Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32322d3232203d3e20313432333832.roa
File: 3138302e3133312e3134342e302f32322d3232203d3e20313432333832.roa (raw, json)
Hash identifier: W0/MvRJw+fDqsS3zKSZO9lepGZoOubnDaxiC1QFg14Q=
Subject key identifier: 4C:E7:2B:8F:D2:1E:3F:A2:55:1B:01:65:33:F2:37:89:FB:7E:B6:D0
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 2A86E1F467E349354E7F1B74B830D1E4FBE1B30E
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32322d3232203d3e20313432333832.roa
Signing time: Tue 13 Jun 2023 05:00:01 +0000
ROA not before: Tue 13 Jun 2023 04:55:01 +0000
ROA not after: Tue 11 Jun 2024 05:00:01 +0000
asID: 142382
IP address blocks: 180.131.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:86:e1:f4:67:e3:49:35:4e:7f:1b:74:b8:30:d1:e4:fb:e1:b3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Jun 13 04:55:01 2023 GMT
Not After : Jun 11 05:00:01 2024 GMT
Subject: CN=4CE72B8FD21E3FA2551B016533F23789FB7EB6D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:3f:bd:5a:ec:86:f9:dc:99:06:81:a8:22:
55:6b:cd:bb:61:d6:a1:01:1f:06:06:03:98:8c:70:
76:3a:58:76:58:94:7c:47:a1:23:4e:f2:0b:0f:c6:
f3:63:81:c5:55:60:bc:37:e8:03:3c:d8:fc:d9:87:
99:ea:53:7e:0c:33:9f:21:f5:c3:a5:07:1e:34:cf:
01:31:3f:e8:ce:a8:e4:f9:ca:c1:9f:d8:36:50:a6:
22:72:c3:08:c8:bc:de:4c:52:b3:c1:89:44:32:7c:
ab:57:05:1b:b0:93:4a:c7:f8:36:4a:72:f4:05:64:
3e:8f:3f:c8:19:e9:b3:01:2c:ad:bb:3d:3a:20:ac:
37:72:83:7d:9e:20:a5:b4:78:c6:04:f9:0d:32:40:
85:bb:99:58:e5:e1:dd:ff:ed:0a:8f:53:f8:44:c3:
37:6a:c7:25:3f:38:e7:6f:d8:39:72:bd:dc:44:e9:
05:11:ef:09:44:60:d3:8c:9d:bd:10:81:3c:7d:b3:
17:8a:14:55:be:0f:03:32:23:12:36:60:c6:22:af:
3d:1d:8d:a2:06:0e:74:40:9d:5f:ac:76:cc:59:f4:
5a:da:12:85:2f:3b:b6:f7:81:94:5b:01:94:68:11:
3c:34:6d:29:2c:75:32:da:70:59:ee:ff:9b:ea:78:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E7:2B:8F:D2:1E:3F:A2:55:1B:01:65:33:F2:37:89:FB:7E:B6:D0
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32322d3232203d3e20313432333832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:af:28:81:28:08:30:49:31:dd:61:00:38:33:ca:fc:5d:a4:
69:03:3e:be:17:1e:bd:dc:de:80:dc:f7:53:3d:8b:b6:f7:9c:
55:c6:2c:6f:77:0d:92:57:2f:7e:14:5f:34:97:ca:4c:10:c0:
29:38:2c:2f:44:89:77:f2:dd:e5:e2:48:75:4b:9c:1a:fe:4e:
20:21:25:f7:82:1a:77:8c:51:03:3c:0c:68:df:db:23:78:69:
7d:0e:b5:48:60:4a:27:c9:07:b4:7c:43:3d:7c:1e:50:65:a4:
01:e2:f8:76:a7:c4:37:18:ce:e7:0d:33:26:27:15:82:2c:ca:
73:40:7d:07:9b:7d:ca:69:3c:32:c7:1d:ed:18:ac:d9:35:c6:
64:79:47:05:9a:3d:3d:90:38:04:b5:90:95:06:02:9a:bb:8a:
63:e5:dd:0e:4d:d3:84:61:88:41:2f:17:f5:6b:85:78:29:1b:
0a:c2:23:0e:14:e3:3a:63:1c:67:eb:ed:c1:80:7f:2e:0f:40:
77:83:c8:60:7b:56:85:14:f6:02:54:fe:49:60:fa:16:de:b6:
a3:14:25:88:92:15:2d:24:c6:ca:4b:95:a8:6c:5b:35:92:fe:
46:6c:b0:fc:70:f9:41:51:30:73:89:2b:0c:f7:d8:e4:d7:16:
83:0f:2d:6e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUKobh9GfjSTVOfxt0uDDR5Pvhsw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA2MTMwNDU1MDFaFw0yNDA2MTEwNTAwMDFaMDMxMTAvBgNV
BAMTKDRDRTcyQjhGRDIxRTNGQTI1NTFCMDE2NTMzRjIzNzg5RkI3RUI2RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8LT+9WuyG+dyZBoGoIlVrzbth
1qEBHwYGA5iMcHY6WHZYlHxHoSNO8gsPxvNjgcVVYLw36AM82PzZh5nqU34MM58h
9cOlBx40zwExP+jOqOT5ysGf2DZQpiJywwjIvN5MUrPBiUQyfKtXBRuwk0rH+DZK
cvQFZD6PP8gZ6bMBLK27PTogrDdyg32eIKW0eMYE+Q0yQIW7mVjl4d3/7QqPU/hE
wzdqxyU/OOdv2DlyvdxE6QUR7wlEYNOMnb0QgTx9sxeKFFW+DwMyIxI2YMYirz0d
jaIGDnRAnV+sdsxZ9FraEoUvO7b3gZRbAZRoETw0bSksdTLacFnu/5vqeNMhAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUTOcrj9IeP6JVGwFlM/I3ift+ttAwHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzQyZTMwMmYz
MjMyMmQzMjMyMjAzZDNlMjAzMTM0MzIzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK0g5AwDQYJ
KoZIhvcNAQELBQADggEBAF6vKIEoCDBJMd1hADgzyvxdpGkDPr4XHr3c3oDc91M9
i7b3nFXGLG93DZJXL34UXzSXykwQwCk4LC9EiXfy3eXiSHVLnBr+TiAhJfeCGneM
UQM8DGjf2yN4aX0OtUhgSifJB7R8Qz18HlBlpAHi+HanxDcYzucNMyYnFYIsynNA
fQebfcppPDLHHe0YrNk1xmR5RwWaPT2QOAS1kJUGApq7imPl3Q5N04RhiEEvF/Vr
hXgpGwrCIw4U4zpjHGfr7cGAfy4PQHeDyGB7VoUU9gJU/klg+hbetqMUJYiSFS0k
xspLlahsWzWS/kZssPxw+UFRMHOJKwz32OTXFoMPLW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org