Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/323430303a646330303a633030313a3a2f34382d3438203d3e20313331313131.roa
File: 323430303a646330303a633030313a3a2f34382d3438203d3e20313331313131.roa (raw, json)
Hash identifier: RPwpf0SlG5bWkjbKDQ6BA+y1T9XlURzzls1oqA+5Zj0=
Subject key identifier: D5:CC:F3:E9:6E:4B:DB:4A:96:41:39:51:6C:08:6A:A5:F1:6D:F9:BF
Certificate issuer: /CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
Certificate serial: 4657C65A1643E610230724E1B5FF34D14234F64D
Authority key identifier: C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/323430303a646330303a633030313a3a2f34382d3438203d3e20313331313131.roa
Signing time: Thu 03 Feb 2022 03:00:48 +0000
ROA not before: Thu 03 Feb 2022 02:55:48 +0000
ROA not after: Fri 03 Feb 2023 03:00:48 +0000
asID: 131111
IP address blocks: 2400:dc00:c001::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:57:c6:5a:16:43:e6:10:23:07:24:e1:b5:ff:34:d1:42:34:f6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
Validity
Not Before: Feb 3 02:55:48 2022 GMT
Not After : Feb 3 03:00:48 2023 GMT
Subject: CN=3082010A0282010100E135332C7FFD741068EEFA7F0FDCCC5466FA61CA8EDFB3412FA4C8E67041C49995167AD768CCEC66799CA419BB300844623FB861B0DF25D413906DFB5FB2B251A0524A0131C263F18959609D19681FA4EFA4BBBBCD999DF47287CDE029D35FA578D3D960F686DCA59E5D40AD31EEAE315C7010119EF8C845A2F8BD73810FCEC80F52CE28E6C94D556C557C0F4583EE57FECBFD792DEC4156F1F31FAE05F15E5F370F7B9062FF655A4681081FD06D148300CB4FBFAD2C701026FE8C8C2E183A7ADB3A4934CC47A2F6FCE27C0C1AEE1B5B07DF018C5A1DF2B2801CC65DFA4CBB1D0B8C82A84D63488CDE78949E83A298EE0FB8E95EB23AE9712BB615123BA6821D0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:35:33:2c:7f:fd:74:10:68:ee:fa:7f:0f:dc:
cc:54:66:fa:61:ca:8e:df:b3:41:2f:a4:c8:e6:70:
41:c4:99:95:16:7a:d7:68:cc:ec:66:79:9c:a4:19:
bb:30:08:44:62:3f:b8:61:b0:df:25:d4:13:90:6d:
fb:5f:b2:b2:51:a0:52:4a:01:31:c2:63:f1:89:59:
60:9d:19:68:1f:a4:ef:a4:bb:bb:cd:99:9d:f4:72:
87:cd:e0:29:d3:5f:a5:78:d3:d9:60:f6:86:dc:a5:
9e:5d:40:ad:31:ee:ae:31:5c:70:10:11:9e:f8:c8:
45:a2:f8:bd:73:81:0f:ce:c8:0f:52:ce:28:e6:c9:
4d:55:6c:55:7c:0f:45:83:ee:57:fe:cb:fd:79:2d:
ec:41:56:f1:f3:1f:ae:05:f1:5e:5f:37:0f:7b:90:
62:ff:65:5a:46:81:08:1f:d0:6d:14:83:00:cb:4f:
bf:ad:2c:70:10:26:fe:8c:8c:2e:18:3a:7a:db:3a:
49:34:cc:47:a2:f6:fc:e2:7c:0c:1a:ee:1b:5b:07:
df:01:8c:5a:1d:f2:b2:80:1c:c6:5d:fa:4c:bb:1d:
0b:8c:82:a8:4d:63:48:8c:de:78:94:9e:83:a2:98:
ee:0f:b8:e9:5e:b2:3a:e9:71:2b:b6:15:12:3b:a6:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:CC:F3:E9:6E:4B:DB:4A:96:41:39:51:6C:08:6A:A5:F1:6D:F9:BF
X509v3 Authority Key Identifier:
keyid:C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/323430303a646330303a633030313a3a2f34382d3438203d3e20313331313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:dc00:c001::/48
Signature Algorithm: sha256WithRSAEncryption
85:de:5a:a3:5d:3a:8d:ec:26:22:6b:c9:03:04:91:aa:0b:81:
c8:d2:b5:74:97:3c:01:41:5f:29:f6:86:ce:cb:5b:d6:f2:c2:
fc:b4:ee:ce:50:aa:cb:25:ef:ff:88:4d:95:da:4c:90:13:2b:
5c:97:99:91:0d:5d:59:ff:20:73:13:aa:8e:2a:3d:33:67:10:
