Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216399.roa
File: AS216399.roa (raw, json)
Hash identifier: rNQ/VNm/wTANtA/J2yM9Xr2zu2TbO3YrnXY3WELMxz8=
Subject key identifier: 35:14:D7:39:72:FF:D4:C9:94:19:A9:F8:60:00:05:62:8F:1D:EA:EE
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 2FA0A5BCBB631E377B59AF4AAA46412310DDC9C0
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216399.roa
Signing time: Wed 20 Dec 2023 16:22:22 +0000
ROA not before: Wed 20 Dec 2023 16:17:22 +0000
ROA not after: Wed 18 Dec 2024 16:22:22 +0000
asID: 216399
IP address blocks: 2a13:df80:8400::/44 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:a0:a5:bc:bb:63:1e:37:7b:59:af:4a:aa:46:41:23:10:dd:c9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:22 2023 GMT
Not After : Dec 18 16:22:22 2024 GMT
Subject: CN=3514D73972FFD4C99419A9F8600005628F1DEAEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4a:3e:f0:48:6b:c3:ec:7e:7d:0c:85:6b:a5:
05:e3:eb:a0:0e:51:35:6b:f2:68:a5:0a:71:b6:24:
a1:58:5d:51:ec:70:ba:d2:cd:bd:8e:df:c7:03:57:
bf:b9:0f:30:a7:de:b2:17:90:11:11:37:88:28:71:
8a:07:ba:3f:86:27:71:3c:2f:f3:b1:9e:a2:37:98:
e2:81:c4:1c:7e:69:af:57:0c:5a:50:7b:78:ce:96:
e7:8d:e5:f6:da:b3:b8:9f:ab:a1:6b:16:af:9a:76:
cf:d6:c2:1a:97:79:5d:e3:43:e1:ed:70:57:53:68:
cc:b5:78:be:ab:af:7f:fa:30:54:5d:b6:09:7c:3b:
7a:68:10:27:db:47:8f:29:86:d5:1c:28:3e:17:10:
37:24:bd:c9:ad:83:23:24:5d:c4:1c:5c:f6:11:b5:
64:30:f5:50:a9:a1:3e:91:c8:2d:46:7e:44:19:ca:
e5:dc:80:ca:83:6b:0a:e2:df:b1:20:26:d3:f5:f5:
39:e0:bc:85:b2:9e:fa:a8:b5:d8:18:ef:87:6f:68:
cb:25:9e:a4:9c:8e:a7:8f:63:a2:c8:1d:d1:3d:67:
bf:b3:3c:75:f8:06:7b:0b:e3:3a:c1:19:b4:ef:c0:
5f:4b:6a:08:65:d1:6d:24:57:5b:ef:f9:14:a1:25:
54:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:14:D7:39:72:FF:D4:C9:94:19:A9:F8:60:00:05:62:8F:1D:EA:EE
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216399.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:8400::/44
Signature Algorithm: sha256WithRSAEncryption
51:53:d3:3d:6e:1f:4e:4c:fc:49:8e:4e:f2:6e:19:c7:a6:12:
18:0c:0b:0d:35:fc:ed:3b:bf:95:7c:4b:db:02:d2:e5:a9:80:
ad:93:47:3c:53:49:19:63:d3:f4:ee:48:75:aa:b3:5d:c8:a1:
ab:48:58:e5:28:3a:7b:d0:dd:4e:6e:ca:73:14:43:6b:a6:fc:
f4:bc:73:c7:c2:ee:9c:5e:bc:d8:7d:a3:7c:a2:55:01:96:26:
d1:c4:2c:9f:e9:08:8d:f0:55:24:b9:9a:c5:43:c6:4b:d4:32:
06:7b:a3:c1:78:b2:4a:81:03:55:0b:d8:f7:b2:b9:ac:31:20:
cd:e4:ad:93:83:75:16:bb:bb:2c:56:bc:bd:02:c4:bc:e2:66:
0c:0f:87:f4:75:32:36:93:4e:eb:d2:de:dd:b5:94:c4:ab:f8:
e0:60:be:3b:e1:5c:2a:e2:b6:f3:2a:80:e9:c9:03:25:a9:e0:
86:28:91:1d:9c:ce:c8:e8:4b:74:02:0e:14:39:53:69:6c:01:
82:00:c8:25:54:75:1f:7c:7f:07:30:92:d4:b9:92:6e:84:ee:
8a:18:98:8c:9c:df:45:4b:d4:b4:0a:28:27:84:5e:b4:7e:9d:
96:18:8f:56:4f:10:ee:a1:e3:36:0c:66:3d:a1:26:eb:da:8d:
69:1f:bc:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUL6ClvLtjHjd7Wa9KqkZBIxDdycAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjJaFw0yNDEyMTgxNjIyMjJaMDMxMTAvBgNV
BAMTKDM1MTRENzM5NzJGRkQ0Qzk5NDE5QTlGODYwMDAwNTYyOEYxREVBRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLSj7wSGvD7H59DIVrpQXj66AO
UTVr8milCnG2JKFYXVHscLrSzb2O38cDV7+5DzCn3rIXkBERN4gocYoHuj+GJ3E8
L/OxnqI3mOKBxBx+aa9XDFpQe3jOlueN5fbas7ifq6FrFq+ads/WwhqXeV3jQ+Ht
cFdTaMy1eL6rr3/6MFRdtgl8O3poECfbR48phtUcKD4XEDckvcmtgyMkXcQcXPYR
tWQw9VCpoT6RyC1GfkQZyuXcgMqDawri37EgJtP19TngvIWynvqotdgY74dvaMsl
nqScjqePY6LIHdE9Z7+zPHX4BnsL4zrBGbTvwF9Laghl0W0kV1vv+RShJVT5AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUNRTXOXL/1MmUGan4YAAFYo8d6u4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2Mzk5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gIQAMA0GCSqGSIb3DQEBCwUAA4IBAQBRU9M9bh9OTPxJjk7ybhnHphIYDAsNNfzt
O7+VfEvbAtLlqYCtk0c8U0kZY9P07kh1qrNdyKGrSFjlKDp70N1ObspzFENrpvz0
vHPHwu6cXrzYfaN8olUBlibRxCyf6QiN8FUkuZrFQ8ZL1DIGe6PBeLJKgQNVC9j3
srmsMSDN5K2Tg3UWu7ssVry9AsS84mYMD4f0dTI2k07r0t7dtZTEq/jgYL474Vwq
4rbzKoDpyQMlqeCGKJEdnM7I6Et0Ag4UOVNpbAGCAMglVHUffH8HMJLUuZJuhO6K
GJiMnN9FS9S0CignhF60fp2WGI9WTxDuoeM2DGY9oSbr2o1pH7xD
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org