Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44331.roa
File: AS44331.roa (raw, json)
Hash identifier: gZjZVKMIKMHPxxT1aPrkfYstJL+dk2DUZWlAMh3ycoI=
Subject key identifier: 65:05:87:93:B3:E5:72:83:66:70:0C:7D:D9:D8:21:F8:DF:EC:BD:E9
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 20F6FCAE29D5980C8E44254E3BA77A5CA21E4761
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44331.roa
Signing time: Fri 22 Dec 2023 16:29:24 +0000
ROA not before: Fri 22 Dec 2023 16:24:24 +0000
ROA not after: Fri 20 Dec 2024 16:29:24 +0000
asID: 44331
IP address blocks: 2a13:df80:3d00::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:f6:fc:ae:29:d5:98:0c:8e:44:25:4e:3b:a7:7a:5c:a2:1e:47:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 22 16:24:24 2023 GMT
Not After : Dec 20 16:29:24 2024 GMT
Subject: CN=65058793B3E5728366700C7DD9D821F8DFECBDE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:65:02:42:3b:a4:f8:fb:7e:70:05:07:d4:c2:
d0:dc:87:cc:bd:79:6d:b5:1d:59:ee:63:47:8f:1f:
55:db:35:5e:b0:fb:ce:7c:7d:81:fa:ef:12:31:ca:
25:05:b6:32:52:5b:45:9d:df:c9:d6:8a:5e:8e:66:
98:f3:9a:f2:26:4d:5c:5b:cc:8f:67:81:3f:98:68:
9a:7e:55:13:31:03:22:8c:62:d2:20:68:18:60:fa:
80:90:9f:14:d5:10:be:71:2e:83:25:ac:c8:ad:0a:
f8:3e:4c:5d:3e:31:f7:1a:18:97:bb:6d:38:c5:34:
73:84:97:87:d5:73:85:5d:1d:50:d5:c3:b0:dc:30:
67:7e:7f:46:7b:2e:38:4d:5b:e0:67:4f:84:0e:09:
a4:e2:2b:86:7c:da:a7:15:f0:f6:c8:fd:a6:07:5d:
71:9b:42:49:08:c7:b8:78:00:ec:c3:11:a9:7c:1d:
6e:83:d8:98:97:67:5e:af:ad:89:8f:8e:20:10:7a:
61:ee:fc:f6:bf:51:af:24:21:48:6e:1c:45:88:40:
5e:19:2c:29:bf:5d:a1:00:6b:bd:3f:89:46:6e:4c:
05:34:6a:b8:ea:db:68:ea:ae:39:23:d5:ac:4a:aa:
e8:c8:f4:08:55:8a:7e:dc:50:58:8f:72:80:8c:dc:
89:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:05:87:93:B3:E5:72:83:66:70:0C:7D:D9:D8:21:F8:DF:EC:BD:E9
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS44331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:3d00::/40
Signature Algorithm: sha256WithRSAEncryption
9e:1b:11:70:fd:a7:45:f5:15:4a:c6:7b:5e:0d:c7:4c:e0:32:
66:41:90:25:81:11:7f:4c:e3:99:c4:a9:2e:04:c3:4a:32:31:
78:ae:a6:29:8f:ef:13:19:bb:b6:1f:9a:23:45:31:07:3a:0b:
37:30:c7:a6:01:43:48:df:bb:b2:05:80:ed:27:fc:61:d2:7d:
c4:a1:e7:c1:b6:7a:dd:85:72:7a:23:74:a1:dd:40:8c:47:72:
84:d3:4f:d4:ca:ac:d4:e7:32:89:68:0f:b7:87:87:5a:97:50:
fb:c0:2a:4b:ad:0d:87:8f:84:bd:32:ab:6c:ac:c8:b5:32:b5:
78:e8:40:c1:e9:0e:85:e5:7c:60:8f:e0:30:6e:11:64:cf:8b:
10:1f:a7:10:31:37:a0:48:4f:17:8f:3c:95:f0:93:6b:bc:24:
dd:ff:27:8e:de:8b:0b:ce:b6:8e:14:2d:c3:a9:1b:6c:59:9c:
da:1a:92:7f:04:d2:0e:2b:44:43:06:bc:fd:dc:d7:27:5b:0e:
e6:05:a7:38:cd:a4:d0:3d:26:58:7c:7d:54:87:28:dd:48:a1:
0c:b4:ee:c6:3a:83:ac:cd:eb:61:87:fc:1c:fd:88:f8:d9:54:
73:00:89:8c:2f:e0:65:33:ae:3f:5c:a2:84:ec:4d:ae:8e:1f:
b7:13:cb:27
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUIPb8rinVmAyORCVOO6d6XKIeR2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjIxNjI0MjRaFw0yNDEyMjAxNjI5MjRaMDMxMTAvBgNV
BAMTKDY1MDU4NzkzQjNFNTcyODM2NjcwMEM3REQ5RDgyMUY4REZFQ0JERTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZQJCO6T4+35wBQfUwtDch8y9
eW21HVnuY0ePH1XbNV6w+858fYH67xIxyiUFtjJSW0Wd38nWil6OZpjzmvImTVxb
zI9ngT+YaJp+VRMxAyKMYtIgaBhg+oCQnxTVEL5xLoMlrMitCvg+TF0+MfcaGJe7
bTjFNHOEl4fVc4VdHVDVw7DcMGd+f0Z7LjhNW+BnT4QOCaTiK4Z82qcV8PbI/aYH
XXGbQkkIx7h4AOzDEal8HW6D2JiXZ16vrYmPjiAQemHu/Pa/Ua8kIUhuHEWIQF4Z
LCm/XaEAa70/iUZuTAU0arjq22jqrjkj1axKqujI9AhVin7cUFiPcoCM3InzAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUZQWHk7PlcoNmcAx92dgh+N/svekwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDQzMzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqE9+A
PTANBgkqhkiG9w0BAQsFAAOCAQEAnhsRcP2nRfUVSsZ7Xg3HTOAyZkGQJYERf0zj
mcSpLgTDSjIxeK6mKY/vExm7th+aI0UxBzoLNzDHpgFDSN+7sgWA7Sf8YdJ9xKHn
wbZ63YVyeiN0od1AjEdyhNNP1Mqs1OcyiWgPt4eHWpdQ+8AqS60Nh4+EvTKrbKzI
tTK1eOhAwekOheV8YI/gMG4RZM+LEB+nEDE3oEhPF488lfCTa7wk3f8njt6LC862
jhQtw6kbbFmc2hqSfwTSDitEQwa8/dzXJ1sO5gWnOM2k0D0mWHx9VIco3UihDLTu
xjqDrM3rYYf8HP2I+NlUcwCJjC/gZTOuP1yihOxNro4ftxPLJw==
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:41 2024 by rpki-client on console-ams.rpki-client.org