Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48436.roa
File: AS48436.roa (raw, json)
Hash identifier: qIisIUt43BjZbVGTBoRfoq9UMRCLTO6He5cSVvCFrio=
Subject key identifier: C9:81:88:11:E6:04:B2:78:16:D5:33:85:BD:45:39:2F:21:39:D0:2B
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 25600B0C82A5DB865FBD542D2C687E276093CB56
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48436.roa
Signing time: Wed 20 Dec 2023 16:22:01 +0000
ROA not before: Wed 20 Dec 2023 16:17:01 +0000
ROA not after: Wed 18 Dec 2024 16:22:01 +0000
asID: 48436
IP address blocks: 2a13:df80:1800::/38 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:60:0b:0c:82:a5:db:86:5f:bd:54:2d:2c:68:7e:27:60:93:cb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:01 2023 GMT
Not After : Dec 18 16:22:01 2024 GMT
Subject: CN=C9818811E604B27816D53385BD45392F2139D02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:c2:16:ca:98:b2:28:95:58:bf:5e:f6:b4:
c0:50:4c:5a:11:95:6e:36:27:dd:1e:45:a7:52:1c:
e4:46:2b:2c:b7:7c:33:ae:63:83:a1:4a:26:f9:d1:
bb:91:04:84:23:c9:fd:ec:ef:29:b6:d3:3e:dc:36:
e1:3a:89:7f:52:13:05:30:cf:12:c1:1e:ed:60:6e:
dc:5c:a4:ed:02:15:d6:62:12:ef:ec:7a:88:0c:26:
be:e4:7b:a8:bd:20:f9:91:01:8d:0d:03:53:68:18:
73:04:f6:35:27:e5:16:4e:7a:06:f1:89:68:60:d8:
cc:51:0e:9a:63:a8:7d:5e:8e:dc:77:76:19:d2:36:
d6:fe:5d:1b:85:17:5b:85:c2:d5:14:37:38:2a:8b:
9a:49:59:aa:1a:a2:9f:5b:94:48:2f:16:5b:2a:2f:
45:ab:23:a2:44:9b:ce:55:87:96:ca:29:d6:57:26:
6f:5a:7c:8b:59:eb:0f:ea:e5:58:5f:44:2c:26:6c:
0b:52:51:66:fa:2a:18:88:22:9f:94:09:d0:4d:2f:
92:54:c5:d3:2e:f0:f2:0f:62:3a:51:f8:9a:56:ae:
8d:b3:8e:cf:fa:6f:83:90:4d:b5:fc:bb:95:5c:20:
53:0c:7d:ba:d5:74:80:db:3b:e7:24:5a:47:6c:9d:
38:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:81:88:11:E6:04:B2:78:16:D5:33:85:BD:45:39:2F:21:39:D0:2B
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS48436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1800::/38
Signature Algorithm: sha256WithRSAEncryption
16:7f:ab:0e:22:36:77:4d:af:4d:77:67:2d:75:03:f7:24:17:
45:be:da:3c:42:53:28:1d:d7:15:9d:c5:7b:cd:32:64:2e:e6:
fe:70:b3:d3:8b:35:2e:b7:39:f7:98:1c:9a:49:87:ba:c6:68:
69:7b:30:c5:f2:96:23:e4:d0:24:c5:4f:e1:df:ca:d4:61:76:
26:d6:72:f1:8b:77:1d:9b:09:9a:e6:b4:6d:49:96:c7:89:92:
8b:2d:b5:07:c5:17:16:0d:0a:e7:fb:9c:99:3f:81:b9:24:3c:
05:46:c2:5a:a0:67:5f:ab:30:2d:53:a2:30:fe:e7:32:c0:65:
bd:42:a3:7d:f1:23:0d:5a:e0:5f:51:e9:0a:e6:96:b2:18:ac:
ff:7f:bb:b4:97:a3:3a:b2:b4:31:7e:ac:c6:9e:d5:b8:42:e6:
19:c3:0d:a3:f9:48:1b:6f:fb:90:70:a4:4b:1c:31:1c:83:99:
37:e9:df:ab:8d:a9:20:c9:fb:32:51:77:94:79:17:cd:44:e1:
5d:71:85:63:17:b2:1a:14:fc:fa:30:5f:d2:94:31:40:82:16:
34:30:2c:59:22:d4:ec:1a:41:5d:52:c4:dc:b8:41:b9:bb:cb:
fa:91:58:29:1e:d1:cb:ba:97:30:ca:c5:a0:ae:8c:85:25:99:
91:fb:f0:c9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUJWALDIKl24ZfvVQtLGh+J2CTy1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MDFaFw0yNDEyMTgxNjIyMDFaMDMxMTAvBgNV
BAMTKEM5ODE4ODExRTYwNEIyNzgxNkQ1MzM4NUJENDUzOTJGMjEzOUQwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP8cIWypiyKJVYv172tMBQTFoR
lW42J90eRadSHORGKyy3fDOuY4OhSib50buRBIQjyf3s7ym20z7cNuE6iX9SEwUw
zxLBHu1gbtxcpO0CFdZiEu/seogMJr7ke6i9IPmRAY0NA1NoGHME9jUn5RZOegbx
iWhg2MxRDppjqH1ejtx3dhnSNtb+XRuFF1uFwtUUNzgqi5pJWaoaop9blEgvFlsq
L0WrI6JEm85Vh5bKKdZXJm9afItZ6w/q5VhfRCwmbAtSUWb6KhiIIp+UCdBNL5JU
xdMu8PIPYjpR+JpWro2zjs/6b4OQTbX8u5VcIFMMfbrVdIDbO+ckWkdsnTgTAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUyYGIEeYEsngW1TOFvUU5LyE50CswHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNDg0MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgIqE9+A
GDANBgkqhkiG9w0BAQsFAAOCAQEAFn+rDiI2d02vTXdnLXUD9yQXRb7aPEJTKB3X
FZ3Fe80yZC7m/nCz04s1Lrc595gcmkmHusZoaXswxfKWI+TQJMVP4d/K1GF2JtZy
8Yt3HZsJmua0bUmWx4mSiy21B8UXFg0K5/ucmT+BuSQ8BUbCWqBnX6swLVOiMP7n
MsBlvUKjffEjDVrgX1HpCuaWshis/3+7tJejOrK0MX6sxp7VuELmGcMNo/lIG2/7
kHCkSxwxHIOZN+nfq42pIMn7MlF3lHkXzUThXXGFYxeyGhT8+jBf0pQxQIIWNDAs
WSLU7BpBXVLE3LhBubvL+pFYKR7Ry7qXMMrFoK6MhSWZkfvwyQ==
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org