Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134352e302f32342d3234203d3e20313338313135.roa
File: 3138302e3133312e3134352e302f32342d3234203d3e20313338313135.roa (raw, json)
Hash identifier: 2hS1PHDAQ01ZpDqHPmGdx4Shz8kp3+B1B7iLlfBPsxw=
Subject key identifier: B2:88:E0:A3:6D:40:E7:92:17:36:DC:AA:52:BC:6D:94:12:27:B0:00
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 735BEF90FFA81B461C7566D39CC2F2F297BDC768
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134352e302f32342d3234203d3e20313338313135.roa
Signing time: Thu 07 Sep 2023 08:22:33 +0000
ROA not before: Thu 07 Sep 2023 08:17:33 +0000
ROA not after: Thu 05 Sep 2024 08:22:33 +0000
asID: 138115
IP address blocks: 180.131.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:5b:ef:90:ff:a8:1b:46:1c:75:66:d3:9c:c2:f2:f2:97:bd:c7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Sep 7 08:17:33 2023 GMT
Not After : Sep 5 08:22:33 2024 GMT
Subject: CN=B288E0A36D40E7921736DCAA52BC6D941227B000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:96:5f:5b:a2:6e:ce:04:50:a3:bb:a7:e8:a2:
79:51:45:9f:4f:5a:0f:75:3d:df:85:57:a4:75:38:
29:58:60:13:ad:2f:99:82:6d:47:42:44:ee:2f:bd:
7f:9a:e4:6e:f2:4c:62:bd:b3:67:71:01:e1:2c:d3:
8a:9b:b4:39:f1:c5:5a:f6:3c:81:71:32:0e:b4:cc:
8d:41:c2:45:99:34:b7:00:e6:37:7a:fb:2d:c8:fe:
73:ee:38:01:df:69:bc:35:c0:c3:a0:07:db:19:77:
48:67:88:7d:09:0f:0d:e7:ce:09:be:e5:19:dc:ab:
6f:64:38:1c:f5:ed:eb:1a:95:df:3a:81:8d:d8:ef:
3e:f2:6e:73:0c:7b:43:92:1e:08:5a:88:c8:ab:fd:
24:e8:67:f9:8a:ab:71:d4:a9:96:50:cc:6c:e7:92:
ea:25:33:ed:e6:cb:e4:95:26:77:7f:43:44:d8:dd:
93:6f:58:00:62:73:99:e1:49:fd:50:98:67:07:1d:
86:cc:8f:16:30:18:9f:64:61:f2:9b:c1:ae:8d:30:
ab:43:13:2f:55:50:09:49:dd:33:ed:e5:08:50:35:
f0:bf:25:62:93:63:5d:fc:cf:a7:d7:fa:ad:f6:71:
da:51:78:24:03:7c:85:31:fb:3d:e9:81:48:64:5c:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:88:E0:A3:6D:40:E7:92:17:36:DC:AA:52:BC:6D:94:12:27:B0:00
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134352e302f32342d3234203d3e20313338313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:9b:cd:50:03:0c:f9:7c:84:f6:46:26:d6:ba:92:9f:bb:6f:
2c:b5:33:b5:ed:52:b3:e0:45:71:f2:fe:b6:a2:6d:79:0c:e3:
d1:eb:74:f1:63:43:8d:21:1c:39:1a:ca:5a:f6:89:77:6d:d9:
5f:56:8e:4b:61:23:23:65:d4:ec:cb:90:fd:eb:f6:4f:f3:8f:
bd:d1:cb:58:aa:d3:43:32:70:66:6a:06:7e:3f:f4:2f:62:89:
47:70:6b:28:16:26:47:84:60:86:20:52:64:ad:3c:6d:f7:b0:
b2:0a:f8:f5:d5:ad:8a:ba:03:e6:8d:1e:b2:7b:de:25:49:d8:
37:61:c4:d1:2a:45:6f:7f:3b:cd:82:c2:df:6a:6c:91:3e:e9:
38:96:e7:0c:70:2a:9e:76:b6:71:fa:55:75:fb:0e:ce:d9:e0:
c0:9f:82:53:4d:b1:68:43:2f:8e:63:e3:f0:9e:16:48:a4:60:
3a:93:8d:80:ad:c7:18:5c:1c:d7:00:d1:63:dd:d6:32:7e:ab:
68:39:db:83:f6:ce:bd:a7:b5:26:14:30:6a:da:de:aa:52:f7:
0f:07:29:6e:b8:44:2c:dc:ce:82:f7:bb:9d:58:b2:97:33:a9:
a0:9e:bc:8e:db:ca:86:49:45:66:32:eb:4d:64:2f:40:08:4d:
e5:aa:d2:6d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUc1vvkP+oG0YcdWbTnMLy8pe9x2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA5MDcwODE3MzNaFw0yNDA5MDUwODIyMzNaMDMxMTAvBgNV
BAMTKEIyODhFMEEzNkQ0MEU3OTIxNzM2RENBQTUyQkM2RDk0MTIyN0IwMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsll9bom7OBFCju6foonlRRZ9P
Wg91Pd+FV6R1OClYYBOtL5mCbUdCRO4vvX+a5G7yTGK9s2dxAeEs04qbtDnxxVr2
PIFxMg60zI1BwkWZNLcA5jd6+y3I/nPuOAHfabw1wMOgB9sZd0hniH0JDw3nzgm+
5Rncq29kOBz17esald86gY3Y7z7ybnMMe0OSHghaiMir/SToZ/mKq3HUqZZQzGzn
kuolM+3my+SVJnd/Q0TY3ZNvWABic5nhSf1QmGcHHYbMjxYwGJ9kYfKbwa6NMKtD
Ey9VUAlJ3TPt5QhQNfC/JWKTY138z6fX+q32cdpReCQDfIUx+z3pgUhkXM7XAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUsojgo21A55IXNtyqUrxtlBInsAAwHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMTMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC0g5EwDQYJ
KoZIhvcNAQELBQADggEBAKmbzVADDPl8hPZGJta6kp+7byy1M7XtUrPgRXHy/rai
bXkM49HrdPFjQ40hHDkaylr2iXdt2V9WjkthIyNl1OzLkP3r9k/zj73Ry1iq00My
cGZqBn4/9C9iiUdwaygWJkeEYIYgUmStPG33sLIK+PXVrYq6A+aNHrJ73iVJ2Ddh
xNEqRW9/O82Cwt9qbJE+6TiW5wxwKp52tnH6VXX7Ds7Z4MCfglNNsWhDL45j4/Ce
FkikYDqTjYCtxxhcHNcA0WPd1jJ+q2g524P2zr2ntSYUMGra3qpS9w8HKW64RCzc
zoL3u51YspczqaCevI7byoZJRWYy601kL0AITeWq0m0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:41 2024 by rpki-client on console-ams.rpki-client.org