Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134372e302f32342d3234203d3e20313338313135.roa
File: 3138302e3133312e3134372e302f32342d3234203d3e20313338313135.roa (raw, json)
Hash identifier: KrSM/CAfGL+ZVG+d4ZyZiUpbAxqXBoHKlMcfBtzyR0M=
Subject key identifier: 99:13:1B:4E:A7:39:A9:DE:83:1E:2D:B3:0F:DD:20:52:47:A5:09:7B
Certificate issuer: /CN=B0928A45D014D8D5FAD50314E828086F12B15610
Certificate serial: 43D30F5033C12AD3449AF7444731115AD92DB867
Authority key identifier: B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134372e302f32342d3234203d3e20313338313135.roa
Signing time: Thu 07 Sep 2023 08:23:52 +0000
ROA not before: Thu 07 Sep 2023 08:18:52 +0000
ROA not after: Thu 05 Sep 2024 08:23:52 +0000
asID: 138115
IP address blocks: 180.131.147.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:d3:0f:50:33:c1:2a:d3:44:9a:f7:44:47:31:11:5a:d9:2d:b8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B0928A45D014D8D5FAD50314E828086F12B15610
Validity
Not Before: Sep 7 08:18:52 2023 GMT
Not After : Sep 5 08:23:52 2024 GMT
Subject: CN=99131B4EA739A9DE831E2DB30FDD205247A5097B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:97:d0:72:38:09:07:b0:56:ea:a2:64:bc:
6b:49:7f:ec:c6:a5:46:87:c9:d1:73:44:b0:ae:cc:
19:dd:32:7f:b0:2a:b2:72:c3:a3:7b:71:ab:73:62:
71:33:9c:a6:af:e9:0d:73:1a:a1:78:97:eb:3d:16:
82:9b:ba:af:55:a3:cb:5c:e6:75:f6:ae:a9:5b:49:
93:df:47:09:d7:47:11:7a:56:45:e3:51:f8:65:49:
1a:64:31:dd:96:a1:43:7a:9d:29:cf:bd:d7:63:5d:
a1:a9:1c:7b:c8:c5:e2:1b:41:35:16:26:00:d7:e7:
0c:9e:31:cb:44:15:91:02:02:2d:3b:71:89:f4:fd:
6f:b4:73:04:97:1e:1c:74:24:11:57:6c:c9:1b:17:
cf:4a:6d:2d:02:aa:d5:9c:ad:cc:8c:f4:2c:7e:a5:
9c:70:46:ce:d3:dc:b4:19:f0:fe:3e:9e:7b:6d:55:
1e:05:a6:bb:ac:ab:91:60:c5:5f:c9:ce:58:d9:69:
60:a9:ff:72:bc:68:98:60:ae:4f:43:9f:a6:c4:33:
e9:9b:f3:2a:07:b6:58:bc:cd:ec:fe:c2:48:00:a6:
6f:62:a8:ce:50:eb:7a:11:be:ac:87:b5:f2:ee:13:
33:cd:23:80:e2:9e:bf:91:87:aa:b1:f1:91:05:2b:
65:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:13:1B:4E:A7:39:A9:DE:83:1E:2D:B3:0F:DD:20:52:47:A5:09:7B
X509v3 Authority Key Identifier:
keyid:B0:92:8A:45:D0:14:D8:D5:FA:D5:03:14:E8:28:08:6F:12:B1:56:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/B0928A45D014D8D5FAD50314E828086F12B15610.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0928A45D014D8D5FAD50314E828086F12B15610.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7cd323be-837d-4244-846c-7d2393a9a009/0/3138302e3133312e3134372e302f32342d3234203d3e20313338313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.131.147.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cf:e0:56:24:5b:bd:df:34:6c:dd:8a:1b:fc:60:b8:93:70:
