Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: AoagMSxM62S2W9hO/WPGHnk9c8OtCy61ULFNVbLMlRo=
Subject key identifier: 27:87:D2:5A:60:6A:C7:60:B4:1A:4E:B3:DD:B4:C5:EB:08:B9:FC:6B
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2E0E9529B607EB7D8CE03C52E7558477EFA50B92
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215304.roa
Signing time: Sat 11 May 2024 10:40:20 +0000
ROA not before: Sat 11 May 2024 10:35:20 +0000
ROA not after: Sat 10 May 2025 10:40:20 +0000
asID: 215304
IP address blocks: 2a13:df80:7400::/38 maxlen: 38
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:0e:95:29:b6:07:eb:7d:8c:e0:3c:52:e7:55:84:77:ef:a5:0b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 11 10:35:20 2024 GMT
Not After : May 10 10:40:20 2025 GMT
Subject: CN=2787D25A606AC760B41A4EB3DDB4C5EB08B9FC6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f4:97:cd:80:82:54:ad:c1:46:71:51:bb:0e:
39:97:18:eb:b6:9e:44:61:79:f9:51:21:48:9a:23:
8f:77:0f:e3:3c:85:d6:4d:17:20:b9:96:1c:bb:37:
5e:74:9c:e6:b7:2d:1a:a4:2c:e2:0c:8e:c6:63:50:
ac:25:b5:f6:f4:b5:3c:d5:1e:9a:52:e0:f2:75:47:
60:04:cd:d6:8e:b6:82:e6:3b:ae:49:ca:41:f4:07:
cb:f7:b0:41:21:3f:dd:a4:ef:65:51:f6:96:19:3f:
e8:3e:10:15:4d:10:63:6a:66:0d:1e:20:78:d7:22:
8a:7a:33:61:40:c4:49:85:7c:cc:ae:ce:2f:55:2d:
ef:f2:db:83:09:36:78:36:81:63:46:16:3d:3f:22:
fd:51:9f:df:d6:85:62:52:06:90:f6:34:6b:e3:82:
85:d4:c3:04:a7:10:4e:8d:8b:e2:63:21:8a:6b:c0:
d2:2d:ad:d1:0a:e3:6b:ad:bd:e4:cb:47:30:63:9c:
96:5a:2f:09:b5:32:18:6f:ad:ef:5c:3a:ae:b6:4e:
1a:1e:ba:ae:8a:58:96:e6:36:63:0c:42:70:43:25:
d0:ce:78:70:e9:6e:fb:9e:42:a2:fa:4a:bb:fc:3d:
d8:1c:90:c5:80:75:bc:5e:24:a4:bb:b1:fd:5d:19:
67:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:87:D2:5A:60:6A:C7:60:B4:1A:4E:B3:DD:B4:C5:EB:08:B9:FC:6B
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:7400::/38
Signature Algorithm: sha256WithRSAEncryption
8e:b6:d1:54:fa:bc:4f:f6:bb:f6:46:9f:bd:8f:fa:88:87:b9:
7e:43:ff:43:c3:70:74:3e:90:c1:32:80:a7:58:c5:57:78:67:
95:e2:c7:5a:8f:97:14:2a:2c:70:22:f0:a9:7d:65:5d:20:0b:
db:c3:31:ec:ab:2a:de:ab:37:a6:e5:d0:53:ab:57:1b:04:85:
5d:2e:97:58:63:3b:8e:09:8b:25:8c:a4:b4:68:27:d8:84:1f:
ee:b2:19:70:6e:41:53:7e:bc:60:18:14:2c:3a:3c:bf:f8:d9:
93:31:bc:6c:9d:da:c2:da:ee:b6:65:c9:f6:7b:9a:cc:f8:8c:
8b:6e:37:83:bc:aa:4b:c3:11:cc:03:ff:b6:a0:70:5e:9a:10:
1a:6c:bc:59:70:ad:c3:b2:b1:94:c6:ef:2a:6f:08:be:64:42:
a6:e9:99:31:e1:9b:e2:2b:68:b6:76:4c:5a:58:86:3c:4f:98:
12:03:e4:dd:65:2b:4d:a7:f8:f8:79:39:c0:98:95:0f:11:66:
d6:eb:ec:3f:6f:7a:93:58:3d:70:d8:52:96:d5:68:bf:bf:89:
a4:95:61:5f:0f:4b:da:47:03:9b:c3:dd:f6:ef:43:7f:f3:57:
80:a3:87:26:ef:f7:85:24:6d:df:af:2a:8b:50:9a:56:f7:e3:
17:d7:fe:e8
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIULg6VKbYH632M4DxS51WEd++lC5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MTExMDM1MjBaFw0yNTA1MTAxMDQwMjBaMDMxMTAvBgNV
BAMTKDI3ODdEMjVBNjA2QUM3NjBCNDFBNEVCM0REQjRDNUVCMDhCOUZDNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE9JfNgIJUrcFGcVG7DjmXGOu2
nkRheflRIUiaI493D+M8hdZNFyC5lhy7N150nOa3LRqkLOIMjsZjUKwltfb0tTzV
HppS4PJ1R2AEzdaOtoLmO65JykH0B8v3sEEhP92k72VR9pYZP+g+EBVNEGNqZg0e
IHjXIop6M2FAxEmFfMyuzi9VLe/y24MJNng2gWNGFj0/Iv1Rn9/WhWJSBpD2NGvj
goXUwwSnEE6Ni+JjIYprwNItrdEK42utveTLRzBjnJZaLwm1Mhhvre9cOq62Thoe
uq6KWJbmNmMMQnBDJdDOeHDpbvueQqL6Srv8PdgckMWAdbxeJKS7sf1dGWfrAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUJ4fSWmBqx2C0Gk6z3bTF6wi5/GswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
gHQwDQYJKoZIhvcNAQELBQADggEBAI620VT6vE/2u/ZGn72P+oiHuX5D/0PDcHQ+
kMEygKdYxVd4Z5Xix1qPlxQqLHAi8Kl9ZV0gC9vDMeyrKt6rN6bl0FOrVxsEhV0u
l1hjO44JiyWMpLRoJ9iEH+6yGXBuQVN+vGAYFCw6PL/42ZMxvGyd2sLa7rZlyfZ7
msz4jItuN4O8qkvDEcwD/7agcF6aEBpsvFlwrcOysZTG7ypvCL5kQqbpmTHhm+Ir
aLZ2TFpYhjxPmBID5N1lK02n+Ph5OcCYlQ8RZtbr7D9vepNYPXDYUpbVaL+/iaSV
YV8PS9pHA5vD3fbvQ3/zV4Cjhybv94Ukbd+vKotQmlb34xfX/ug=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org