Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216443.roa
File: AS216443.roa (raw, json)
Hash identifier: K1WxQ9jjpyDyOFMu6J/TMs+PaAtBiAVTQtQUx5xeJMM=
Subject key identifier: 15:01:86:7F:C1:C7:B1:03:0F:BD:02:A0:5D:E1:C5:05:CE:FF:FF:3B
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3C543E21361150A9E7A976E8F3E7C2E507B87AF8
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216443.roa
Signing time: Wed 20 Dec 2023 16:22:27 +0000
ROA not before: Wed 20 Dec 2023 16:17:27 +0000
ROA not after: Wed 18 Dec 2024 16:22:27 +0000
asID: 216443
IP address blocks: 2a13:df80:2000::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:54:3e:21:36:11:50:a9:e7:a9:76:e8:f3:e7:c2:e5:07:b8:7a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:27 2023 GMT
Not After : Dec 18 16:22:27 2024 GMT
Subject: CN=1501867FC1C7B1030FBD02A05DE1C505CEFFFF3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:ce:5c:83:4c:99:27:47:df:b0:86:e0:2c:
25:19:ce:e3:88:e4:6b:49:55:e9:a2:38:e6:f4:dd:
3b:36:78:97:d3:81:f9:1d:3c:a5:98:e7:f9:f9:7e:
b5:9e:19:9e:e1:df:ef:ec:cc:26:2d:52:c0:34:51:
58:64:ef:21:cc:24:91:12:15:41:0d:5b:df:41:54:
d0:ac:79:ce:53:d0:55:35:ce:41:01:17:8b:68:0f:
63:e0:8f:1f:d4:31:fc:dc:7d:49:c3:99:07:10:61:
cc:bc:79:69:28:57:b7:ee:15:fa:e2:38:27:44:78:
71:3b:50:07:e3:00:22:2a:c6:c2:b9:b2:34:1b:93:
05:8f:58:09:7f:46:e1:ef:0f:02:2b:ae:17:18:8e:
6a:9b:3f:d6:7a:dd:e1:12:2a:e6:66:4d:26:5c:37:
30:68:bf:d6:90:49:34:68:0e:e8:0c:b3:17:d4:2d:
7b:1b:9d:a4:09:90:9c:e7:90:1a:1e:be:d1:f4:e4:
0e:40:48:73:a2:9b:14:33:c0:f1:91:66:d2:58:71:
00:43:2a:cc:6d:c8:4c:23:e2:a6:11:5a:2e:f9:4c:
d9:c7:35:a1:c6:f7:99:1a:0d:e6:d0:25:d5:2d:f6:
97:c9:11:fe:88:64:b7:e5:af:35:4d:b1:f2:de:88:
b3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:01:86:7F:C1:C7:B1:03:0F:BD:02:A0:5D:E1:C5:05:CE:FF:FF:3B
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216443.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:2000::/38
Signature Algorithm: sha256WithRSAEncryption
94:49:96:01:7a:86:34:e3:3d:38:d0:47:07:e3:58:4f:40:7c:
6e:be:82:c3:e4:80:07:a3:8d:98:2d:cd:04:67:ed:74:ad:f1:
83:21:0b:08:7d:5f:21:d2:b1:3d:41:5e:21:3f:38:7a:ac:fa:
f7:6c:a1:69:89:d9:7d:68:1c:2b:50:66:7a:20:9f:7c:de:0c:
07:0f:21:e9:22:68:d7:9f:5c:bd:e1:00:ca:2f:8f:98:28:30:
4c:f6:b5:f7:39:45:c9:8d:46:31:a0:c8:4b:f8:28:26:8c:ad:
6c:0f:54:fc:15:29:f6:37:88:e1:57:18:7b:c4:b8:a3:73:37:
ea:3a:5c:37:05:97:1b:69:67:f4:cb:64:81:35:b8:31:b6:7f:
39:74:e6:16:48:fe:4f:22:27:a0:55:98:d2:75:57:3f:15:18:
04:87:6c:40:ae:b4:6a:e3:25:69:e1:e3:3b:c9:a0:2b:4d:ef:
20:b7:64:76:8a:af:57:1a:5e:ad:dc:34:4f:f1:72:bd:74:44:
fc:18:5b:83:1e:41:c3:f7:6c:95:ad:02:00:44:a4:58:9f:73:
2d:ec:dd:36:93:bb:23:78:cb:e9:22:d8:37:2e:ad:a6:70:9f:
b2:ab:75:36:0f:35:43:c9:37:09:34:80:06:65:0a:f7:50:00:
a7:6a:91:7a
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUPFQ+ITYRUKnnqXbo8+fC5Qe4evgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MjdaFw0yNDEyMTgxNjIyMjdaMDMxMTAvBgNV
BAMTKDE1MDE4NjdGQzFDN0IxMDMwRkJEMDJBMDVERTFDNTA1Q0VGRkZGM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFQ85cg0yZJ0ffsIbgLCUZzuOI
5GtJVemiOOb03Ts2eJfTgfkdPKWY5/n5frWeGZ7h3+/szCYtUsA0UVhk7yHMJJES
FUENW99BVNCsec5T0FU1zkEBF4toD2Pgjx/UMfzcfUnDmQcQYcy8eWkoV7fuFfri
OCdEeHE7UAfjACIqxsK5sjQbkwWPWAl/RuHvDwIrrhcYjmqbP9Z63eESKuZmTSZc
NzBov9aQSTRoDugMsxfULXsbnaQJkJznkBoevtH05A5ASHOimxQzwPGRZtJYcQBD
KsxtyEwj4qYRWi75TNnHNaHG95kaDebQJdUt9pfJEf6IZLflrzVNsfLeiLPFAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUFQGGf8HHsQMPvQKgXeHFBc7//zswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2NDQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
gCAwDQYJKoZIhvcNAQELBQADggEBAJRJlgF6hjTjPTjQRwfjWE9AfG6+gsPkgAej
jZgtzQRn7XSt8YMhCwh9XyHSsT1BXiE/OHqs+vdsoWmJ2X1oHCtQZnogn3zeDAcP
IekiaNefXL3hAMovj5goMEz2tfc5RcmNRjGgyEv4KCaMrWwPVPwVKfY3iOFXGHvE
uKNzN+o6XDcFlxtpZ/TLZIE1uDG2fzl05hZI/k8iJ6BVmNJ1Vz8VGASHbECutGrj
JWnh4zvJoCtN7yC3ZHaKr1caXq3cNE/xcr10RPwYW4MeQcP3bJWtAgBEpFifcy3s
3TaTuyN4y+ki2DcuraZwn7KrdTYPNUPJNwk0gAZlCvdQAKdqkXo=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org