Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS23470.roa
File: AS23470.roa (raw, json)
Hash identifier: 9I+vfHgaR9bgQ799PwSNM/23wuVfLgQuVwom25Jl7oY=
Subject key identifier: E5:90:8B:DC:DC:D4:82:5A:0E:0B:64:AB:FB:CB:D6:B0:D5:17:11:CE
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 7BC80E5EE378450138BFF1CCAA2B7D81ACADE42B
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS23470.roa
Signing time: Sat 11 May 2024 09:46:35 +0000
ROA not before: Sat 11 May 2024 09:41:35 +0000
ROA not after: Sat 10 May 2025 09:46:35 +0000
asID: 23470
IP address blocks: 2a13:df80:60::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:c8:0e:5e:e3:78:45:01:38:bf:f1:cc:aa:2b:7d:81:ac:ad:e4:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 11 09:41:35 2024 GMT
Not After : May 10 09:46:35 2025 GMT
Subject: CN=E5908BDCDCD4825A0E0B64ABFBCBD6B0D51711CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:00:96:8c:9a:20:83:19:8f:bd:7b:1b:fe:d0:
9b:8e:2e:0b:97:93:0d:59:23:09:33:73:69:e7:75:
a0:1c:d1:e6:42:dd:37:a0:9b:fe:cd:bc:a1:96:6b:
f5:fe:10:8e:22:6d:8a:8e:56:c2:27:b0:8f:db:5c:
ea:1e:07:74:61:eb:b3:d5:f6:6c:c0:8b:07:29:49:
87:79:69:7e:75:cd:78:ac:1f:63:5c:ac:e7:f5:59:
84:2d:7c:e5:b7:34:c0:b5:7c:51:a5:90:4e:13:a8:
92:80:b5:58:e0:19:67:da:43:66:7a:11:5d:fc:2a:
90:a9:6b:04:83:d4:4b:24:62:75:97:7c:4d:96:0c:
6c:da:96:54:d8:37:11:42:22:d7:88:24:8e:04:ae:
8d:e8:1e:5e:1e:10:74:83:0a:6d:f9:b5:69:0c:10:
29:01:e9:5d:ed:8e:c0:64:47:37:07:fb:8d:8d:b8:
5d:36:20:3d:e4:5c:74:f4:5a:59:96:e5:85:76:6c:
71:87:59:2c:ea:4f:f2:09:16:d8:ef:f2:ca:15:f0:
24:fc:de:20:bc:bd:7c:22:c6:c7:54:08:eb:9e:e4:
14:53:c0:69:01:83:19:64:55:16:a8:00:27:58:63:
35:54:89:bc:88:19:a3:35:8a:60:b6:61:08:24:74:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:90:8B:DC:DC:D4:82:5A:0E:0B:64:AB:FB:CB:D6:B0:D5:17:11:CE
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS23470.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:60::/48
Signature Algorithm: sha256WithRSAEncryption
bd:d8:b0:30:36:5d:f8:9d:c6:08:8b:a4:1a:92:c9:41:60:fc:
21:8f:41:8c:49:be:fe:f9:b8:fa:a4:f1:b6:7c:68:20:7c:0e:
58:09:5c:99:16:78:65:32:74:de:f2:0e:11:11:cb:b2:fc:4f:
38:8b:13:37:b7:07:8b:76:05:59:15:79:63:86:57:14:09:f4:
7f:2b:b9:6e:4f:c8:f2:4f:0d:94:57:b3:65:b0:f2:34:bb:38:
d0:9a:36:0e:6d:f7:8c:d5:17:04:17:a8:07:3d:7d:b0:fb:bc:
b8:38:20:f6:75:bb:46:96:b9:1d:23:ab:4e:7f:0d:f7:20:a4:
74:c5:7e:64:59:4a:60:bb:0c:44:fb:1e:cd:7a:d3:73:e3:1c:
65:7b:86:3a:8f:69:b5:1f:05:79:d9:1a:54:ad:d1:85:10:7c:
f4:86:40:b2:32:85:68:f0:b6:41:ff:a9:3d:fe:7a:8b:74:1d:
c5:46:5a:3e:ee:81:ae:4b:79:ae:24:87:b5:59:ad:31:00:8d:
27:a8:e8:59:19:e7:a8:8d:f1:7d:36:3c:c1:34:90:e4:e1:56:
cf:8d:77:bc:92:04:57:15:69:04:ff:d1:1a:13:d2:de:03:af:
22:92:9e:a8:eb:66:a0:c0:e3:da:96:1d:05:a1:1e:a6:02:56:
fb:6c:de:39
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUe8gOXuN4RQE4v/HMqit9gayt5CswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MTEwOTQxMzVaFw0yNTA1MTAwOTQ2MzVaMDMxMTAvBgNV
BAMTKEU1OTA4QkRDRENENDgyNUEwRTBCNjRBQkZCQ0JENkIwRDUxNzExQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhAJaMmiCDGY+9exv+0JuOLguX
kw1ZIwkzc2nndaAc0eZC3Tegm/7NvKGWa/X+EI4ibYqOVsInsI/bXOoeB3Rh67PV
9mzAiwcpSYd5aX51zXisH2NcrOf1WYQtfOW3NMC1fFGlkE4TqJKAtVjgGWfaQ2Z6
EV38KpCpawSD1EskYnWXfE2WDGzallTYNxFCIteIJI4Ero3oHl4eEHSDCm35tWkM
ECkB6V3tjsBkRzcH+42NuF02ID3kXHT0WlmW5YV2bHGHWSzqT/IJFtjv8soV8CT8
3iC8vXwixsdUCOue5BRTwGkBgxlkVRaoACdYYzVUibyIGaM1imC2YQgkdIXtAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU5ZCL3NzUgloOC2Sr+8vWsNUXEc4wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjM0NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE9+A
AGAwDQYJKoZIhvcNAQELBQADggEBAL3YsDA2XfidxgiLpBqSyUFg/CGPQYxJvv75
uPqk8bZ8aCB8DlgJXJkWeGUydN7yDhERy7L8TziLEze3B4t2BVkVeWOGVxQJ9H8r
uW5PyPJPDZRXs2Ww8jS7ONCaNg5t94zVFwQXqAc9fbD7vLg4IPZ1u0aWuR0jq05/
DfcgpHTFfmRZSmC7DET7Hs1603PjHGV7hjqPabUfBXnZGlSt0YUQfPSGQLIyhWjw
tkH/qT3+eot0HcVGWj7uga5Lea4kh7VZrTEAjSeo6FkZ56iN8X02PME0kOThVs+N
d7ySBFcVaQT/0RoT0t4DryKSnqjrZqDA49qWHQWhHqYCVvts3jk=
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org