Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216375.roa
File: AS216375.roa (raw, json)
Hash identifier: x3yCsnKe+3iPPeHhtX5uZL89z9/JRw/HBdftKkM3lw8=
Subject key identifier: 7F:5E:63:62:41:35:D1:95:3C:28:F7:F0:CA:73:1A:88:34:59:87:20
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 14934C6A8E10880E25298CB755FC7F74CE37D7E3
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216375.roa
Signing time: Wed 20 Dec 2023 16:21:47 +0000
ROA not before: Wed 20 Dec 2023 16:16:47 +0000
ROA not after: Wed 18 Dec 2024 16:21:47 +0000
asID: 216375
IP address blocks: 2a13:df80:3806::/48 maxlen: 48
2a13:df80:8800::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:93:4c:6a:8e:10:88:0e:25:29:8c:b7:55:fc:7f:74:ce:37:d7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:47 2023 GMT
Not After : Dec 18 16:21:47 2024 GMT
Subject: CN=7F5E63624135D1953C28F7F0CA731A8834598720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:91:6c:2d:a7:79:e4:8c:73:ac:cd:9b:c5:
68:e7:53:7b:31:b8:e0:a4:a3:bf:1c:d5:b3:5c:12:
4b:5d:0e:53:97:e7:78:b6:67:6b:45:c1:9d:95:40:
99:9f:e2:23:85:b0:15:b0:dc:7b:d9:9c:31:75:d9:
8c:c0:0f:01:1e:e2:95:a3:02:ad:56:cf:d9:ac:ef:
ad:d2:7e:4a:82:4f:b1:dc:09:8d:02:9e:e5:b9:7c:
ae:ed:65:12:97:99:e2:96:15:83:f7:72:6f:5d:81:
4d:2c:7e:4c:f2:e6:74:91:82:eb:48:c2:ad:30:a9:
5b:c8:0f:6a:b4:89:bc:14:71:00:31:b2:29:83:7a:
a5:86:d0:0e:57:7e:65:03:9d:0c:32:2a:fa:6b:7f:
e5:e9:5a:6d:71:55:e5:48:43:59:94:31:34:70:50:
93:49:b0:c9:e6:5f:b8:16:de:4e:fe:61:49:43:ab:
13:1b:0d:45:55:5e:78:f2:4d:6e:11:54:f4:d0:a8:
61:07:08:5c:98:b6:5c:73:8e:62:67:dc:b3:35:5e:
9e:53:03:79:ea:6e:02:b7:e3:1d:84:ef:a2:df:e9:
9f:cd:f8:65:d5:79:96:b9:cd:d7:e5:5a:e3:bb:8b:
f3:53:02:3e:03:59:36:89:be:07:77:70:40:d4:4f:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:63:62:41:35:D1:95:3C:28:F7:F0:CA:73:1A:88:34:59:87:20
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216375.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3806::/48
2a13:df80:8800::/44
Signature Algorithm: sha256WithRSAEncryption
3a:04:bf:a8:ff:bc:15:61:6c:bb:9a:41:a3:18:b0:59:8f:f3:
01:6b:4c:af:e9:9d:90:21:20:b8:e3:d6:e9:fc:9d:91:d2:48:
d4:5a:38:7b:c7:4c:fe:4a:07:15:ab:94:da:23:a5:47:ff:2f:
65:95:83:b4:63:c9:96:bb:d1:a3:7d:d7:21:ea:2a:50:44:ca:
37:1e:81:cf:8e:f0:8e:61:de:80:83:6a:db:43:33:e8:b8:ef:
95:8f:99:06:d0:be:c9:73:ca:25:ec:1b:d4:81:f8:c2:0e:76:
36:dc:85:77:76:49:e8:ed:1f:1b:63:50:1b:02:2d:bf:2d:88:
62:ee:a1:25:4d:45:3d:71:8a:55:44:16:ee:7a:6f:e2:ab:07:
b6:bf:92:2f:f9:e9:f5:d2:88:e0:f5:4a:6b:0b:bf:43:64:a9:
5d:9c:b5:a8:ef:82:0e:ac:31:22:2d:f4:23:4f:44:3d:e0:bd:
67:c2:81:08:d0:63:41:71:a6:a9:dd:ea:c3:1f:e4:58:9d:bd:
cb:9f:6a:e0:ce:78:f4:4b:7f:5d:c7:23:33:f7:c4:5d:40:db:
97:88:6c:55:11:80:a1:6a:fe:f1:e6:4f:74:b3:cd:3d:c4:75:
df:77:6d:41:99:d2:e7:b7:26:14:01:d8:c9:48:01:52:dd:d0:
fd:f0:cf:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUFJNMao4QiA4lKYy3Vfx/dM431+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDdaFw0yNDEyMTgxNjIxNDdaMDMxMTAvBgNV
BAMTKDdGNUU2MzYyNDEzNUQxOTUzQzI4RjdGMENBNzMxQTg4MzQ1OTg3MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHipFsLad55IxzrM2bxWjnU3sx
uOCko78c1bNcEktdDlOX53i2Z2tFwZ2VQJmf4iOFsBWw3HvZnDF12YzADwEe4pWj
Aq1Wz9ms763SfkqCT7HcCY0CnuW5fK7tZRKXmeKWFYP3cm9dgU0sfkzy5nSRgutI
wq0wqVvID2q0ibwUcQAxsimDeqWG0A5XfmUDnQwyKvprf+XpWm1xVeVIQ1mUMTRw
UJNJsMnmX7gW3k7+YUlDqxMbDUVVXnjyTW4RVPTQqGEHCFyYtlxzjmJn3LM1Xp5T
A3nqbgK34x2E76Lf6Z/N+GXVeZa5zdflWuO7i/NTAj4DWTaJvgd3cEDUT/aLAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUf15jYkE10ZU8KPfwynMaiDRZhyAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2Mzc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhPf
gDgGAwcEKhPfgIgAMA0GCSqGSIb3DQEBCwUAA4IBAQA6BL+o/7wVYWy7mkGjGLBZ
j/MBa0yv6Z2QISC449bp/J2R0kjUWjh7x0z+SgcVq5TaI6VH/y9llYO0Y8mWu9Gj
fdch6ipQRMo3HoHPjvCOYd6Ag2rbQzPouO+Vj5kG0L7Jc8ol7BvUgfjCDnY23IV3
dkno7R8bY1AbAi2/LYhi7qElTUU9cYpVRBbuem/iqwe2v5Iv+en10ojg9UprC79D
ZKldnLWo74IOrDEiLfQjT0Q94L1nwoEI0GNBcaap3erDH+RYnb3Ln2rgznj0S39d
xyMz98RdQNuXiGxVEYChav7x5k90s809xHXfd21BmdLntyYUAdjJSAFS3dD98M8Z
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org