Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32342d3234203d3e20313338313135.roa
File: 3138302e3133312e3134342e302f32342d3234203d3e20313338313135.roa (raw, json)
Hash identifier: zsE3tD/2jEECRXrVPRv9tr1yP5/GaUwnQHobbTIaUAk=
Subject key identifier: 78:0C:E1:2F:AD:54:EF:45:87:63:D2:6A:AE:5E:07:D4:77:35:0D:CC
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 7EF1DF7232F0D83C079A5AEBA225CE7DE5C5EB9B
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32342d3234203d3e20313338313135.roa
Signing time: Thu 07 Sep 2023 08:22:11 +0000
ROA not before: Thu 07 Sep 2023 08:17:11 +0000
ROA not after: Thu 05 Sep 2024 08:22:11 +0000
asID: 138115
IP address blocks: 180.131.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:f1:df:72:32:f0:d8:3c:07:9a:5a:eb:a2:25:ce:7d:e5:c5:eb:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Sep 7 08:17:11 2023 GMT
Not After : Sep 5 08:22:11 2024 GMT
Subject: CN=780CE12FAD54EF458763D26AAE5E07D477350DCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fd:47:d8:9d:23:6f:21:b9:d8:71:8c:88:6b:
ac:2d:a2:45:3a:a0:21:1a:37:0b:bd:d8:d8:8b:8c:
8e:9e:df:10:d5:31:d5:f1:0f:26:e6:68:b5:88:55:
06:0e:aa:01:15:2b:b8:2a:fc:dc:c6:51:94:a2:88:
dd:7d:1f:66:bb:57:dd:87:ea:b5:7c:bf:8b:06:78:
29:0f:2e:f3:c1:41:91:d3:7b:4f:0a:52:37:bf:82:
d8:fb:80:d5:40:8f:f6:8b:ac:02:b4:bd:5d:c5:d0:
6b:02:81:f1:09:d8:9b:b1:52:1c:b5:22:c7:43:73:
84:0b:2d:6f:69:bf:e2:f5:e2:a1:4f:5f:f9:a6:8b:
6f:00:95:03:b7:1a:8c:a8:e4:fe:33:16:76:18:99:
fc:81:1a:2d:86:bc:51:9b:3f:ce:9b:45:97:89:76:
03:fb:fd:01:7c:a6:fb:e0:3e:4e:2f:8c:ea:d8:57:
5a:f3:8d:75:63:27:07:f4:49:0f:68:18:f4:82:12:
dd:44:1b:b9:76:1c:cb:32:c5:4a:f3:63:9a:5c:e2:
29:a0:d0:ae:75:86:e5:2b:04:6b:8c:d2:b7:89:aa:
ac:b0:04:9f:98:fb:fa:62:e0:d2:eb:a5:91:67:10:
7c:c8:97:e0:11:7d:ea:b5:5b:c0:a3:ec:99:55:74:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:0C:E1:2F:AD:54:EF:45:87:63:D2:6A:AE:5E:07:D4:77:35:0D:CC
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134342e302f32342d3234203d3e20313338313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.144.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ba:f2:75:4c:36:62:71:09:83:e3:77:49:b7:0a:53:f3:1c:
80:d9:b8:98:6a:43:3b:32:f9:e9:45:f7:f0:15:7a:2c:89:96:
b7:65:5f:da:6e:b0:d9:b3:8e:fb:9f:1e:0f:d2:c1:b6:96:cb:
e0:0b:72:71:bd:8a:8c:0f:01:65:9c:9b:99:63:aa:31:18:f8:
3d:9c:9c:86:46:56:27:fa:80:50:f9:17:66:a6:7c:9a:d5:35:
3f:53:9e:a7:dc:00:f9:4d:1c:7b:79:f1:a1:43:b9:7f:f0:95:
9f:bc:c5:17:26:5d:c5:57:93:30:bc:14:b1:3b:9d:48:94:6d:
44:35:3a:05:f1:ec:cd:b1:97:40:07:1c:50:b5:46:1d:22:db:
ce:af:07:44:85:1c:62:3a:3b:a0:b3:0a:de:5e:d9:71:9f:fb:
ce:ff:32:4a:c2:92:52:e7:04:e3:58:76:71:f1:4f:8d:f2:b3:
29:a6:69:e4:84:aa:90:34:04:21:69:2e:74:71:ba:44:b7:99:
ec:93:7b:2f:14:e9:77:46:5e:74:4c:6d:cd:53:26:c4:49:f5:
31:05:d5:c3:58:c4:a0:0e:6a:4f:68:da:25:f6:67:65:77:53:
69:e8:9e:69:f1:cf:21:3d:b1:09:38:5e:d0:29:b3:d0:c7:15:
2f:21:03:4e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUfvHfcjLw2DwHmlrroiXOfeXF65swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA5MDcwODE3MTFaFw0yNDA5MDUwODIyMTFaMDMxMTAvBgNV
BAMTKDc4MENFMTJGQUQ1NEVGNDU4NzYzRDI2QUFFNUUwN0Q0NzczNTBEQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK/UfYnSNvIbnYcYyIa6wtokU6
oCEaNwu92NiLjI6e3xDVMdXxDybmaLWIVQYOqgEVK7gq/NzGUZSiiN19H2a7V92H
6rV8v4sGeCkPLvPBQZHTe08KUje/gtj7gNVAj/aLrAK0vV3F0GsCgfEJ2JuxUhy1
IsdDc4QLLW9pv+L14qFPX/mmi28AlQO3Goyo5P4zFnYYmfyBGi2GvFGbP86bRZeJ
dgP7/QF8pvvgPk4vjOrYV1rzjXVjJwf0SQ9oGPSCEt1EG7l2HMsyxUrzY5pc4img
0K51huUrBGuM0reJqqywBJ+Y+/pi4NLrpZFnEHzIl+ARfeq1W8Cj7JlVdBIRAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUeAzhL61U70WHY9Jqrl4H1Hc1DcwwHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMTMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC0g5AwDQYJ
KoZIhvcNAQELBQADggEBAFC68nVMNmJxCYPjd0m3ClPzHIDZuJhqQzsy+elF9/AV
eiyJlrdlX9pusNmzjvufHg/SwbaWy+ALcnG9iowPAWWcm5ljqjEY+D2cnIZGVif6
gFD5F2amfJrVNT9TnqfcAPlNHHt58aFDuX/wlZ+8xRcmXcVXkzC8FLE7nUiUbUQ1
OgXx7M2xl0AHHFC1Rh0i286vB0SFHGI6O6CzCt5e2XGf+87/MkrCklLnBONYdnHx
T43ysymmaeSEqpA0BCFpLnRxukS3meyTey8U6XdGXnRMbc1TJsRJ9TEF1cNYxKAO
ak9o2iX2Z2V3U2nonmnxzyE9sQk4XtAps9DHFS8hA04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:41 2024 by rpki-client on console-ams.rpki-client.org