Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/323030313a6466303a3265313a3a2f34382d3438203d3e203538333831.roa
File: 323030313a6466303a3265313a3a2f34382d3438203d3e203538333831.roa (raw, json)
Hash identifier: Rww0BywwT6rQrozX2QKyBifWCqq6i5vyQNUtgmgZUUk=
Subject key identifier: 2B:0D:F2:91:B8:F6:11:4E:74:EA:D4:93:32:AF:7C:43:6A:B1:1E:80
Certificate issuer: /CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
Certificate serial: 3B6AD6A3591F1F13313EE203019029F00C26890E
Authority key identifier: E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/323030313a6466303a3265313a3a2f34382d3438203d3e203538333831.roa
Signing time: Mon 31 Jul 2023 00:09:42 +0000
ROA not before: Mon 31 Jul 2023 00:04:42 +0000
ROA not after: Mon 29 Jul 2024 00:09:42 +0000
asID: 58381
IP address blocks: 2001:df0:2e1::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:6a:d6:a3:59:1f:1f:13:31:3e:e2:03:01:90:29:f0:0c:26:89:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
Validity
Not Before: Jul 31 00:04:42 2023 GMT
Not After : Jul 29 00:09:42 2024 GMT
Subject: CN=2B0DF291B8F6114E74EAD49332AF7C436AB11E80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:42:ce:af:4a:f1:e9:37:62:a4:08:36:e0:
2c:59:36:57:3f:1a:91:b1:51:38:81:21:97:05:f6:
ec:72:d2:78:18:81:0c:19:23:1d:d6:80:80:72:d9:
fd:b3:38:18:7a:6e:71:c0:7c:27:2e:5e:b9:fd:13:
77:ef:84:c6:35:10:64:f3:cf:67:f6:11:1d:e1:3f:
a3:e3:3d:53:ed:28:c4:ed:68:54:6e:55:49:74:e1:
a0:d7:e1:01:62:e5:53:5b:07:9d:1b:bc:58:11:e1:
93:21:8a:3f:f6:46:42:d7:81:8c:ee:41:04:d5:58:
8f:b7:b1:7e:86:95:46:36:1b:83:5f:3d:75:a2:71:
ba:57:e6:af:6d:29:6c:d8:e2:e6:1d:1d:a1:af:4d:
93:66:89:78:d5:a6:b0:87:40:1c:67:05:7d:b9:5e:
cb:61:eb:74:6b:4f:29:88:54:cb:d5:dd:83:ca:02:
fd:4b:86:7a:76:34:cf:50:49:0a:ef:3a:22:6e:4a:
4c:18:8e:f8:0f:27:13:a6:d6:7e:b8:65:5d:7f:bd:
21:26:b2:2b:c5:37:e2:5a:ae:b7:cc:75:2a:fb:54:
fe:d7:9a:ef:e1:2d:01:2d:ae:89:54:bc:aa:03:a7:
29:0b:ac:2c:85:db:a4:2b:0a:64:d9:8a:9a:1d:74:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:F2:91:B8:F6:11:4E:74:EA:D4:93:32:AF:7C:43:6A:B1:1E:80
X509v3 Authority Key Identifier:
keyid:E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/323030313a6466303a3265313a3a2f34382d3438203d3e203538333831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:2e1::/48
Signature Algorithm: sha256WithRSAEncryption
7e:a7:2e:4c:af:f4:1e:9e:1e:03:1a:84:b8:e2:e3:db:43:e0:
a6:7a:6c:ff:26:7e:f8:1e:77:da:e4:9c:ba:67:6d:c5:f6:06:
