Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS209025.roa
File: AS209025.roa (raw, json)
Hash identifier: ntS0o/wjx2jw4477nUeOxrE1DOB0ZjSO8CwisNuSe+8=
Subject key identifier: E8:5D:5D:0F:7E:FC:E5:8E:BE:0C:C4:C3:B1:70:D6:23:A9:E7:AB:41
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 41388202B69D8B72863B3F26856539C51FF64792
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS209025.roa
Signing time: Wed 20 Dec 2023 16:21:50 +0000
ROA not before: Wed 20 Dec 2023 16:16:50 +0000
ROA not after: Wed 18 Dec 2024 16:21:50 +0000
asID: 209025
IP address blocks: 2a13:df85:e800::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:38:82:02:b6:9d:8b:72:86:3b:3f:26:85:65:39:c5:1f:f6:47:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:50 2023 GMT
Not After : Dec 18 16:21:50 2024 GMT
Subject: CN=E85D5D0F7EFCE58EBE0CC4C3B170D623A9E7AB41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:60:c5:02:d0:35:18:ad:4e:2e:72:34:94:1c:
cb:82:a4:b6:88:08:93:ab:31:85:6d:96:84:16:19:
04:7b:94:c9:66:86:3f:23:cc:42:c6:40:4f:de:11:
f1:60:8a:54:5f:98:07:9b:cc:3f:d7:cc:00:38:08:
1c:01:7d:56:66:b0:96:7e:76:41:d7:30:36:ac:8e:
26:91:85:34:6f:d7:ba:cc:48:99:b9:44:c7:9c:3d:
ea:9c:d4:31:f7:8e:28:74:bd:89:f0:04:ef:14:94:
01:f4:ac:26:2d:53:4b:d9:e2:da:ba:50:51:1d:70:
52:0a:14:20:d4:53:ea:2a:c9:57:5d:6a:2e:0c:c0:
56:e9:cc:51:15:ec:19:eb:b2:a6:0a:c0:c9:1d:91:
24:42:6b:28:69:cc:7d:3c:0e:b3:51:90:67:60:6a:
9d:cc:9b:0f:b1:49:95:ec:f1:97:0f:47:7c:df:5e:
a3:ff:e0:55:37:70:62:a6:57:b4:d1:b3:b1:3e:62:
f9:82:3e:f9:94:b6:43:cd:7a:9f:7e:4a:85:0b:fd:
7c:1e:14:88:a0:18:6a:5e:62:80:3a:a4:a2:da:e1:
af:67:b5:ab:c4:dd:7b:1a:2f:6a:12:47:0f:57:ca:
21:93:52:f8:96:00:5b:0e:0c:5d:1e:75:02:98:a1:
2f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5D:5D:0F:7E:FC:E5:8E:BE:0C:C4:C3:B1:70:D6:23:A9:E7:AB:41
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS209025.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:e800::/38
Signature Algorithm: sha256WithRSAEncryption
be:2b:39:c6:27:dd:9c:25:bc:49:57:5d:fa:6d:a7:60:ca:56:
f0:48:3b:d1:07:8e:60:10:0d:dd:63:62:74:c2:80:42:dc:ae:
e7:8b:9c:60:af:b8:62:86:0a:c6:4c:41:4b:47:bd:66:1a:62:
45:3f:7b:b2:62:0c:8f:8a:de:43:eb:bc:34:ff:02:75:e8:eb:
d5:35:6c:6f:fa:f3:b4:55:11:f9:74:e4:28:83:54:41:96:8f:
f3:e2:36:de:dc:19:d0:f5:bd:84:be:a9:49:5a:e9:ab:65:f0:
ad:f7:8a:6f:a7:30:09:f3:52:ff:f1:17:d7:48:30:e8:dc:f3:
40:3f:f9:f1:c9:5f:79:8b:c6:3e:6b:95:d0:7e:d8:f9:d9:a7:
59:94:bd:54:3e:f1:9d:0a:14:be:27:a2:a0:d4:30:a4:0a:62:
88:21:09:eb:4d:46:d0:0c:ce:0a:9d:e7:08:29:98:15:cf:51:
c7:96:e0:74:b8:db:ff:01:30:86:a9:fb:20:ae:95:33:35:79:
7b:90:7d:62:ea:2c:8a:45:04:8b:d8:4d:a2:92:29:f8:ad:8a:
40:a2:ff:fe:1c:18:1b:2c:4b:75:97:92:d3:8d:a7:6a:70:75:
a6:b1:b3:79:8c:c2:7c:db:d5:ee:6d:37:cb:b1:51:e1:b7:17:
e0:7a:a9:1d
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUQTiCAradi3KGOz8mhWU5xR/2R5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NTBaFw0yNDEyMTgxNjIxNTBaMDMxMTAvBgNV
BAMTKEU4NUQ1RDBGN0VGQ0U1OEVCRTBDQzRDM0IxNzBENjIzQTlFN0FCNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMYMUC0DUYrU4ucjSUHMuCpLaI
CJOrMYVtloQWGQR7lMlmhj8jzELGQE/eEfFgilRfmAebzD/XzAA4CBwBfVZmsJZ+
dkHXMDasjiaRhTRv17rMSJm5RMecPeqc1DH3jih0vYnwBO8UlAH0rCYtU0vZ4tq6
UFEdcFIKFCDUU+oqyVddai4MwFbpzFEV7BnrsqYKwMkdkSRCayhpzH08DrNRkGdg
ap3Mmw+xSZXs8ZcPR3zfXqP/4FU3cGKmV7TRs7E+YvmCPvmUtkPNep9+SoUL/Xwe
FIigGGpeYoA6pKLa4a9ntavE3XsaL2oSRw9XyiGTUviWAFsODF0edQKYoS8VAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU6F1dD3785Y6+DMTDsXDWI6nnq0EwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjA5MDI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
hegwDQYJKoZIhvcNAQELBQADggEBAL4rOcYn3ZwlvElXXfptp2DKVvBIO9EHjmAQ
Dd1jYnTCgELcrueLnGCvuGKGCsZMQUtHvWYaYkU/e7JiDI+K3kPrvDT/AnXo69U1
bG/687RVEfl05CiDVEGWj/PiNt7cGdD1vYS+qUla6atl8K33im+nMAnzUv/xF9dI
MOjc80A/+fHJX3mLxj5rldB+2PnZp1mUvVQ+8Z0KFL4noqDUMKQKYoghCetNRtAM
zgqd5wgpmBXPUceW4HS42/8BMIap+yCulTM1eXuQfWLqLIpFBIvYTaKSKfitikCi
//4cGBssS3WXktONp2pwdaaxs3mMwnzb1e5tN8uxUeG3F+B6qR0=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org