Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200529.roa
File: AS200529.roa (raw, json)
Hash identifier: fASWFAsMHiyI8h3I9i1I7pERM1PuzwQ8bA1aoBae3Ok=
Subject key identifier: EC:49:1D:08:54:91:F4:F0:FA:FF:3F:0C:9C:BD:22:FF:33:14:EA:02
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 7E60D51E195F0443F32188DBFCE78EAF8AF154CE
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200529.roa
Signing time: Mon 06 May 2024 14:42:00 +0000
ROA not before: Mon 06 May 2024 14:37:00 +0000
ROA not after: Mon 05 May 2025 14:42:00 +0000
asID: 200529
IP address blocks: 2a13:df80:40::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:60:d5:1e:19:5f:04:43:f3:21:88:db:fc:e7:8e:af:8a:f1:54:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 6 14:37:00 2024 GMT
Not After : May 5 14:42:00 2025 GMT
Subject: CN=EC491D085491F4F0FAFF3F0C9CBD22FF3314EA02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:35:be:1b:d2:c6:59:4a:5c:6d:76:ab:ec:
88:78:29:39:cd:15:9e:5e:14:0a:e9:d1:a5:e5:a8:
81:7c:e5:b2:71:3b:ff:aa:99:6b:7d:63:2d:a5:0d:
7e:91:7f:22:e3:6d:04:f8:4d:98:de:5b:6b:fe:df:
89:dc:a8:3e:2f:fc:77:b1:c4:47:ac:07:cc:09:04:
11:22:a6:e9:2d:b0:91:d1:3d:ef:93:a3:6e:a2:1b:
65:90:71:2c:83:92:68:fe:bb:1e:8c:b1:1d:40:c3:
51:6a:9e:9b:ff:6f:5b:16:85:e1:b3:40:72:8c:4f:
de:3d:7b:ee:58:cc:98:a0:38:b4:78:1c:d8:e6:39:
d3:de:51:7b:9a:08:ec:6d:80:a5:79:53:10:13:6d:
52:7e:aa:1c:ad:6a:01:06:7a:38:67:47:17:59:1b:
78:ac:fa:90:38:7f:1c:6b:f3:28:78:59:88:45:30:
e7:85:f9:4a:1c:48:6e:b1:70:6a:56:f2:40:0a:eb:
84:a3:11:b2:5c:05:cb:63:10:c9:93:89:38:1a:9e:
75:2b:61:da:fb:39:55:26:19:95:8a:13:a2:84:e5:
00:ca:1a:ef:10:44:f1:ab:7b:d0:dc:a2:2d:bb:65:
a9:43:22:a4:d2:60:6e:1c:5f:ff:ac:42:1d:c0:df:
e9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:49:1D:08:54:91:F4:F0:FA:FF:3F:0C:9C:BD:22:FF:33:14:EA:02
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS200529.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:40::/44
Signature Algorithm: sha256WithRSAEncryption
51:9b:09:0f:0a:0a:7c:ed:0c:cd:9a:8c:39:df:bb:46:26:6d:
67:70:0c:8e:d0:06:ba:5b:be:c8:6f:3c:2e:92:3e:68:c7:c0:
15:b7:f8:e8:f9:a1:b7:39:0b:76:ce:0a:17:83:b3:29:5c:9a:
3c:0a:a8:a2:24:38:27:83:24:36:97:72:5c:d9:3d:68:7f:e8:
58:4d:d8:37:40:e9:3b:09:37:d7:67:43:3d:4b:39:6a:35:20:
8b:db:7d:26:08:5e:b9:f7:be:51:bd:eb:e6:3f:73:00:1f:fc:
1b:1f:2d:56:b9:c3:49:e0:ca:0a:5b:52:33:91:72:b7:b2:3e:
9e:f5:57:22:c0:1f:3e:4c:70:b7:19:94:be:c4:31:be:1e:57:
8b:7a:da:05:aa:82:30:4d:e8:e1:37:fc:3c:79:e1:0d:fc:f5:
45:16:3f:71:68:8c:5b:32:16:b0:02:78:c8:11:81:46:5f:97:
bf:d4:ef:4b:1b:46:17:cb:bc:8d:6c:c5:d0:ea:5c:84:51:72:
8b:29:cf:db:82:aa:0b:83:f6:3e:a2:90:21:9f:f8:38:0a:ec:
59:ee:ac:1c:6f:49:9a:da:1d:37:d6:6f:22:fd:22:e9:33:26:
7a:35:56:5a:aa:8d:77:b6:02:0b:c7:59:26:77:90:35:c1:79:
de:91:a9:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUfmDVHhlfBEPzIYjb/OeOr4rxVM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MDYxNDM3MDBaFw0yNTA1MDUxNDQyMDBaMDMxMTAvBgNV
BAMTKEVDNDkxRDA4NTQ5MUY0RjBGQUZGM0YwQzlDQkQyMkZGMzMxNEVBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCOTW+G9LGWUpcbXar7Ih4KTnN
FZ5eFArp0aXlqIF85bJxO/+qmWt9Yy2lDX6RfyLjbQT4TZjeW2v+34ncqD4v/Hex
xEesB8wJBBEipuktsJHRPe+To26iG2WQcSyDkmj+ux6MsR1Aw1Fqnpv/b1sWheGz
QHKMT949e+5YzJigOLR4HNjmOdPeUXuaCOxtgKV5UxATbVJ+qhytagEGejhnRxdZ
G3is+pA4fxxr8yh4WYhFMOeF+UocSG6xcGpW8kAK64SjEbJcBctjEMmTiTgannUr
Ydr7OVUmGZWKE6KE5QDKGu8QRPGre9Dcoi27ZalDIqTSYG4cX/+sQh3A3+l3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU7EkdCFSR9PD6/z8MnL0i/zMU6gIwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjAwNTI5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gABAMA0GCSqGSIb3DQEBCwUAA4IBAQBRmwkPCgp87QzNmow537tGJm1ncAyO0Aa6
W77Ibzwukj5ox8AVt/jo+aG3OQt2zgoXg7MpXJo8CqiiJDgngyQ2l3Jc2T1of+hY
Tdg3QOk7CTfXZ0M9SzlqNSCL230mCF65975RvevmP3MAH/wbHy1WucNJ4MoKW1Iz
kXK3sj6e9VciwB8+THC3GZS+xDG+HleLetoFqoIwTejhN/w8eeEN/PVFFj9xaIxb
MhawAnjIEYFGX5e/1O9LG0YXy7yNbMXQ6lyEUXKLKc/bgqoLg/Y+opAhn/g4CuxZ
7qwcb0ma2h031m8i/SLpMyZ6NVZaqo13tgILx1kmd5A1wXnekanD
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org