Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215502.roa
File: AS215502.roa (raw, json)
Hash identifier: NIMAbwaWQhPSx5wPSmZh78PMFcwtCrUuyACy13ilY/0=
Subject key identifier: 7C:8C:63:7A:4E:E1:85:89:D9:27:72:25:26:4D:0A:02:8E:B2:5A:9F
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 7B928C57FA8A73CEE7927A2D73A8FD2EBFFF71A0
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215502.roa
Signing time: Sun 12 May 2024 10:12:18 +0000
ROA not before: Sun 12 May 2024 10:07:18 +0000
ROA not after: Sun 11 May 2025 10:12:18 +0000
asID: 215502
IP address blocks: 2a13:df80:80::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:92:8c:57:fa:8a:73:ce:e7:92:7a:2d:73:a8:fd:2e:bf:ff:71:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 12 10:07:18 2024 GMT
Not After : May 11 10:12:18 2025 GMT
Subject: CN=7C8C637A4EE18589D9277225264D0A028EB25A9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c6:93:bf:00:42:ff:ee:4d:58:89:3c:d0:af:
ab:80:43:89:bf:e2:0f:e9:20:d1:14:0e:28:3b:14:
6f:7b:58:3d:66:a4:9b:6d:d7:64:20:9f:e1:a4:8a:
0e:a0:ea:81:f1:4d:11:2c:3e:3f:35:a0:19:7f:25:
1f:a7:a2:44:25:4c:79:c9:3c:62:08:26:3e:ca:e8:
b6:da:35:7e:4b:8d:a9:1e:ae:fd:ac:de:d8:53:20:
c5:1b:99:58:3e:05:95:88:e6:4f:ab:01:cf:93:52:
ed:e8:16:73:e2:29:14:8c:34:02:6e:7b:d5:50:fb:
d2:ab:70:e4:05:fc:29:3f:73:78:b9:43:41:65:8e:
dc:8b:22:1c:0c:28:a4:bf:4f:d2:75:71:0e:9e:ac:
04:5b:c8:db:00:0d:41:24:f6:99:1d:68:af:b2:1d:
af:e4:20:df:42:db:a6:28:5e:16:5b:88:64:c8:82:
59:d8:c4:a7:60:2d:18:34:71:39:c4:b7:a6:de:56:
a7:a2:45:46:0d:e5:db:59:34:f6:78:68:12:54:31:
0c:61:8e:bd:03:a6:a9:11:e2:8e:6d:c4:08:d0:95:
de:6c:52:c0:f1:4a:c7:ff:32:a6:ea:30:41:f4:5e:
1c:73:18:40:29:34:7c:3d:e9:38:38:81:c2:a0:af:
11:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:8C:63:7A:4E:E1:85:89:D9:27:72:25:26:4D:0A:02:8E:B2:5A:9F
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215502.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:80::/44
Signature Algorithm: sha256WithRSAEncryption
55:b5:96:06:b9:fe:4e:7e:4f:cc:27:06:59:ed:fd:fc:ba:36:
d0:26:57:e7:f9:3f:62:52:e1:2d:d1:84:77:f2:80:e0:cd:67:
cf:0f:84:88:4f:fa:c9:c4:f0:39:72:5d:72:f2:d2:37:3c:a1:
47:fc:b8:c2:8e:3c:a8:17:f2:cf:e1:e4:bc:48:6b:ed:8e:78:
67:38:e1:ef:fe:a7:b6:47:fd:8f:0c:df:93:b4:54:67:85:76:
e9:70:bb:fe:3c:fb:75:3c:fd:c8:d0:dc:54:c3:3f:c0:55:01:
c4:2c:64:e4:e4:25:b0:4b:fb:09:e7:a5:8d:6a:85:2d:7b:74:
b8:ba:08:26:53:0a:23:27:b8:64:23:4d:b2:14:49:02:fd:1a:
04:51:e4:56:09:6a:87:ef:f0:69:fe:2e:91:72:d8:50:91:f9:
30:1d:9f:e7:2b:96:a7:67:a1:3e:9b:76:1d:90:01:3f:26:04:
6d:cf:4b:6c:82:65:60:f5:01:fa:f3:8e:2c:fd:25:fe:5e:26:
ae:c5:63:86:55:ba:5f:27:56:06:5c:3b:fc:27:bb:79:25:b8:
4d:b5:7a:e8:2e:0d:6d:36:92:b1:e1:7b:3e:59:ac:1d:e4:ff:
30:05:3f:85:c6:25:ca:e6:f8:70:4a:57:e8:95:16:35:bf:07:
12:d8:d8:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUe5KMV/qKc87nknotc6j9Lr//caAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MTIxMDA3MThaFw0yNTA1MTExMDEyMThaMDMxMTAvBgNV
BAMTKDdDOEM2MzdBNEVFMTg1ODlEOTI3NzIyNTI2NEQwQTAyOEVCMjVBOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOxpO/AEL/7k1YiTzQr6uAQ4m/
4g/pINEUDig7FG97WD1mpJtt12Qgn+Gkig6g6oHxTREsPj81oBl/JR+nokQlTHnJ
PGIIJj7K6LbaNX5Ljakerv2s3thTIMUbmVg+BZWI5k+rAc+TUu3oFnPiKRSMNAJu
e9VQ+9KrcOQF/Ck/c3i5Q0FljtyLIhwMKKS/T9J1cQ6erARbyNsADUEk9pkdaK+y
Ha/kIN9C26YoXhZbiGTIglnYxKdgLRg0cTnEt6beVqeiRUYN5dtZNPZ4aBJUMQxh
jr0DpqkR4o5txAjQld5sUsDxSsf/MqbqMEH0XhxzGEApNHw96Tg4gcKgrxH3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUfIxjek7hhYnZJ3IlJk0KAo6yWp8wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1NTAyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gACAMA0GCSqGSIb3DQEBCwUAA4IBAQBVtZYGuf5Ofk/MJwZZ7f38ujbQJlfn+T9i
UuEt0YR38oDgzWfPD4SIT/rJxPA5cl1y8tI3PKFH/LjCjjyoF/LP4eS8SGvtjnhn
OOHv/qe2R/2PDN+TtFRnhXbpcLv+PPt1PP3I0NxUwz/AVQHELGTk5CWwS/sJ56WN
aoUte3S4uggmUwojJ7hkI02yFEkC/RoEUeRWCWqH7/Bp/i6RcthQkfkwHZ/nK5an
Z6E+m3YdkAE/JgRtz0tsgmVg9QH6844s/SX+XiauxWOGVbpfJ1YGXDv8J7t5JbhN
tXroLg1tNpKx4Xs+Wawd5P8wBT+FxiXK5vhwSlfolRY1vwcS2Ni/
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org