:ff:c2:0b:15:c1:d4:d3:e5:d0:a2:
6d:74:c7:be:4e:f6:49:5f:e4:c1:0d:57:10:18:9a:
89:74:fe:e2:a0:50:bb:42:e0:2c:70:83:22:24:7a:
3b:1a:49:12:37:91:86:60:11:74:be:c8:bf:cc:f2:
4e:e1:01:60:f0:e5:a4:0b:ff:5c:d9:70:f7:ca:23:
1d:7f:7c:7d:dc:b3:01:97:12:1c:cd:9e:d1:6d:31:
bc:98:68:a6:f1:9b:06:b8:17:49:9f:38:e9:a4:1c:
e2:71:a7:c0:1a:8c:3b:5e:db:cf:b8:c4:d8:65:f7:
83:ed:b7:b0:82:74:0a:11:0b:b9:be:45:05:a1:61:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:4A:11:34:F9:7C:D5:1F:F2:87:B8:1A:D6:46:06:C6:37:88:CC:E0
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199186.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
ab:77:4b:1d:1c:4d:26:2b:89:3b:04:83:ab:e0:c8:57:58:23:
96:cc:21:e7:c4:e2:13:6b:30:47:8d:e6:99:b5:8b:da:a1:e5:
79:cb:06:0c:72:00:65:dd:87:e2:45:74:5c:b1:0b:41:51:49:
e1:2b:b0:97:6c:29:18:85:57:54:10:c6:7d:6c:7a:72:7b:b6:
d2:d8:43:55:f0:81:97:c7:4d:1f:8c:8e:07:30:74:4b:75:36:
9a:7b:ee:9e:bb:5a:9e:b7:89:e1:0f:8e:e2:0f:d9:a5:b5:d9:
2e:ea:51:fa:32:48:e6:7e:d8:4e:37:e8:eb:14:6e:d4:60:0d:
86:2c:3e:f5:73:3f:55:62:50:1d:47:20:91:f4:dc:66:ac:01:
92:d9:7a:19:9c:cd:1b:61:8e:e4:0d:a8:47:d0:a7:a6:e4:be:
dd:9b:54:47:00:ae:24:3a:ab:3d:3d:d3:43:ff:3c:27:a9:80:
cc:99:c0:60:2c:32:c6:02:5d:d8:43:19:7c:75:e5:71:c5:1b:
19:05:99:3f:4e:71:15:8e:4e:5e:29:73:98:6d:1e:77:ce:7b:
01:de:78:be:31:18:b1:e4:ab:4b:25:f7:34:d0:a3:4c:5d:eb:
e6:3a:c8:82:6e:38:23:7b:cd:94:32:74:53:33:80:93:aa:5d:
c8:8b:ac:7c
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUS4ACLzcQ1Ozeg4W/8+s669PlAKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDZaFw0yNDEyMTgxNjIxNDZaMDMxMTAvBgNV
BAMTKEY0NEExMTM0Rjk3Q0Q1MUZGMjg3QjgxQUQ2NDYwNkM2Mzc4OENDRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn3zUpdjIjKu6hIbg1f3Vl35wa
y/2arV6m6MT1B4f4DYPc02PyuxlBnAj52iwg7xbw9CP505uRAbfMFaoeVMNjVIF4
ijFFnsWVN0QOElBL5YAwZUHQjcaHSROk1PN/SDgEqRQKg/iSFS/s4eunT/LRAY3i
fAqPhDERzrcP/8ILFcHU0+XQom10x75O9klf5MENVxAYmol0/uKgULtC4CxwgyIk
ejsaSRI3kYZgEXS+yL/M8k7hAWDw5aQL/1zZcPfKIx1/fH3cswGXEhzNntFtMbyY
aKbxmwa4F0mfOOmkHOJxp8AajDte28+4xNhl94Ptt7CCdAoRC7m+RQWhYeiXAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU9EoRNPl81R/yh7ga1kYGxjeIzOAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk5MTg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
h5wwDQYJKoZIhvcNAQELBQADggEBAKt3Sx0cTSYriTsEg6vgyFdYI5bMIefE4hNr
MEeN5pm1i9qh5XnLBgxyAGXdh+JFdFyxC0FRSeErsJdsKRiFV1QQxn1senJ7ttLY
Q1XwgZfHTR+MjgcwdEt1Npp77p67Wp63ieEPjuIP2aW12S7qUfoySOZ+2E436OsU
btRgDYYsPvVzP1ViUB1HIJH03GasAZLZehmczRthjuQNqEfQp6bkvt2bVEcAriQ6
qz0900P/PCepgMyZwGAsMsYCXdhDGXx15XHFGxkFmT9OcRWOTl4pc5htHnfOewHe
eL4xGLHkq0sl9zTQo0xd6+Y6yIJuOCN7zZQydFMzgJOqXciLrHw=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org