Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216304.roa
File: AS216304.roa (raw, json)
Hash identifier: HCsH72vl/Czk8CGXl+uqiCxtAFF6h+8yCcbKWfA1q8Y=
Subject key identifier: 00:76:AB:49:30:D0:90:E4:6B:F6:C4:33:35:D7:D7:09:E6:3E:E7:9F
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2CEF80760B8CB7DAE444B456F4D95752D3E03C52
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216304.roa
Signing time: Wed 20 Dec 2023 16:22:15 +0000
ROA not before: Wed 20 Dec 2023 16:17:15 +0000
ROA not after: Wed 18 Dec 2024 16:22:15 +0000
asID: 216304
IP address blocks: 2a13:df80:dc00::/40 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ef:80:76:0b:8c:b7:da:e4:44:b4:56:f4:d9:57:52:d3:e0:3c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:15 2023 GMT
Not After : Dec 18 16:22:15 2024 GMT
Subject: CN=0076AB4930D090E46BF6C43335D7D709E63EE79F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:f4:3d:f2:6a:5e:fd:0c:74:9f:52:6a:9c:
46:84:da:d7:07:42:80:e6:8b:7e:8e:bb:30:57:8a:
f4:16:f9:73:12:be:0d:31:20:af:b3:48:d9:e6:9c:
fe:c9:85:5c:dc:d5:13:ac:2b:e6:3b:f2:61:6d:0b:
66:07:29:12:27:11:d2:aa:54:11:45:64:4e:65:7d:
4d:b5:7c:53:2c:01:05:d0:05:b8:78:ce:93:85:c1:
8f:8d:8d:07:a8:26:7b:27:46:31:20:e8:7c:ad:f5:
ad:9f:0d:84:82:5f:22:f5:6e:05:05:e0:ff:5b:a3:
69:cb:90:a4:1c:77:24:d5:7c:c0:5f:86:65:3a:96:
28:be:b6:70:d5:fd:2b:5f:a4:a4:ff:36:fa:1a:2f:
a1:55:c4:17:68:d7:e9:d4:c9:f8:7b:f8:9c:77:dc:
98:24:f7:7a:0c:94:d6:5d:7b:2b:52:dc:fc:57:d2:
f7:8e:06:a5:ec:10:70:a9:b1:e9:32:df:54:60:f9:
7a:59:49:8c:7f:79:05:99:d6:95:91:f4:5f:aa:8e:
5c:15:38:89:80:fb:68:4b:ae:c5:36:60:e7:36:98:
34:a2:0a:a2:ce:4b:a7:fa:1b:54:c4:44:a9:b6:5b:
e0:8d:e1:7e:98:e0:52:1a:ca:45:4b:06:31:a8:9b:
a9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:76:AB:49:30:D0:90:E4:6B:F6:C4:33:35:D7:D7:09:E6:3E:E7:9F
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:dc00::/40
Signature Algorithm: sha256WithRSAEncryption
72:3a:c1:b0:c5:c9:ec:23:2a:da:72:79:4a:71:82:3d:ae:0c:
68:21:fe:ee:38:72:47:ec:83:ac:26:29:5b:43:8f:0e:bb:96:
7e:73:b7:32:4c:b2:d4:97:fd:ca:37:f0:ea:f3:7d:84:b3:6f:
4a:64:fd:92:c0:da:03:ab:0e:93:62:63:0c:34:91:33:c4:50:
ea:ba:8e:e9:8c:6f:95:42:bc:75:c3:97:5b:29:94:f1:5d:11:
a7:be:40:0e:d4:11:f3:c2:69:eb:3f:d6:34:9d:93:70:96:d7:
99:42:c5:7b:0e:8c:b7:96:1b:60:a9:c8:b0:7f:25:e8:1b:bf:
c7:83:56:f6:f5:ab:1a:e5:1f:ee:65:63:73:1e:2c:8a:ed:75:
bc:ab:f5:e7:b5:c5:a1:9a:08:f5:bf:c2:8c:d9:05:56:ca:4e:
90:4d:84:c8:cc:94:85:1b:d1:da:1f:93:22:a9:53:fc:9c:36:
a5:35:21:02:75:d9:95:f0:dc:4c:4d:e1:02:3b:6a:b5:fa:fb:
de:68:38:93:8e:91:81:96:63:77:a6:ee:60:ab:0a:5b:8b:ea:
1a:65:62:82:dd:fa:26:69:0d:cf:44:a6:ce:85:a6:05:c1:00:
1b:5d:a0:0d:e9:80:ac:4d:b0:69:42:09:03:b5:e0:59:7b:f7:
f2:21:92:39
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIULO+AdguMt9rkRLRW9NlXUtPgPFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTVaFw0yNDEyMTgxNjIyMTVaMDMxMTAvBgNV
BAMTKDAwNzZBQjQ5MzBEMDkwRTQ2QkY2QzQzMzM1RDdENzA5RTYzRUU3OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/UPQ98mpe/Qx0n1JqnEaE2tcH
QoDmi36OuzBXivQW+XMSvg0xIK+zSNnmnP7JhVzc1ROsK+Y78mFtC2YHKRInEdKq
VBFFZE5lfU21fFMsAQXQBbh4zpOFwY+NjQeoJnsnRjEg6Hyt9a2fDYSCXyL1bgUF
4P9bo2nLkKQcdyTVfMBfhmU6lii+tnDV/StfpKT/NvoaL6FVxBdo1+nUyfh7+Jx3
3Jgk93oMlNZdeytS3PxX0veOBqXsEHCpseky31Rg+XpZSYx/eQWZ1pWR9F+qjlwV
OImA+2hLrsU2YOc2mDSiCqLOS6f6G1TERKm2W+CN4X6Y4FIaykVLBjGom6nLAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUAHarSTDQkORr9sQzNdfXCeY+558wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
gNwwDQYJKoZIhvcNAQELBQADggEBAHI6wbDFyewjKtpyeUpxgj2uDGgh/u44ckfs
g6wmKVtDjw67ln5ztzJMstSX/co38OrzfYSzb0pk/ZLA2gOrDpNiYww0kTPEUOq6
jumMb5VCvHXDl1splPFdEae+QA7UEfPCaes/1jSdk3CW15lCxXsOjLeWG2CpyLB/
Jegbv8eDVvb1qxrlH+5lY3MeLIrtdbyr9ee1xaGaCPW/wozZBVbKTpBNhMjMlIUb
0dofkyKpU/ycNqU1IQJ12ZXw3ExN4QI7arX6+95oOJOOkYGWY3em7mCrCluL6hpl
YoLd+iZpDc9Eps6FpgXBABtdoA3pgKxNsGlCCQO14Fl79/Ihkjk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org