43:12:f8:cb:df:4c:c4:37:85:79:3b:d7:d7:8d:39:31:f5:bb:
b6:75:65:4a:2c:55:df:40:7d:d5:98:c2:a2:9a:b6:17:5b:97:
e1:68:7c:08:4f:68:ea:b9:0d:da:e2:f8:13:cc:84:f2:26:23:
c1:78:86:9c:63:db:0a:e6:b4:07:7f:9c:f9:d0:8d:ed:11:d6:
77:c1:13:4c:7d:e7:4e:8d:dd:58:ca:94:32:93:b6:16:81:70:
7e:49:dc:95:c6:6d:5a:cc:06:ea:dd:1b:a9:da:aa:ac:90:cb:
12:13:c6:36:49:16:93:5d:19:57:47:6c:aa:32:b7:39:c8:73:
df:e8:88:09:63:8e:ca:3c:5e:88:da:fe:12:f6:30:b8:c7:bc:
0c:e4:9e:e9:84:f4:30:6c:47:a4:ea:b3:f8:2b:ca:d9:a3:79:
a3:3e:05:98:1d:b0:4e:4e:86:4a:ab:83:44:f0:6c:3c:1a:6e:
19:d0:73:99:30:97:c6:b7:b1:bf:20:58:3c:8d:6d:87:71:51:
b9:27:f6:64:13:2f:d4:71:7a:c2:5f:9b:52:24:bf:cc:72:f8:
7b:89:ff:21
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUO2rWo1kfHxMxPuIDAZAp8AwmiQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5
OERCRUI5ODAeFw0yMzA3MzEwMDA0NDJaFw0yNDA3MjkwMDA5NDJaMDMxMTAvBgNV
BAMTKDJCMERGMjkxQjhGNjExNEU3NEVBRDQ5MzMyQUY3QzQzNkFCMTFFODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyKkLOr0rx6TdipAg24CxZNlc/
GpGxUTiBIZcF9uxy0ngYgQwZIx3WgIBy2f2zOBh6bnHAfCcuXrn9E3fvhMY1EGTz
z2f2ER3hP6PjPVPtKMTtaFRuVUl04aDX4QFi5VNbB50bvFgR4ZMhij/2RkLXgYzu
QQTVWI+3sX6GlUY2G4NfPXWicbpX5q9tKWzY4uYdHaGvTZNmiXjVprCHQBxnBX25
Xsth63RrTymIVMvV3YPKAv1Lhnp2NM9QSQrvOiJuSkwYjvgPJxOm1n64ZV1/vSEm
sivFN+JarrfMdSr7VP7Xmu/hLQEtrolUvKoDpykLrCyF26QrCmTZipoddDJ1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUKw3ykbj2EU506tSTMq98Q2qxHoAwHwYDVR0j
BBgwFoAU5akHxOxtptk0JhMoDMrybpjb65gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzhkMjc1NS0zODBkLTQ3N2UtYmYyNS0wYWYyOTAyNmJkNzAvMC9FNUE5MDdDNEVD
NkRBNkQ5MzQyNjEzMjgwQ0NBRjI2RTk4REJFQjk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5OERC
RUI5OC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzOGQyNzU1LTM4MGQtNDc3ZS1i
ZjI1LTBhZjI5MDI2YmQ3MC8wLzMyMzAzMDMxM2E2NDY2MzAzYTMyNjUzMTNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzgzMzM4MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ3wAuEw
DQYJKoZIhvcNAQELBQADggEBAH6nLkyv9B6eHgMahLji49tD4KZ6bP8mfvged9rk
nLpnbcX2BkMS+MvfTMQ3hXk719eNOTH1u7Z1ZUosVd9AfdWYwqKathdbl+FofAhP
aOq5Ddri+BPMhPImI8F4hpxj2wrmtAd/nPnQje0R1nfBE0x9506N3VjKlDKTthaB
cH5J3JXGbVrMBurdG6naqqyQyxITxjZJFpNdGVdHbKoytznIc9/oiAljjso8Xoja
/hL2MLjHvAzknumE9DBsR6Tqs/grytmjeaM+BZgdsE5Ohkqrg0TwbDwabhnQc5kw
l8a3sb8gWDyNbYdxUbkn9mQTL9RxesJfm1Ikv8xy+HuJ/yE=
-----END CERTIFICATE-----
Generated at Wed Sep 27 09:34:56 2023 by rpki-client on console-ams.rpki-client.org