Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216360.roa
File: AS216360.roa (raw, json)
Hash identifier: aj2vu9vwPY2LI5+OluO7TXq8jFDuwwEPswGJRGVnd9o=
Subject key identifier: 12:A3:8B:A7:1A:43:B4:9E:95:DC:C8:97:A9:10:F5:37:F0:92:71:5A
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 5592C3130581C67C36A84D4BFFD4A66001AED003
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216360.roa
Signing time: Sat 23 Mar 2024 13:11:40 +0000
ROA not before: Sat 23 Mar 2024 13:06:40 +0000
ROA not after: Sat 22 Mar 2025 13:11:40 +0000
asID: 216360
IP address blocks: 2a13:df87:7000::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:92:c3:13:05:81:c6:7c:36:a8:4d:4b:ff:d4:a6:60:01:ae:d0:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Mar 23 13:06:40 2024 GMT
Not After : Mar 22 13:11:40 2025 GMT
Subject: CN=12A38BA71A43B49E95DCC897A910F537F092715A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a1:f1:f2:c6:11:b9:50:a7:07:14:a5:7f:fc:
4a:c7:65:db:e3:f7:7d:82:f4:89:ce:27:ae:75:0a:
34:70:d0:f1:d2:27:e8:83:09:73:11:ac:af:a0:f6:
2d:b5:e7:7f:79:f5:b7:06:99:7c:f2:aa:c6:96:bd:
45:d4:b5:07:b1:b1:25:14:69:37:b5:46:69:7c:6f:
db:89:1a:a3:0f:8f:69:4b:ae:ab:3e:94:b4:05:1c:
66:43:35:ef:36:0b:a9:e6:1d:a0:a1:59:a1:30:5f:
92:18:f2:a6:a1:f6:e9:2c:45:d3:5f:94:98:e1:95:
37:45:7f:e5:ae:c9:eb:9b:0c:8a:76:3f:36:a8:06:
dc:ed:88:05:f3:cb:be:bc:6b:1d:02:78:5d:ae:80:
b8:1e:34:06:3a:4c:90:86:19:7e:96:6a:5e:bf:87:
62:28:3e:74:47:aa:a4:f7:be:bc:4a:0e:3b:9e:d7:
3c:92:98:c0:60:7d:8e:02:c3:bb:54:01:19:58:03:
dc:36:da:2c:e6:02:2f:7e:7a:30:94:db:3e:3d:f4:
e4:56:a8:38:af:f3:b0:89:67:7c:41:cc:f8:db:16:
21:5d:f6:d9:56:c3:be:5a:c7:2b:d3:f8:f7:8c:32:
ae:4f:00:cb:74:25:c6:73:a1:19:ab:1e:ed:28:5e:
91:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A3:8B:A7:1A:43:B4:9E:95:DC:C8:97:A9:10:F5:37:F0:92:71:5A
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216360.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df87:7000::/40
Signature Algorithm: sha256WithRSAEncryption
71:72:a0:ea:c9:0f:2a:97:74:e3:94:d2:44:10:33:e9:d3:64:
60:a3:6a:b9:5a:5c:ba:37:25:d7:e9:35:e8:a1:cd:cb:7d:aa:
41:56:08:45:10:04:7a:3c:62:d9:ba:c9:29:1a:44:16:3f:9e:
e4:c0:3b:38:46:bc:b2:86:24:21:b4:a2:10:dc:02:71:f1:ee:
08:23:91:66:55:5d:64:d6:2e:9b:d7:6e:6d:df:04:fa:5b:5f:
bb:98:58:60:55:69:ae:5d:be:40:59:18:bf:dd:02:66:30:23:
46:ef:d5:2a:69:69:ba:86:81:87:13:9f:e4:2e:a4:e8:e9:6c:
0f:42:14:6e:a4:8b:49:47:63:15:45:75:5f:cd:c2:02:42:c9:
12:67:67:b0:9e:92:5b:88:99:a7:04:97:a8:e5:6b:de:4c:ac:
fb:dc:99:18:10:b3:c2:b6:01:a4:c3:65:15:f7:60:82:10:d3:
ac:b3:d5:a1:2d:b4:fd:a4:ea:5b:9e:d3:3b:43:2e:f8:eb:db:
1c:29:98:81:1f:6b:e8:b0:71:78:6a:f1:b0:b6:15:ca:c2:57:
66:4a:41:0c:97:ed:0a:3f:ed:0d:e6:24:5a:ec:dd:5d:54:0a:
ac:aa:82:4f:6e:92:c3:f2:8b:05:59:a1:c9:47:63:c2:93:c9:
13:7f:08:b4
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUVZLDEwWBxnw2qE1L/9SmYAGu0AMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDAzMjMxMzA2NDBaFw0yNTAzMjIxMzExNDBaMDMxMTAvBgNV
BAMTKDEyQTM4QkE3MUE0M0I0OUU5NURDQzg5N0E5MTBGNTM3RjA5MjcxNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjofHyxhG5UKcHFKV//ErHZdvj
932C9InOJ651CjRw0PHSJ+iDCXMRrK+g9i2153959bcGmXzyqsaWvUXUtQexsSUU
aTe1Rml8b9uJGqMPj2lLrqs+lLQFHGZDNe82C6nmHaChWaEwX5IY8qah9uksRdNf
lJjhlTdFf+WuyeubDIp2PzaoBtztiAXzy768ax0CeF2ugLgeNAY6TJCGGX6Wal6/
h2IoPnRHqqT3vrxKDjue1zySmMBgfY4Cw7tUARlYA9w22izmAi9+ejCU2z499ORW
qDiv87CJZ3xBzPjbFiFd9tlWw75axyvT+PeMMq5PAMt0JcZzoRmrHu0oXpGLAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUEqOLpxpDtJ6V3MiXqRD1N/CScVowHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2MzYwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhPf
h3AwDQYJKoZIhvcNAQELBQADggEBAHFyoOrJDyqXdOOU0kQQM+nTZGCjarlaXLo3
JdfpNeihzct9qkFWCEUQBHo8Ytm6ySkaRBY/nuTAOzhGvLKGJCG0ohDcAnHx7ggj
kWZVXWTWLpvXbm3fBPpbX7uYWGBVaa5dvkBZGL/dAmYwI0bv1SppabqGgYcTn+Qu
pOjpbA9CFG6ki0lHYxVFdV/NwgJCyRJnZ7CekluImacEl6jla95MrPvcmRgQs8K2
AaTDZRX3YIIQ06yz1aEttP2k6lue0ztDLvjr2xwpmIEfa+iwcXhq8bC2FcrCV2ZK
QQyX7Qo/7Q3mJFrs3V1UCqyqgk9uksPyiwVZoclHY8KTyRN/CLQ=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org