Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS51396.roa
File: AS51396.roa (raw, json)
Hash identifier: Mp5ZDVL+HxVUPq05H600ygEfpeWhwpfRrncWMn2Aig4=
Subject key identifier: 02:FC:D9:7B:29:08:FE:10:01:C0:48:5D:1A:48:4E:AC:1A:1B:63:58
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 5DEA89B3958CE7E3DFEEADBB3B3B35ACD619BCE0
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS51396.roa
Signing time: Sat 20 Apr 2024 14:17:56 +0000
ROA not before: Sat 20 Apr 2024 14:12:56 +0000
ROA not after: Sat 19 Apr 2025 14:17:56 +0000
asID: 51396
IP address blocks: 2a13:df84:b00b::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ea:89:b3:95:8c:e7:e3:df:ee:ad:bb:3b:3b:35:ac:d6:19:bc:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 20 14:12:56 2024 GMT
Not After : Apr 19 14:17:56 2025 GMT
Subject: CN=02FCD97B2908FE1001C0485D1A484EAC1A1B6358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:11:66:89:4a:ac:ee:4b:cc:d5:79:8c:64:
7a:03:1b:c8:09:a3:37:88:cf:f1:76:ea:ec:11:0e:
dc:64:68:d9:c6:4e:16:04:40:2d:78:e7:01:7e:61:
64:79:eb:74:d6:6f:95:2b:82:b9:ae:07:70:a7:24:
40:31:b3:e5:6a:af:e4:f9:c8:c8:cd:29:07:c8:5b:
d5:30:f4:e0:bf:48:00:c0:e4:5e:f8:d7:04:19:5d:
58:a2:07:d6:6c:89:60:f0:a9:d2:9c:fa:a6:1d:ed:
3a:30:fe:30:3e:c3:d5:86:6e:bb:18:82:58:bf:db:
6a:1f:e8:13:33:d8:da:91:73:c8:96:a1:86:61:9a:
eb:a5:d3:73:26:40:27:63:a1:42:39:7f:48:33:96:
64:b0:47:5b:6d:f4:e1:3c:a0:40:8f:72:cb:f0:52:
6d:ae:60:82:0d:4c:4a:27:96:fc:c7:62:95:1d:9e:
16:e8:92:7b:ab:a4:ee:a9:ad:23:2e:3e:69:ff:77:
a6:06:56:5e:e7:ab:ee:a8:66:ed:98:91:0c:0d:3b:
bc:76:c9:32:55:66:68:5c:99:47:d7:ff:25:69:b4:
a7:78:0b:8c:1d:a6:ad:6d:6a:d4:67:fe:34:6c:e6:
37:80:fd:a3:8d:61:02:eb:d3:ae:ff:0e:ce:f3:d5:
29:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FC:D9:7B:29:08:FE:10:01:C0:48:5D:1A:48:4E:AC:1A:1B:63:58
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS51396.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df84:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
c6:b9:5e:ca:5f:ba:ee:5e:03:9e:30:6b:fa:26:4a:6e:fe:22:
88:94:44:0b:d4:e6:63:67:51:a8:3c:ee:4c:02:1d:ff:af:51:
f6:54:1e:3f:a8:6c:06:4e:d6:fa:cd:58:5d:00:c1:15:f2:74:
99:34:56:5c:69:1d:1a:a5:8c:94:3e:91:ce:d6:f5:32:8b:f0:
aa:e3:56:86:d0:61:24:ba:6f:ff:ec:43:e9:d9:21:ab:1c:d2:
dd:bf:d3:82:33:83:e4:93:c0:b7:8d:8e:d9:1d:b4:c8:95:37:
e1:c4:81:97:b7:f3:22:d4:27:e7:e4:8f:b2:39:19:67:b8:b6:
db:b1:85:54:a0:96:09:49:65:c1:92:99:00:d1:85:43:94:59:
3b:6d:c7:33:dd:a8:e3:1e:0f:2a:78:ef:8f:12:40:25:1c:60:
57:9f:16:38:2f:b8:1d:8e:fb:ec:81:8b:8d:d1:cd:44:14:a3:
fa:cb:23:ed:b1:25:81:47:2a:f5:7f:bb:9a:83:47:12:a6:1b:
9c:22:5d:51:7e:3e:79:5d:9e:14:fd:b5:f1:da:d7:97:34:ca:
14:d9:99:76:dd:c9:25:b4:8a:fd:e2:c2:f6:51:70:bc:04:6b:
c2:3d:d0:ac:8e:e8:9e:d2:23:c7:fd:0e:b2:b3:1c:56:6d:2a:
27:33:58:40
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUXeqJs5WM5+Pf7q27Ozs1rNYZvOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MjAxNDEyNTZaFw0yNTA0MTkxNDE3NTZaMDMxMTAvBgNV
BAMTKDAyRkNEOTdCMjkwOEZFMTAwMUMwNDg1RDFBNDg0RUFDMUExQjYzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC47BFmiUqs7kvM1XmMZHoDG8gJ
ozeIz/F26uwRDtxkaNnGThYEQC145wF+YWR563TWb5UrgrmuB3CnJEAxs+Vqr+T5
yMjNKQfIW9Uw9OC/SADA5F741wQZXViiB9ZsiWDwqdKc+qYd7Tow/jA+w9WGbrsY
gli/22of6BMz2NqRc8iWoYZhmuul03MmQCdjoUI5f0gzlmSwR1tt9OE8oECPcsvw
Um2uYIINTEonlvzHYpUdnhboknurpO6prSMuPmn/d6YGVl7nq+6oZu2YkQwNO7x2
yTJVZmhcmUfX/yVptKd4C4wdpq1tatRn/jRs5jeA/aONYQLr067/Ds7z1SkLAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUAvzZeykI/hABwEhdGkhOrBobY1gwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNTEzOTYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE9+E
sAswDQYJKoZIhvcNAQELBQADggEBAMa5Xspfuu5eA54wa/omSm7+IoiURAvU5mNn
Uag87kwCHf+vUfZUHj+obAZO1vrNWF0AwRXydJk0VlxpHRqljJQ+kc7W9TKL8Krj
VobQYSS6b//sQ+nZIasc0t2/04Izg+STwLeNjtkdtMiVN+HEgZe38yLUJ+fkj7I5
GWe4ttuxhVSglglJZcGSmQDRhUOUWTttxzPdqOMeDyp4748SQCUcYFefFjgvuB2O
++yBi43RzUQUo/rLI+2xJYFHKvV/u5qDRxKmG5wiXVF+PnldnhT9tfHa15c0yhTZ
mXbdySW0iv3iwvZRcLwEa8I90KyO6J7SI8f9DrKzHFZtKiczWEA=
-----END CERTIFICATE-----
Generated at Tue May 21 14:01:40 2024 by rpki-client on console-fra.rpki-client.org