Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32332d3233203d3e20313432333832.roa
File: 3138302e3133312e3134342e302f32332d3233203d3e20313432333832.roa (raw, json)
Hash identifier: nXprz3xCgCOOvCAWBitKiXWM0JRFcyYVm52nDATou8g=
Subject key identifier: E2:81:44:89:F2:4D:8C:01:16:5D:CA:3C:44:8B:45:D1:4B:0C:35:00
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 639663F5EDEFF0CAD1D6998427741DA634C45911
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32332d3233203d3e20313432333832.roa
Signing time: Tue 13 Jun 2023 05:00:00 +0000
ROA not before: Tue 13 Jun 2023 04:55:00 +0000
ROA not after: Tue 11 Jun 2024 05:00:00 +0000
asID: 142382
IP address blocks: 180.131.144.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:96:63:f5:ed:ef:f0:ca:d1:d6:99:84:27:74:1d:a6:34:c4:59:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Jun 13 04:55:00 2023 GMT
Not After : Jun 11 05:00:00 2024 GMT
Subject: CN=E2814489F24D8C01165DCA3C448B45D14B0C3500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:01:f4:e8:21:92:81:38:1c:33:2a:53:3b:
ab:74:84:cd:6d:12:ce:0c:67:67:b8:da:8d:01:84:
02:3d:6a:76:80:50:39:56:06:c3:f5:3a:6c:23:94:
07:89:92:c0:a0:6f:51:f1:e2:5a:20:84:73:f7:a2:
7a:bb:37:78:5d:c5:19:a1:2e:58:73:c7:bb:45:66:
d6:9d:28:b6:92:23:7d:da:cf:a4:ab:af:02:da:29:
b3:93:bf:0b:28:35:81:7d:89:f3:11:9c:b2:1b:2c:
b4:58:19:c2:c8:00:59:c5:cc:46:2c:3a:fe:89:8f:
5d:d5:4b:18:30:32:87:de:4a:d4:fa:5c:6b:89:cb:
1d:0e:61:a6:f7:c8:2c:68:e4:c0:a7:70:7e:49:4c:
56:50:19:d4:2e:5d:ac:1e:c9:0f:cf:ce:3e:ef:3a:
99:eb:60:8d:65:aa:8c:66:c0:95:3c:b9:1b:a4:93:
62:be:0f:c8:73:68:71:a3:84:a0:aa:36:7f:c6:62:
e8:35:5b:56:19:a7:2a:1f:25:2b:13:ee:7e:a8:25:
aa:97:9e:09:ec:1e:29:74:3f:b2:1b:df:e2:c9:97:
f3:95:d0:14:24:9a:fb:2d:88:da:f9:f7:32:2d:c7:
91:f7:aa:6c:bb:31:5a:3e:32:d2:40:70:46:35:22:
0f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:81:44:89:F2:4D:8C:01:16:5D:CA:3C:44:8B:45:D1:4B:0C:35:00
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32332d3233203d3e20313432333832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.144.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:59:08:95:62:4e:1f:37:fb:f4:dc:d0:ee:f8:7a:f6:5c:d2:
f8:f1:43:69:44:e6:93:10:94:45:3b:c8:56:b9:76:13:8c:00:
6e:b9:6b:52:67:b9:80:25:c3:c4:b1:3c:0d:be:8d:9a:60:49:
aa:29:46:91:9a:1a:62:82:d6:0f:94:7c:b9:f3:22:e3:19:e0:
fa:33:ce:03:19:0e:bc:47:6d:c5:0e:5e:16:05:34:c2:39:d0:
9c:8a:b6:bf:71:4d:a2:a5:99:88:7f:07:97:1a:12:24:fc:af:
df:fb:ab:14:0f:40:d0:c5:d9:39:9d:d4:e6:85:c3:15:90:e4:
11:d2:27:aa:a9:35:79:7d:e5:ed:f2:ea:0a:02:e7:e0:53:95:
9a:00:cc:11:a9:35:82:98:67:e7:03:ff:66:75:ed:59:ca:50:
81:88:4c:11:6f:af:3d:ed:82:b0:4f:80:61:63:bf:48:b7:96:
17:1f:00:02:c1:98:0b:db:f3:4b:a5:6e:54:ae:aa:28:9f:bd:
e1:50:43:bc:f0:f3:69:49:f2:02:6f:58:53:6f:b8:6e:b5:81:
96:b2:e1:28:01:7f:d4:51:e0:75:23:b1:f9:8a:4d:7d:ed:c8:
51:76:ca:c5:3c:cc:50:06:eb:f7:5c:7d:54:48:7f:57:93:49:
dc:c0:34:c5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUY5Zj9e3v8MrR1pmEJ3QdpjTEWREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA2MTMwNDU1MDBaFw0yNDA2MTEwNTAwMDBaMDMxMTAvBgNV
BAMTKEUyODE0NDg5RjI0RDhDMDExNjVEQ0EzQzQ0OEI0NUQxNEIwQzM1MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnHAH06CGSgTgcMypTO6t0hM1t
Es4MZ2e42o0BhAI9anaAUDlWBsP1OmwjlAeJksCgb1Hx4loghHP3onq7N3hdxRmh
Llhzx7tFZtadKLaSI33az6SrrwLaKbOTvwsoNYF9ifMRnLIbLLRYGcLIAFnFzEYs
Ov6Jj13VSxgwMofeStT6XGuJyx0OYab3yCxo5MCncH5JTFZQGdQuXaweyQ/Pzj7v
OpnrYI1lqoxmwJU8uRukk2K+D8hzaHGjhKCqNn/GYug1W1YZpyofJSsT7n6oJaqX
ngnsHil0P7Ib3+LJl/OV0BQkmvstiNr59zItx5H3qmy7MVo+MtJAcEY1Ig/fAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU4oFEifJNjAEWXco8RItF0UsMNQAwHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzQyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzIzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG0g5AwDQYJ
KoZIhvcNAQELBQADggEBAKhZCJViTh83+/Tc0O74evZc0vjxQ2lE5pMQlEU7yFa5
dhOMAG65a1JnuYAlw8SxPA2+jZpgSaopRpGaGmKC1g+UfLnzIuMZ4PozzgMZDrxH
bcUOXhYFNMI50JyKtr9xTaKlmYh/B5caEiT8r9/7qxQPQNDF2Tmd1OaFwxWQ5BHS
J6qpNXl95e3y6goC5+BTlZoAzBGpNYKYZ+cD/2Z17VnKUIGITBFvrz3tgrBPgGFj
v0i3lhcfAALBmAvb80ulblSuqiifveFQQ7zw82lJ8gJvWFNvuG61gZay4SgBf9RR
4HUjsfmKTX3tyFF2ysU8zFAG6/dcfVRIf1eTSdzANMU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org