Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134362e302f32332d3233203d3e20313432333832.roa
File: 3138302e3133312e3134362e302f32332d3233203d3e20313432333832.roa (raw, json)
Hash identifier: TNsAr6oG/J0Aj/oYk0OMq3uCiVIbApege+Acf90CWso=
Subject key identifier: 5D:68:CC:3F:45:9B:A2:07:BA:22:8E:09:C2:F1:85:1C:D7:33:CB:03
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 2C170A795F38DD7EE0E4E4EAD947885194102781
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134362e302f32332d3233203d3e20313432333832.roa
Signing time: Tue 13 Jun 2023 05:00:01 +0000
ROA not before: Tue 13 Jun 2023 04:55:01 +0000
ROA not after: Tue 11 Jun 2024 05:00:01 +0000
asID: 142382
IP address blocks: 180.131.146.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:17:0a:79:5f:38:dd:7e:e0:e4:e4:ea:d9:47:88:51:94:10:27:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Jun 13 04:55:01 2023 GMT
Not After : Jun 11 05:00:01 2024 GMT
Subject: CN=5D68CC3F459BA207BA228E09C2F1851CD733CB03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b3:0e:94:a0:6d:03:d4:5a:c8:f1:c2:72:0f:
f4:09:27:5e:a2:e6:cf:e0:8c:c4:40:06:98:cf:0d:
88:51:49:83:d3:33:33:37:53:ed:2d:2e:ea:23:7c:
e8:d4:34:7d:2e:5b:4a:c2:6f:97:d8:c6:c5:a3:95:
9d:86:e3:e3:16:f2:6f:7c:24:73:0c:4a:d8:c9:40:
d7:3e:d4:51:fc:30:71:77:d1:03:42:73:21:eb:bc:
c4:c1:18:8d:51:bc:7e:30:21:85:15:3d:19:f9:65:
dd:1b:34:c5:08:c0:36:06:64:ef:76:e5:25:3d:41:
e0:e3:e6:99:ad:c0:99:06:4a:31:0c:e6:42:30:07:
c5:22:34:39:f1:da:cb:4a:9d:d5:3c:00:3b:90:2f:
2c:da:5c:45:05:f9:63:47:45:49:e1:47:1f:48:ab:
c0:62:c3:24:bb:48:19:78:33:3c:68:2e:d9:c6:13:
4e:8c:47:49:40:55:31:7a:18:19:c3:a0:83:ee:3b:
49:3e:99:ed:31:80:dc:bb:eb:4c:48:ae:95:36:07:
54:de:61:bd:d0:90:5a:8d:80:66:3f:46:0c:60:31:
97:cd:2c:30:c6:c1:e9:a6:01:0a:38:7b:fa:e7:72:
97:38:0d:91:3a:2d:39:bd:6c:d8:c5:bb:f1:5c:6e:
ed:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:68:CC:3F:45:9B:A2:07:BA:22:8E:09:C2:F1:85:1C:D7:33:CB:03
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134362e302f32332d3233203d3e20313432333832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.146.0/23
Signature Algorithm: sha256WithRSAEncryption
48:18:a3:4a:49:14:c5:7d:e0:4f:01:06:f3:47:51:f8:fc:49:
c9:e3:b2:84:8c:69:6a:f4:b4:17:fb:28:af:f0:50:72:09:59:
a3:62:10:9f:ee:c7:dd:fa:01:a2:da:b6:09:d4:e7:80:42:37:
34:ee:83:5f:4c:fb:3b:36:cc:4d:f4:8b:4b:d6:75:b7:c5:5a:
f2:94:40:a3:dd:da:ac:75:2e:bc:fd:4a:bd:56:2e:c5:95:9b:
09:dc:0f:14:3f:10:d8:56:87:5f:36:aa:fc:53:6e:d4:f7:38:
c3:3a:c1:d2:f2:b6:cc:e2:67:2d:23:2e:fc:83:4c:bc:4e:43:
50:79:a6:25:90:b2:27:b6:47:f2:50:64:a7:64:cf:35:82:33:
1e:06:ab:e5:c7:1f:2a:b0:73:c5:b4:fb:1b:86:56:91:b1:af:
5a:8c:49:ab:b0:3c:b2:c7:ea:e0:ba:16:c0:3a:ac:88:91:45:
be:a4:4f:ab:b3:b0:ac:af:91:19:9a:e9:18:bf:72:de:16:85:
78:74:ec:09:68:b6:35:78:a3:b0:ae:b2:e8:2d:36:0b:e4:de:
d1:1b:41:40:5e:83:79:fe:a2:17:81:25:85:eb:91:8e:b7:d7:
fd:1e:01:37:6a:50:e4:76:81:b3:26:03:32:f4:37:5b:07:11:
28:51:16:ab
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIULBcKeV843X7g5OTq2UeIUZQQJ4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA2MTMwNDU1MDFaFw0yNDA2MTEwNTAwMDFaMDMxMTAvBgNV
BAMTKDVENjhDQzNGNDU5QkEyMDdCQTIyOEUwOUMyRjE4NTFDRDczM0NCMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/sw6UoG0D1FrI8cJyD/QJJ16i
5s/gjMRABpjPDYhRSYPTMzM3U+0tLuojfOjUNH0uW0rCb5fYxsWjlZ2G4+MW8m98
JHMMStjJQNc+1FH8MHF30QNCcyHrvMTBGI1RvH4wIYUVPRn5Zd0bNMUIwDYGZO92
5SU9QeDj5pmtwJkGSjEM5kIwB8UiNDnx2stKndU8ADuQLyzaXEUF+WNHRUnhRx9I
q8BiwyS7SBl4MzxoLtnGE06MR0lAVTF6GBnDoIPuO0k+me0xgNy760xIrpU2B1Te
Yb3QkFqNgGY/RgxgMZfNLDDGwemmAQo4e/rncpc4DZE6LTm9bNjFu/Fcbu2RAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUXWjMP0Wboge6Io4JwvGFHNczywMwHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzYyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzIzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG0g5IwDQYJ
KoZIhvcNAQELBQADggEBAEgYo0pJFMV94E8BBvNHUfj8ScnjsoSMaWr0tBf7KK/w
UHIJWaNiEJ/ux936AaLatgnU54BCNzTug19M+zs2zE30i0vWdbfFWvKUQKPd2qx1
Lrz9Sr1WLsWVmwncDxQ/ENhWh182qvxTbtT3OMM6wdLytsziZy0jLvyDTLxOQ1B5
piWQsie2R/JQZKdkzzWCMx4Gq+XHHyqwc8W0+xuGVpGxr1qMSauwPLLH6uC6FsA6
rIiRRb6kT6uzsKyvkRma6Ri/ct4WhXh07AlotjV4o7CusugtNgvk3tEbQUBeg3n+
oheBJYXrkY631/0eATdqUOR2gbMmAzL0N1sHEShRFqs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org