0b:d8:cd:3d:59:0e:46:a0:54:dc:1e:12:5b:3a:d0:97:cc:c1:
48:54:da:cc:f7:d3:09:f6:6a:99:3c:fe:91:72:eb:47:89:ff:
f9:6f:1b:1b:32:e8:3d:b7:bc:e6:eb:ed:22:9d:b8:97:42:8f:
23:e0:33:db:a5:55:60:fe:81:a5:37:a5:62:fa:10:ae:8e:fd:
28:fa:69:c4:71:86:79:20:d2:d3:21:51:72:6a:97:4c:cf:87:
34:94:d5:b5:7a:0a:d6:43:7e:66:a7:a8:cd:2e:84:f5:cf:bc:
65:06:14:4c:ce:e1:ec:04:f0:b2:72:33:ee:43:24:fc:e6:f1:
bb:3e:35:db:91:40:62:79:99:6c:22:df:e1:ef:48:c1:6e:ff:
9c:01:2a:86:cd:d2:56:7c:9e:8c:f7:b5:ea:6a:9e:8f:5f:ce:
2f:8c:c4:60:df:65:e6:6a:b8:20:8f:68:0c:c5:35:6d:d0:7f:
f7:7d:76:af
-----BEGIN CERTIFICATE-----
MIIHMTCCBhmgAwIBAgIURlfGWhZD5hAjByThtf800UI09k0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4
NzE2REMyRjAeFw0yMjAyMDMwMjU1NDhaFw0yMzAyMDMwMzAwNDhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRTEzNTMzMkM3RkZENzQxMDY4
RUVGQTdGMEZEQ0NDNTQ2NkZBNjFDQThFREZCMzQxMkZBNEM4RTY3MDQxQzQ5OTk1
MTY3QUQ3NjhDQ0VDNjY3OTlDQTQxOUJCMzAwODQ0NjIzRkI4NjFCMERGMjVENDEz
OTA2REZCNUZCMkIyNTFBMDUyNEEwMTMxQzI2M0YxODk1OTYwOUQxOTY4MUZBNEVG
QTRCQkJCQ0Q5OTlERjQ3Mjg3Q0RFMDI5RDM1RkE1NzhEM0Q5NjBGNjg2RENBNTlF
NUQ0MEFEMzFFRUFFMzE1QzcwMTAxMTlFRjhDODQ1QTJGOEJENzM4MTBGQ0VDODBG
NTJDRTI4RTZDOTRENTU2QzU1N0MwRjQ1ODNFRTU3RkVDQkZENzkyREVDNDE1NkYx
RjMxRkFFMDVGMTVFNUYzNzBGN0I5MDYyRkY2NTVBNDY4MTA4MUZEMDZEMTQ4MzAw
Q0I0RkJGQUQyQzcwMTAyNkZFOEM4QzJFMTgzQTdBREIzQTQ5MzRDQzQ3QTJGNkZD
RTI3QzBDMUFFRTFCNUIwN0RGMDE4QzVBMURGMkIyODAxQ0M2NURGQTRDQkIxRDBC
OEM4MkE4NEQ2MzQ4OENERTc4OTQ5RTgzQTI5OEVFMEZCOEU5NUVCMjNBRTk3MTJC
QjYxNTEyM0JBNjgyMUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA4TUzLH/9dBBo7vp/D9zMVGb6YcqO37NBL6TI5nBBxJmVFnrXaMzs
ZnmcpBm7MAhEYj+4YbDfJdQTkG37X7KyUaBSSgExwmPxiVlgnRloH6TvpLu7zZmd
9HKHzeAp01+leNPZYPaG3KWeXUCtMe6uMVxwEBGe+MhFovi9c4EPzsgPUs4o5slN
VWxVfA9Fg+5X/sv9eS3sQVbx8x+uBfFeXzcPe5Bi/2VaRoEIH9BtFIMAy0+/rSxw
ECb+jIwuGDp62zpJNMxHovb84nwMGu4bWwffAYxaHfKygBzGXfpMux0LjIKoTWNI
jN54lJ6DopjuD7jpXrI66XErthUSO6aCHQIDAQABo4ICPzCCAjswHQYDVR0OBBYE
FNXM8+luS9tKlkE5UWwIaqXxbfm/MB8GA1UdIwQYMBaAFMGvjJmenQba3rw4fXiz
BauHFtwvMA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTkyMDVlN2MtYTg4MS00ODczLTkx
ODgtZTUyMWI2YWY1MjljLzAvQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1
QUI4NzE2REMyRi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yL0MxQUY4Qzk5
OUU5RDA2REFERUJDMzg3RDc4QjMwNUFCODcxNkRDMkYuY2VyMIGsBggrBgEFBQcB
CwSBnzCBnDCBmQYIKwYBBQUHMAuGgYxyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8xOTIwNWU3Yy1hODgxLTQ4NzMtOTE4OC1lNTIxYjZhZjUyOWMvMC8z
MjM0MzAzMDNhNjQ2MzMwMzAzYTYzMzAzMDMxM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJADcAMABMA0GCSqGSIb3DQEBCwUA
A4IBAQCF3lqjXTqN7CYia8kDBJGqC4HI0rV0lzwBQV8p9obOy1vW8sL8tO7OUKrL
Je//iE2V2kyQEytcl5mRDV1Z/yBzE6qOKj0zZxAL2M09WQ5GoFTcHhJbOtCXzMFI
VNrM99MJ9mqZPP6RcutHif/5bxsbMug9t7zm6+0inbiXQo8j4DPbpVVg/oGlN6Vi
+hCujv0o+mnEcYZ5INLTIVFyapdMz4c0lNW1egrWQ35mp6jNLoT1z7xlBhRMzuHs
BPCycjPuQyT85vG7PjXbkUBieZlsIt/h70jBbv+cASqGzdJWfJ6M97Xqap6PX84v
jMRg32Xmarggj2gMxTVt0H/3fXav
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:01 2024 by rpki-client on console-fra.rpki-client.org