Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215731.roa
File: AS215731.roa (raw, json)
Hash identifier: 4gdLZalhhV5hHmJBeAfUKEPoWaXKkOKZ4j++Cey1frc=
Subject key identifier: 1B:BE:B4:DA:E2:3D:2F:73:F5:DF:93:DF:CB:7D:02:1E:BA:44:F5:6E
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 4E14FBE7D0A13ED1FE61316BCA42CF5C31F4C4CE
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215731.roa
Signing time: Mon 22 Jan 2024 15:21:20 +0000
ROA not before: Mon 22 Jan 2024 15:16:20 +0000
ROA not after: Mon 20 Jan 2025 15:21:20 +0000
asID: 215731
IP address blocks: 2a13:df80:da00::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:14:fb:e7:d0:a1:3e:d1:fe:61:31:6b:ca:42:cf:5c:31:f4:c4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Jan 22 15:16:20 2024 GMT
Not After : Jan 20 15:21:20 2025 GMT
Subject: CN=1BBEB4DAE23D2F73F5DF93DFCB7D021EBA44F56E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:d3:53:30:38:fc:67:bb:a7:40:3d:7c:30:
2c:14:f5:e5:e4:de:48:c5:85:d3:9d:ef:26:6d:cf:
91:51:63:46:7e:3f:81:8e:8a:16:51:95:b0:e2:f1:
34:e0:1a:6f:bf:84:9e:75:a1:5a:e5:f9:d5:fe:a0:
d9:d4:7b:4f:3b:41:29:1c:4d:83:b4:a1:70:3c:37:
d1:e8:f2:e5:35:4b:50:cc:67:6a:dc:78:91:80:9d:
87:8c:79:b4:57:5e:45:db:fc:1c:6e:b6:f4:13:ca:
46:b0:78:8d:a9:a0:21:fd:e7:2b:25:1b:17:18:83:
5b:51:a4:2a:64:05:2a:d3:a9:49:16:86:8c:80:24:
06:fc:df:ef:4e:23:97:a8:c0:29:7c:1c:68:f6:43:
07:fe:78:13:9e:79:5d:0b:c7:c0:84:10:19:ff:24:
b4:b8:f9:f3:82:dc:c2:8c:fe:44:30:2c:66:37:9f:
38:a8:17:d3:d8:4e:19:99:be:fb:32:50:45:60:5a:
15:6b:56:49:b9:d8:2a:22:71:cc:94:64:56:06:1e:
fe:c2:37:5e:81:f6:c9:b9:34:87:a2:18:e7:32:96:
6f:e9:d0:89:51:8a:a8:09:3c:3b:2e:da:91:bb:1d:
ff:da:a3:55:0b:77:99:67:74:a9:6d:15:db:14:4c:
7a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BE:B4:DA:E2:3D:2F:73:F5:DF:93:DF:CB:7D:02:1E:BA:44:F5:6E
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS215731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:da00::/40
Signature Algorithm: sha256WithRSAEncryption
24:4a:40:06:1f:3c:49:fc:06:41:77:1a:e0:dc:0b:c5:46:17:
60:13:21:22:df:45:22:c3:20:ba:a6:94:8d:a5:86:d7:c0:54:
fd:67:3b:dc:f2:e0:d8:e6:a8:a6:ca:03:cd:7c:c8:1b:6d:e4:
2d:a8:b2:bd:3b:ca:41:5b:a0:9b:86:f7:bc:df:33:27:c5:f7:
8c:90:f8:ab:1d:69:d7:59:21:87:fd:2a:3f:b1:61:68:ba:23:
32:02:49:04:5b:55:a6:3a:59:90:18:3a:94:8e:53:68:c4:71:
41:e1:ab:ea:10:f3:2d:be:7e:5a:eb:dc:b1:0d:ea:e8:de:4c:
17:a2:43:97:28:62:41:0a:6f:dd:a4:cc:f5:4c:5e:ab:62:2e:
47:50:49:58:14:da:ca:31:b5:90:fb:6e:66:19:4b:69:5d:33:
1b:33:6c:ca:0a:cb:09:3e:20:ee:37:fa:31:56:e5:01:6f:77:
4e:35:fa:fa:47:17:01:32:c8:50:a7:e4:52:e2:72:33:ae:38:
14:28:78:23:70:c7:dd:c9:64:9e:30:a8:ff:1c:f3:f0:c6:e4:
fb:38:d5:0d:92:a0:3d:bf:48:52:92:c4:3b:e8:b8:71:49:a7:
24:3c:a8:ce:04:77:84:d7:d6:88:16:68:8d:8b:db:1d:7c:89:
32:e0:ea:58
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUThT759ChPtH+YTFrykLPXDH0xM4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAxMjIxNTE2MjBaFw0yNTAxMjAxNTIxMjBaMDMxMTAvBgNV
BAMTKDFCQkVCNERBRTIzRDJGNzNGNURGOTNERkNCN0QwMjFFQkE0NEY1NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLZdNTMDj8Z7unQD18MCwU9eXk
3kjFhdOd7yZtz5FRY0Z+P4GOihZRlbDi8TTgGm+/hJ51oVrl+dX+oNnUe087QSkc
TYO0oXA8N9Ho8uU1S1DMZ2rceJGAnYeMebRXXkXb/BxutvQTykaweI2poCH95ysl
GxcYg1tRpCpkBSrTqUkWhoyAJAb83+9OI5eowCl8HGj2Qwf+eBOeeV0Lx8CEEBn/
JLS4+fOC3MKM/kQwLGY3nzioF9PYThmZvvsyUEVgWhVrVkm52CoiccyUZFYGHv7C
N16B9sm5NIeiGOcylm/p0IlRiqgJPDsu2pG7Hf/ao1ULd5lndKltFdsUTHrfAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUG7602uI9L3P135Pfy30CHrpE9W4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE1NzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gNowDQYJKoZIhvcNAQELBQADggEBACRKQAYfPEn8BkF3GuDcC8VGF2ATISLfRSLD
ILqmlI2lhtfAVP1nO9zy4NjmqKbKA818yBtt5C2osr07ykFboJuG97zfMyfF94yQ
+KsdaddZIYf9Kj+xYWi6IzICSQRbVaY6WZAYOpSOU2jEcUHhq+oQ8y2+flrr3LEN
6ujeTBeiQ5coYkEKb92kzPVMXqtiLkdQSVgU2soxtZD7bmYZS2ldMxszbMoKywk+
IO43+jFW5QFvd041+vpHFwEyyFCn5FLicjOuOBQoeCNwx93JZJ4wqP8c8/DG5Ps4
1Q2SoD2/SFKSxDvouHFJpyQ8qM4Ed4TX1ogWaI2L2x18iTLg6lg=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org