Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199763.roa
File: AS199763.roa (raw, json)
Hash identifier: WccF6uBh6doTUWq3hx2ueDXLLFNokIvq+ZcmvGEzsMU=
Subject key identifier: E9:DE:D4:91:72:1A:74:4D:D1:0D:8A:19:A2:69:75:38:0F:64:84:09
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 5DC5E9607511FF24622DD7DCA96B37132777BADF
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199763.roa
Signing time: Wed 20 Dec 2023 16:22:07 +0000
ROA not before: Wed 20 Dec 2023 16:17:07 +0000
ROA not after: Wed 18 Dec 2024 16:22:07 +0000
asID: 199763
IP address blocks: 2a13:df85:bf00::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:c5:e9:60:75:11:ff:24:62:2d:d7:dc:a9:6b:37:13:27:77:ba:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:07 2023 GMT
Not After : Dec 18 16:22:07 2024 GMT
Subject: CN=E9DED491721A744DD10D8A19A26975380F648409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:92:ca:39:2b:f4:9e:83:9a:96:4e:68:bf:
79:fe:63:0a:aa:e9:53:51:c8:9c:07:59:d6:eb:4d:
57:9c:9a:29:9b:58:b9:a2:16:5a:8d:4a:39:38:b1:
63:c3:db:ad:a9:31:6d:3d:41:cd:e7:2e:eb:8c:f2:
4f:09:f2:a6:01:7e:c3:2f:f4:de:29:83:03:8b:c6:
aa:ae:c0:42:9d:41:a1:0d:a0:e6:70:c7:d8:f3:3e:
59:2c:3a:37:7b:47:bb:02:fa:c8:b6:14:2a:3b:6e:
e6:ae:86:34:ac:27:10:f8:d2:80:6d:5e:f4:72:7f:
8d:ca:dd:88:28:50:8d:8a:1c:eb:8a:0a:15:37:49:
fe:b1:47:ee:98:78:71:f4:46:4f:f3:3c:6b:60:47:
4b:fc:3b:a6:5a:ea:2b:82:e6:4b:c7:46:b3:13:c0:
e6:8f:cc:09:0e:ff:e4:45:09:2f:5e:46:20:4e:4d:
3c:fc:0e:5e:43:8a:ee:e0:c6:dd:55:8e:65:bc:30:
aa:64:45:43:5f:22:f8:ac:0b:11:dd:4e:9f:ef:10:
e0:37:ac:27:fb:06:39:27:33:01:5a:2f:e1:7a:c8:
1c:fd:e8:51:50:c5:62:47:89:9f:69:a9:c7:be:e7:
2f:1b:ba:e0:21:a9:d3:e3:48:0d:fa:19:56:96:6b:
fb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:DE:D4:91:72:1A:74:4D:D1:0D:8A:19:A2:69:75:38:0F:64:84:09
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS199763.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:bf00::/40
Signature Algorithm: sha256WithRSAEncryption
00:ab:4f:b4:d8:7b:08:35:e8:4b:ce:c5:8e:ab:03:76:a0:03:
06:66:d9:33:8c:2a:ae:cc:ea:24:01:a5:88:86:d6:87:66:14:
c9:22:b1:64:51:0a:c0:57:4f:a9:7d:39:b0:23:74:47:09:4c:
81:7a:a0:53:3c:eb:a3:9a:d6:4f:c9:e6:dd:fd:b6:dd:9a:0b:
1e:55:8d:5f:97:6b:fc:e2:e1:d8:1c:af:65:bd:1e:65:e1:44:
fe:b3:b4:e2:bf:35:45:81:85:9b:cd:c0:77:46:cf:be:7f:64:
8e:6a:d6:47:d4:d3:8d:60:88:53:f8:11:f0:98:21:8d:25:ba:
3e:86:90:b1:07:25:0e:c9:7d:5c:14:dc:6e:5a:f6:1a:b5:28:
e4:d2:39:e1:fb:75:a2:8d:09:a3:e8:89:76:1d:cc:e3:7f:f0:
03:29:2a:e5:fb:55:d2:42:5e:14:83:c7:2e:10:fd:20:6b:d6:
34:61:10:9f:88:64:cd:cd:f2:56:c3:0e:1a:dc:ba:bc:19:ba:
5f:d3:d8:3c:e1:f1:e5:51:69:0c:ff:7a:f4:cd:d1:0e:6d:e7:
ff:1f:cc:50:1c:41:09:32:bb:b4:2a:e9:0c:1f:80:88:ec:ba:
bf:ee:86:cb:88:0b:e9:e5:df:d7:33:57:66:1e:bd:e3:78:58:
3b:e9:ec:45
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUXcXpYHUR/yRiLdfcqWs3Eyd3ut8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MDdaFw0yNDEyMTgxNjIyMDdaMDMxMTAvBgNV
BAMTKEU5REVENDkxNzIxQTc0NEREMTBEOEExOUEyNjk3NTM4MEY2NDg0MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdh5LKOSv0noOalk5ov3n+Ywqq
6VNRyJwHWdbrTVecmimbWLmiFlqNSjk4sWPD262pMW09Qc3nLuuM8k8J8qYBfsMv
9N4pgwOLxqquwEKdQaENoOZwx9jzPlksOjd7R7sC+si2FCo7buauhjSsJxD40oBt
XvRyf43K3YgoUI2KHOuKChU3Sf6xR+6YeHH0Rk/zPGtgR0v8O6Za6iuC5kvHRrMT
wOaPzAkO/+RFCS9eRiBOTTz8Dl5Diu7gxt1VjmW8MKpkRUNfIvisCxHdTp/vEOA3
rCf7BjknMwFaL+F6yBz96FFQxWJHiZ9pqce+5y8buuAhqdPjSA36GVaWa/s7AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU6d7UkXIadE3RDYoZoml1OA9khAkwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMTk5NzYzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
hb8wDQYJKoZIhvcNAQELBQADggEBAACrT7TYewg16EvOxY6rA3agAwZm2TOMKq7M
6iQBpYiG1odmFMkisWRRCsBXT6l9ObAjdEcJTIF6oFM866Oa1k/J5t39tt2aCx5V
jV+Xa/zi4dgcr2W9HmXhRP6ztOK/NUWBhZvNwHdGz75/ZI5q1kfU041giFP4EfCY
IY0luj6GkLEHJQ7JfVwU3G5a9hq1KOTSOeH7daKNCaPoiXYdzON/8AMpKuX7VdJC
XhSDxy4Q/SBr1jRhEJ+IZM3N8lbDDhrcurwZul/T2Dzh8eVRaQz/evTN0Q5t5/8f
zFAcQQkyu7Qq6QwfgIjsur/uhsuIC+nl39czV2YeveN4WDvp7EU=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org