Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215683.roa
File: AS215683.roa (raw, json)
Hash identifier: fTlg6J0O9dZpctq01WZ6us4vYoOafncCLk1+j6chM9A=
Subject key identifier: 88:59:EB:60:EA:DF:BE:8C:EE:01:B6:A7:C7:A3:23:94:F6:D4:E0:F1
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 74E71D4EE52540CF55D4F932F93DD3A8CEFDDC70
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215683.roa
Signing time: Mon 08 Apr 2024 13:00:23 +0000
ROA not before: Mon 08 Apr 2024 12:55:23 +0000
ROA not after: Mon 07 Apr 2025 13:00:23 +0000
asID: 215683
IP address blocks: 2a13:df80:2410::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:e7:1d:4e:e5:25:40:cf:55:d4:f9:32:f9:3d:d3:a8:ce:fd:dc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 8 12:55:23 2024 GMT
Not After : Apr 7 13:00:23 2025 GMT
Subject: CN=8859EB60EADFBE8CEE01B6A7C7A32394F6D4E0F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a1:61:18:a6:69:dc:4a:7b:ab:f8:94:6d:3b:
69:41:6c:73:19:e9:91:1f:5c:68:cb:f4:2f:0f:1e:
e9:6c:40:b4:8a:e6:58:07:38:42:c8:26:ef:13:f2:
b8:03:fa:13:d9:b9:4d:b2:8c:f6:9d:1d:de:4b:a9:
d0:8e:64:c6:d7:c5:26:a3:4c:b4:e7:9d:c0:8a:66:
b7:2c:0d:3b:cb:7f:75:73:b6:35:b2:00:69:ba:5d:
5a:f7:db:63:13:b6:68:6c:aa:03:d6:92:27:7c:a9:
bd:03:10:fc:5b:16:f2:c7:dd:1e:3c:54:b3:3c:e5:
7c:3f:31:36:7e:0f:eb:fc:f0:a8:91:a8:d2:0b:5d:
2e:f7:b9:e8:89:c1:50:93:ad:fb:a4:c3:5b:c7:01:
2b:66:87:f5:95:73:aa:0d:26:54:84:8a:ad:67:5f:
83:5e:10:cb:ee:e2:e8:54:89:d4:4e:32:b1:cb:28:
20:54:da:92:ed:e6:29:bf:f5:50:a1:75:df:f7:fa:
24:45:95:d6:6c:14:bf:44:92:08:ea:8e:1d:a2:4f:
bb:71:2b:85:1a:8a:15:a6:b2:f9:14:20:ad:8a:37:
21:03:c9:9d:ab:43:94:cc:26:61:0a:9c:6b:3f:68:
1a:ad:c5:95:34:cb:c5:4b:c0:eb:6b:fc:ea:67:bf:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:59:EB:60:EA:DF:BE:8C:EE:01:B6:A7:C7:A3:23:94:F6:D4:E0:F1
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215683.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:2410::/44
Signature Algorithm: sha256WithRSAEncryption
15:40:e6:6c:07:6f:e0:29:b3:f2:41:12:71:83:85:a4:0c:ac:
37:1a:b4:84:87:f5:8a:2d:b2:73:e4:23:56:2b:07:43:0b:a4:
08:08:08:a6:37:af:be:ef:25:2e:c0:3f:12:20:9d:41:4d:9a:
1e:00:f7:1c:ee:e4:6a:2a:05:10:a2:47:46:e9:e8:56:0c:31:
d9:87:6d:d0:db:c9:a6:21:ca:d8:4e:85:6e:16:65:e1:2c:15:
d5:96:d0:ab:f1:23:28:58:58:fa:b6:b0:8a:43:6e:20:4e:03:
c0:c5:c8:39:e5:1a:b1:aa:9f:0f:e4:b9:17:4f:ab:5a:e4:c2:
47:5c:1d:c5:9d:ea:a0:9b:af:a9:bd:27:7d:a4:5d:aa:96:1f:
ff:49:f8:62:06:35:12:52:21:4c:ab:08:33:35:68:67:37:f5:
d1:4a:79:b6:71:54:bd:52:d1:62:f3:bd:02:6e:d1:16:ca:f1:
db:5a:08:37:c9:75:0a:0f:88:ef:1e:f7:47:f2:2f:64:e9:64:
fc:79:4b:64:a2:d2:71:bf:a3:2b:bd:ae:cb:91:45:4a:dd:43:
4b:b5:be:b1:37:7b:99:ab:e8:0d:9e:7a:88:a6:ff:7b:14:8b:
93:c3:c4:21:a2:97:ed:2c:17:40:0b:d0:cc:b2:94:b4:8b:c3:
a1:b0:65:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdOcdTuUlQM9V1Pky+T3TqM793HAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDgxMjU1MjNaFw0yNTA0MDcxMzAwMjNaMDMxMTAvBgNV
BAMTKDg4NTlFQjYwRUFERkJFOENFRTAxQjZBN0M3QTMyMzk0RjZENEUwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9oWEYpmncSnur+JRtO2lBbHMZ
6ZEfXGjL9C8PHulsQLSK5lgHOELIJu8T8rgD+hPZuU2yjPadHd5LqdCOZMbXxSaj
TLTnncCKZrcsDTvLf3VztjWyAGm6XVr322MTtmhsqgPWkid8qb0DEPxbFvLH3R48
VLM85Xw/MTZ+D+v88KiRqNILXS73ueiJwVCTrfukw1vHAStmh/WVc6oNJlSEiq1n
X4NeEMvu4uhUidROMrHLKCBU2pLt5im/9VChdd/3+iRFldZsFL9Ekgjqjh2iT7tx
K4UaihWmsvkUIK2KNyEDyZ2rQ5TMJmEKnGs/aBqtxZU0y8VLwOtr/Opnv3OJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUiFnrYOrfvozuAbanx6MjlPbU4PEwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1NjgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gCQQMA0GCSqGSIb3DQEBCwUAA4IBAQAVQOZsB2/gKbPyQRJxg4WkDKw3GrSEh/WK
LbJz5CNWKwdDC6QICAimN6++7yUuwD8SIJ1BTZoeAPcc7uRqKgUQokdG6ehWDDHZ
h23Q28mmIcrYToVuFmXhLBXVltCr8SMoWFj6trCKQ24gTgPAxcg55Rqxqp8P5LkX
T6ta5MJHXB3Fneqgm6+pvSd9pF2qlh//SfhiBjUSUiFMqwgzNWhnN/XRSnm2cVS9
UtFi870CbtEWyvHbWgg3yXUKD4jvHvdH8i9k6WT8eUtkotJxv6Mrva7LkUVK3UNL
tb6xN3uZq+gNnnqIpv97FIuTw8QhopftLBdAC9DMspS0i8OhsGWY
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org