Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216030.roa
File: AS216030.roa (raw, json)
Hash identifier: BKo3cEWV0OWo6ZINNfigDOcBuW0gDrJ9XoQy7JZ6Il0=
Subject key identifier: 77:AD:49:7C:66:1F:CA:A1:9A:39:F0:0C:14:7E:43:2A:71:D9:30:83
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 78B8EC01AC2560BB3EB2E721FC112112AAF7A928
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216030.roa
Signing time: Sat 06 Jan 2024 19:57:43 +0000
ROA not before: Sat 06 Jan 2024 19:52:43 +0000
ROA not after: Sat 04 Jan 2025 19:57:43 +0000
asID: 216030
IP address blocks: 2a13:df80:8390::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b8:ec:01:ac:25:60:bb:3e:b2:e7:21:fc:11:21:12:aa:f7:a9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Jan 6 19:52:43 2024 GMT
Not After : Jan 4 19:57:43 2025 GMT
Subject: CN=77AD497C661FCAA19A39F00C147E432A71D93083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d1:e9:44:1f:94:21:58:e3:fc:e4:23:77:6a:
0a:34:d3:ea:de:fe:95:74:ec:df:e7:c1:b7:6f:6a:
16:1c:bb:f2:36:0f:48:74:58:55:84:f9:9f:a5:63:
f4:43:19:75:92:38:5b:22:38:86:bf:5f:ab:62:5e:
37:e8:8d:90:11:0c:91:ff:87:22:15:5e:db:65:45:
b7:03:97:0a:e9:a8:d2:b0:fc:40:57:aa:8c:9f:45:
62:b4:29:93:01:76:73:2e:65:60:aa:ec:7e:e0:b7:
a2:65:33:2f:e3:d5:61:b0:8b:ab:a4:9e:22:fa:fa:
14:38:bf:9b:bb:6a:24:64:2e:21:85:0b:4b:d0:a6:
50:c1:c2:67:9e:13:4d:ed:81:fd:6b:9d:ea:b7:4e:
21:71:2e:4d:b6:ac:f9:82:15:1b:96:47:5d:6b:a2:
f3:be:aa:73:fa:51:1a:09:fa:91:42:3d:cb:25:e5:
f9:cb:18:8c:09:fd:df:24:70:10:a6:4f:c2:14:7f:
2c:77:86:69:6e:2c:e7:ec:b0:32:1a:83:ea:54:ee:
ef:79:1c:34:73:5d:85:e2:9a:e6:f1:7d:aa:eb:75:
7b:ea:db:74:77:55:6c:c0:25:5e:92:6b:2f:5b:a0:
34:79:5d:b3:a3:6d:b9:bd:54:05:9b:bf:ec:a4:1e:
fc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:49:7C:66:1F:CA:A1:9A:39:F0:0C:14:7E:43:2A:71:D9:30:83
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:8390::/48
Signature Algorithm: sha256WithRSAEncryption
1e:82:0f:3b:27:9b:fe:22:ba:78:c1:4d:08:be:5b:b7:61:8f:
f8:27:53:da:e3:69:5e:bc:86:70:92:bb:8c:6d:75:cb:d8:aa:
9a:d0:73:a3:04:94:76:5d:24:d5:f1:eb:b0:26:43:f6:de:06:
f6:2a:d9:37:e6:63:82:03:27:81:7c:fe:aa:fd:4d:fa:1a:d6:
6b:9d:1b:69:3c:85:29:be:ec:3f:f8:a7:9c:40:7f:bf:4b:84:
a5:7f:14:e3:75:f1:8c:ff:48:5b:20:19:0c:56:0a:b7:af:5e:
d1:5d:31:2b:23:9f:12:14:a3:c0:d4:dc:30:01:54:08:e0:fe:
a3:86:05:cc:9b:67:0f:a9:e6:95:bf:d3:17:0a:91:72:2b:db:
47:01:70:8f:ed:62:68:81:55:c9:b1:67:b3:b5:d0:9a:3a:a6:
60:a6:43:e2:ea:2b:87:8b:ad:fb:5f:59:26:2a:2f:63:98:10:
3e:4d:8f:0c:12:4d:c6:d5:a4:9c:0d:e8:64:6c:2a:30:ea:1e:
15:1e:e8:3f:3d:d2:c2:5c:f2:4f:b4:df:b0:99:17:55:87:11:
c8:9d:3a:4e:a3:b5:48:c0:67:23:1c:cd:0f:c1:f8:35:dd:64:
72:9b:94:2c:e8:ee:eb:d0:79:5f:59:81:82:5a:74:fd:cf:de:
a6:cd:6b:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUeLjsAawlYLs+such/BEhEqr3qSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAxMDYxOTUyNDNaFw0yNTAxMDQxOTU3NDNaMDMxMTAvBgNV
BAMTKDc3QUQ0OTdDNjYxRkNBQTE5QTM5RjAwQzE0N0U0MzJBNzFEOTMwODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA0elEH5QhWOP85CN3ago00+re
/pV07N/nwbdvahYcu/I2D0h0WFWE+Z+lY/RDGXWSOFsiOIa/X6tiXjfojZARDJH/
hyIVXttlRbcDlwrpqNKw/EBXqoyfRWK0KZMBdnMuZWCq7H7gt6JlMy/j1WGwi6uk
niL6+hQ4v5u7aiRkLiGFC0vQplDBwmeeE03tgf1rneq3TiFxLk22rPmCFRuWR11r
ovO+qnP6URoJ+pFCPcsl5fnLGIwJ/d8kcBCmT8IUfyx3hmluLOfssDIag+pU7u95
HDRzXYXimubxfarrdXvq23R3VWzAJV6Say9boDR5XbOjbbm9VAWbv+ykHvyJAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUd61JfGYfyqGaOfAMFH5DKnHZMIMwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MDMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPf
gIOQMA0GCSqGSIb3DQEBCwUAA4IBAQAegg87J5v+Irp4wU0Ivlu3YY/4J1Pa42le
vIZwkruMbXXL2Kqa0HOjBJR2XSTV8euwJkP23gb2Ktk35mOCAyeBfP6q/U36GtZr
nRtpPIUpvuw/+KecQH+/S4SlfxTjdfGM/0hbIBkMVgq3r17RXTErI58SFKPA1Nww
AVQI4P6jhgXMm2cPqeaVv9MXCpFyK9tHAXCP7WJogVXJsWeztdCaOqZgpkPi6iuH
i637X1kmKi9jmBA+TY8MEk3G1aScDehkbCow6h4VHug/PdLCXPJPtN+wmRdVhxHI
nTpOo7VIwGcjHM0Pwfg13WRym5Qs6O7r0HlfWYGCWnT9z96mzWu/
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org