Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212685.roa
File: AS212685.roa (raw, json)
Hash identifier: PgU8WzJMWv/HuRj4FMM9vkwA4piD/rux8lGCKruzvH4=
Subject key identifier: EB:17:4D:42:DD:24:9A:24:44:3F:EE:05:09:B1:4D:1A:F6:DA:09:4D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 52D3E9AFF61E2011DB61A3E9825F7DF495A67E4D
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212685.roa
Signing time: Wed 20 Dec 2023 16:21:58 +0000
ROA not before: Wed 20 Dec 2023 16:16:58 +0000
ROA not after: Wed 18 Dec 2024 16:21:58 +0000
asID: 212685
IP address blocks: 2a13:df87:f000::/37 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d3:e9:af:f6:1e:20:11:db:61:a3:e9:82:5f:7d:f4:95:a6:7e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:58 2023 GMT
Not After : Dec 18 16:21:58 2024 GMT
Subject: CN=EB174D42DD249A24443FEE0509B14D1AF6DA094D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:0e:a5:6c:72:47:d0:18:91:8f:ca:d2:3d:
64:9c:41:8e:04:94:3c:30:75:f7:39:fa:6a:5b:f0:
50:25:a8:88:39:9f:88:19:f3:78:26:d7:68:7e:1c:
f0:91:e1:64:4d:e4:f6:86:68:a1:92:94:cc:e1:40:
8a:93:b9:f2:9c:8a:fb:77:09:19:06:d6:bc:4a:cd:
4a:5c:c8:35:70:0e:74:16:56:49:60:d4:6b:5b:eb:
6f:25:8b:cc:c6:7b:a5:bc:32:bf:10:06:51:ca:ea:
51:7d:e6:a1:52:53:ea:5e:82:df:70:90:96:15:cb:
9e:5a:ad:bf:57:77:7c:38:9d:29:b3:5c:5a:2b:5b:
3c:6e:82:61:e9:83:52:c2:4c:10:72:e1:04:0c:6d:
44:16:ff:ad:f7:b2:55:b0:e3:22:ba:94:1e:61:03:
7e:80:c4:10:ce:dd:59:bf:04:1a:ee:41:19:68:bb:
51:93:85:3c:fb:21:d1:d3:6b:a4:ee:f9:a9:7b:ac:
ee:42:96:78:f3:0c:1b:23:fe:cf:fd:69:0c:6a:15:
92:4b:62:b9:69:3f:01:35:1f:e4:60:2e:45:8b:08:
33:fb:8d:ef:19:a1:39:37:7d:ab:3b:a3:f1:88:5c:
a5:ea:af:e4:8e:f9:d5:6c:fb:63:8e:6b:ef:6e:51:
0c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:17:4D:42:DD:24:9A:24:44:3F:EE:05:09:B1:4D:1A:F6:DA:09:4D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS212685.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:f000::/37
Signature Algorithm: sha256WithRSAEncryption
c1:0b:8d:6d:88:06:f5:fa:fa:3b:c3:7a:47:65:05:42:21:95:
22:3b:d7:14:b4:8e:8d:1b:15:7a:7c:06:92:93:6a:0f:9a:92:
44:ca:ac:48:11:a6:32:66:a3:30:29:39:63:aa:24:11:ba:f9:
4c:6e:0e:08:4a:0a:6c:4a:f9:17:1f:d9:7c:ff:ea:95:8b:08:
69:0b:89:76:a0:83:06:dd:73:99:1f:2e:8b:48:04:64:5a:de:
85:cc:4c:80:9b:f3:88:73:85:80:ff:64:f9:2a:84:ea:2b:83:
34:a7:6e:72:35:08:a0:e9:ec:44:8b:6f:6c:80:4e:31:3a:5c:
22:57:28:1e:db:fb:a9:a2:96:cb:3e:ba:dd:d3:63:fb:59:99:
b6:b0:7e:08:c2:b9:cb:e1:41:ec:58:62:bf:e3:45:45:d6:2d:
ab:63:7b:56:8c:62:4d:a8:ac:7d:e6:38:71:f2:a0:8b:f4:ff:
8d:48:0c:4a:b1:53:ce:ea:73:f3:18:ec:fc:be:69:75:d6:0e:
96:f6:9f:6a:64:c6:3f:64:5a:9f:b7:6a:20:cf:e6:23:90:de:
27:8e:44:8c:74:d6:59:5a:1e:cc:02:f5:9c:2f:f2:36:bd:ae:
34:b4:c5:87:c6:0f:7e:78:91:b4:ae:bf:a1:98:c4:79:59:b9:
a9:19:cf:bd
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUUtPpr/YeIBHbYaPpgl999JWmfk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NThaFw0yNDEyMTgxNjIxNThaMDMxMTAvBgNV
BAMTKEVCMTc0RDQyREQyNDlBMjQ0NDNGRUUwNTA5QjE0RDFBRjZEQTA5NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt9Q6lbHJH0BiRj8rSPWScQY4E
lDwwdfc5+mpb8FAlqIg5n4gZ83gm12h+HPCR4WRN5PaGaKGSlMzhQIqTufKcivt3
CRkG1rxKzUpcyDVwDnQWVklg1Gtb628li8zGe6W8Mr8QBlHK6lF95qFSU+pegt9w
kJYVy55arb9Xd3w4nSmzXForWzxugmHpg1LCTBBy4QQMbUQW/633slWw4yK6lB5h
A36AxBDO3Vm/BBruQRlou1GThTz7IdHTa6Tu+al7rO5ClnjzDBsj/s/9aQxqFZJL
YrlpPwE1H+RgLkWLCDP7je8ZoTk3fas7o/GIXKXqr+SO+dVs+2OOa+9uUQz1AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU6xdNQt0kmiREP+4FCbFNGvbaCU0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjEyNjg1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYDKhPf
h/AwDQYJKoZIhvcNAQELBQADggEBAMELjW2IBvX6+jvDekdlBUIhlSI71xS0jo0b
FXp8BpKTag+akkTKrEgRpjJmozApOWOqJBG6+UxuDghKCmxK+Rcf2Xz/6pWLCGkL
iXaggwbdc5kfLotIBGRa3oXMTICb84hzhYD/ZPkqhOorgzSnbnI1CKDp7ESLb2yA
TjE6XCJXKB7b+6milss+ut3TY/tZmbawfgjCucvhQexYYr/jRUXWLatje1aMYk2o
rH3mOHHyoIv0/41IDEqxU87qc/MY7Py+aXXWDpb2n2pkxj9kWp+3aiDP5iOQ3ieO
RIx01llaHswC9Zwv8ja9rjS0xYfGD354kbSuv6GYxHlZuakZz70=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:40 2024 by rpki-client on console-ams.rpki-client.org