70:44:2f:79:81:af:5a:55:91:5c:72:1c:ab:6e:9f:a7:a6:e0:
09:6b:cb:f6:81:d1:69:f9:73:51:cd:b2:9e:34:fc:ee:63:9a:
34:e6:36:94:7e:2f:2f:e3:0f:73:0e:f5:5e:e4:0e:69:8c:f3:
bb:27:cd:b4:29:33:54:c9:8b:be:81:d7:dd:9e:e5:bc:4c:6c:
dc:70:1f:be:8f:43:0a:33:0b:92:42:da:fc:73:4f:4e:37:65:
10:4f:59:e1:e5:0b:03:25:dc:e3:0d:33:3c:9a:85:8d:7c:60:
42:9c:c6:f8:d6:d7:b7:78:7b:41:ed:cb:35:93:ab:53:74:ee:
3a:be:51:ef:72:f1:30:67:b5:97:06:be:be:cc:5c:31:8c:6b:
e7:c2:06:c1:8a:a0:45:fc:91:49:e3:6e:8d:ce:81:1c:78:1d:
c9:dc:38:cf:be:6e:9d:4a:96:d1:4c:2b:d1:33:31:b0:5d:80:
f1:a1:f9:7a:f1:2c:13:92:d7:31:fa:bd:2c:4b:b0:8b:fd:4d:
1e:bc:e8:c8:83:47:f3:dc:9e:47:3d:05:e5:1e:bf:41:9b:e6:
cf:49:28:29:14:e0:fa:d2:82:fb:df:25:ba:66:45:2a:63:50:
23:66:c6:ac
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUQ9MPUDPBKtNEmvdERzERWtktuGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYx
MkIxNTYxMDAeFw0yMzA5MDcwODE4NTJaFw0yNDA5MDUwODIzNTJaMDMxMTAvBgNV
BAMTKDk5MTMxQjRFQTczOUE5REU4MzFFMkRCMzBGREQyMDUyNDdBNTA5N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtVJfQcjgJB7BW6qJkvGtJf+zG
pUaHydFzRLCuzBndMn+wKrJyw6N7catzYnEznKav6Q1zGqF4l+s9FoKbuq9Vo8tc
5nX2rqlbSZPfRwnXRxF6VkXjUfhlSRpkMd2WoUN6nSnPvddjXaGpHHvIxeIbQTUW
JgDX5wyeMctEFZECAi07cYn0/W+0cwSXHhx0JBFXbMkbF89KbS0CqtWcrcyM9Cx+
pZxwRs7T3LQZ8P4+nnttVR4Fprusq5FgxV/JzljZaWCp/3K8aJhgrk9Dn6bEM+mb
8yoHtli8zez+wkgApm9iqM5Q63oRvqyHtfLuEzPNI4Dinr+Rh6qx8ZEFK2X/AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUmRMbTqc5qd6DHi2zD90gUkelCXswHwYDVR0j
BBgwFoAUsJKKRdAU2NX61QMU6CgIbxKxVhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
Y2QzMjNiZS04MzdkLTQyNDQtODQ2Yy03ZDIzOTNhOWEwMDkvMC9CMDkyOEE0NUQw
MTREOEQ1RkFENTAzMTRFODI4MDg2RjEyQjE1NjEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjA5MjhBNDVEMDE0RDhENUZBRDUwMzE0RTgyODA4NkYxMkIx
NTYxMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjZDMyM2JlLTgzN2QtNDI0NC04
NDZjLTdkMjM5M2E5YTAwOS8wLzMxMzgzMDJlMzEzMzMxMmUzMTM0MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMTMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC0g5MwDQYJ
KoZIhvcNAQELBQADggEBADvP4FYkW73fNGzdihv8YLiTcHBEL3mBr1pVkVxyHKtu
n6em4Alry/aB0Wn5c1HNsp40/O5jmjTmNpR+Ly/jD3MO9V7kDmmM87snzbQpM1TJ
i76B192e5bxMbNxwH76PQwozC5JC2vxzT043ZRBPWeHlCwMl3OMNMzyahY18YEKc
xvjW17d4e0HtyzWTq1N07jq+Ue9y8TBntZcGvr7MXDGMa+fCBsGKoEX8kUnjbo3O
gRx4HcncOM++bp1KltFMK9EzMbBdgPGh+XrxLBOS1zH6vSxLsIv9TR686MiDR/Pc
nkc9BeUev0Gb5s9JKCkU4PrSgvvfJbpmRSpjUCNmxqw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org