Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216461.roa
File: AS216461.roa (raw, json)
Hash identifier: pRBXKa3xhrXk4Nhe1SlIZRT+OJEb2qyyc9eujL2GzAw=
Subject key identifier: 90:31:EB:0A:D3:BC:A8:10:AC:4C:ED:34:E0:C8:1B:AC:D6:D0:FE:1D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 032B06550EE431270E18FBDE7B1D5082D356F9FE
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216461.roa
Signing time: Wed 20 Dec 2023 16:21:28 +0000
ROA not before: Wed 20 Dec 2023 16:16:28 +0000
ROA not after: Wed 18 Dec 2024 16:21:28 +0000
asID: 216461
IP address blocks: 2a13:df85::/38 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:2b:06:55:0e:e4:31:27:0e:18:fb:de:7b:1d:50:82:d3:56:f9:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:28 2023 GMT
Not After : Dec 18 16:21:28 2024 GMT
Subject: CN=9031EB0AD3BCA810AC4CED34E0C81BACD6D0FE1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6f:88:6e:8d:01:9f:83:9e:a7:c7:4a:d7:99:
b1:b8:1e:92:6d:6a:60:7b:00:82:4c:fc:c8:8b:c6:
2d:20:52:fe:20:f0:e4:4a:58:d3:95:0e:9e:60:93:
84:29:42:26:94:a7:48:b0:65:d3:20:47:99:8e:26:
62:fd:19:70:51:bb:a7:75:d1:96:51:a9:ed:ab:59:
2c:1c:ca:ce:f2:2b:3a:b8:02:3b:01:ba:de:24:b7:
e5:a5:95:60:f5:a9:3b:4c:14:d8:59:30:4f:31:21:
ab:91:57:b0:1a:3e:40:b3:0a:84:2d:51:6f:69:5a:
5c:4c:14:93:f3:df:15:7b:4e:da:25:1d:60:84:c2:
5f:13:71:4c:cb:3c:6d:48:cb:af:a4:37:27:f1:d7:
54:b6:6a:a9:0b:8e:5e:ac:25:8a:00:db:48:75:d0:
97:bb:bb:5c:9c:34:da:59:32:40:5b:69:da:72:25:
be:08:10:44:ac:b3:41:29:00:2c:a4:33:f0:02:65:
e2:e3:34:e2:c2:b1:90:6e:31:28:77:6d:a8:de:14:
5b:48:ba:d8:8d:ac:82:12:dd:5a:05:f9:61:90:c8:
c9:60:eb:9c:ec:c0:01:9d:f0:34:09:56:ac:d6:e8:
81:0a:bc:6b:2c:a0:16:fb:5d:3e:7e:b2:f9:5f:ef:
7d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:31:EB:0A:D3:BC:A8:10:AC:4C:ED:34:E0:C8:1B:AC:D6:D0:FE:1D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS216461.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85::/38
Signature Algorithm: sha256WithRSAEncryption
0d:56:e0:bf:23:4e:0e:2d:f8:43:5b:b4:77:55:31:69:31:fa:
7d:12:b9:2b:df:c9:b0:1b:67:ed:cd:44:ff:33:47:75:bc:28:
d8:12:d4:7d:94:26:16:10:6f:8a:e5:72:f1:9c:c3:3c:0e:94:
6f:ce:ec:3b:f9:a3:51:e1:c4:81:cd:8d:c9:f3:b4:ce:52:6a:
01:8f:8f:80:4c:5a:ba:46:6f:33:d1:2c:ca:fe:50:1a:15:9f:
d9:2f:d5:af:13:4f:a0:30:bf:32:e8:50:b1:b8:f3:71:c6:79:
60:3b:68:77:5e:e9:55:1d:90:e5:eb:51:4e:4b:28:c3:43:c7:
a5:51:b1:f2:34:26:63:d8:5d:1d:e8:f9:56:b6:b5:a0:5b:4f:
48:30:2b:03:b0:5e:45:61:cf:d8:67:10:65:dc:37:c4:8c:22:
57:76:32:3e:d0:dc:a5:ca:23:c0:3f:aa:0a:47:b7:f1:65:46:
5e:b7:6c:57:fb:b8:53:7e:b5:a4:36:b7:53:3c:80:8a:02:ba:
ac:80:b0:31:36:6f:fc:38:c0:00:ea:55:00:91:23:55:0c:66:
97:49:81:e1:34:35:a0:20:7c:d1:4d:22:cf:e6:35:6f:f3:5c:
84:18:33:5f:7e:8e:a6:95:92:e8:1c:71:c6:ed:89:64:0d:6f:
dc:81:50:53
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUAysGVQ7kMScOGPveex1QgtNW+f4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2MjhaFw0yNDEyMTgxNjIxMjhaMDMxMTAvBgNV
BAMTKDkwMzFFQjBBRDNCQ0E4MTBBQzRDRUQzNEUwQzgxQkFDRDZEMEZFMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCib4hujQGfg56nx0rXmbG4HpJt
amB7AIJM/MiLxi0gUv4g8ORKWNOVDp5gk4QpQiaUp0iwZdMgR5mOJmL9GXBRu6d1
0ZZRqe2rWSwcys7yKzq4AjsBut4kt+WllWD1qTtMFNhZME8xIauRV7AaPkCzCoQt
UW9pWlxMFJPz3xV7TtolHWCEwl8TcUzLPG1Iy6+kNyfx11S2aqkLjl6sJYoA20h1
0Je7u1ycNNpZMkBbadpyJb4IEESss0EpACykM/ACZeLjNOLCsZBuMSh3bajeFFtI
utiNrIIS3VoF+WGQyMlg65zswAGd8DQJVqzW6IEKvGssoBb7XT5+svlf733ZAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUkDHrCtO8qBCsTO004MgbrNbQ/h0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjE2NDYxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhPf
hQAwDQYJKoZIhvcNAQELBQADggEBAA1W4L8jTg4t+ENbtHdVMWkx+n0SuSvfybAb
Z+3NRP8zR3W8KNgS1H2UJhYQb4rlcvGcwzwOlG/O7Dv5o1HhxIHNjcnztM5SagGP
j4BMWrpGbzPRLMr+UBoVn9kv1a8TT6AwvzLoULG483HGeWA7aHde6VUdkOXrUU5L
KMNDx6VRsfI0JmPYXR3o+Va2taBbT0gwKwOwXkVhz9hnEGXcN8SMIld2Mj7Q3KXK
I8A/qgpHt/FlRl63bFf7uFN+taQ2t1M8gIoCuqyAsDE2b/w4wADqVQCRI1UMZpdJ
geE0NaAgfNFNIs/mNW/zXIQYM19+jqaVkugcccbtiWQNb9yBUFM=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org