Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/bba97b0b-39ae-4c2c-b13b-01e395b7a24b/0/323030313a6466343a633838303a3a2f34382d3438203d3e20313431303538.roa
File: 323030313a6466343a633838303a3a2f34382d3438203d3e20313431303538.roa (raw, json)
Hash identifier: 5Nuk9tnMKksn1e4E39izHkOqt5JUls3NSPXIShafIW0=
Subject key identifier: 1E:D9:08:D7:1A:FA:65:B9:95:48:22:56:C3:90:BD:8D:E7:E3:0B:58
Certificate issuer: /CN=B2A761D61CBF024F24CD3A18BE96E58F7ED6C909
Certificate serial: 4DF026D77C7D4F6308D97B06300C7560D3D214C3
Authority key identifier: B2:A7:61:D6:1C:BF:02:4F:24:CD:3A:18:BE:96:E5:8F:7E:D6:C9:09
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B2A761D61CBF024F24CD3A18BE96E58F7ED6C909.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/bba97b0b-39ae-4c2c-b13b-01e395b7a24b/0/323030313a6466343a633838303a3a2f34382d3438203d3e20313431303538.roa
Signing time: Wed 20 Mar 2024 23:56:04 +0000
ROA not before: Wed 20 Mar 2024 23:51:04 +0000
ROA not after: Wed 19 Mar 2025 23:56:04 +0000
asID: 141058
IP address blocks: 2001:df4:c880::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:f0:26:d7:7c:7d:4f:63:08:d9:7b:06:30:0c:75:60:d3:d2:14:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B2A761D61CBF024F24CD3A18BE96E58F7ED6C909
Validity
Not Before: Mar 20 23:51:04 2024 GMT
Not After : Mar 19 23:56:04 2025 GMT
Subject: CN=1ED908D71AFA65B995482256C390BD8DE7E30B58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:37:72:95:46:fe:96:42:73:a8:75:67:4b:21:
83:1c:b5:98:81:9e:1f:3b:0e:12:a8:f4:09:03:ac:
fe:72:1a:dd:f2:cc:3f:56:5b:f2:ee:35:dd:ab:7b:
cd:e7:0d:9d:7b:b5:9b:ff:81:25:9f:53:c5:45:1e:
52:c2:c2:4b:27:0d:6a:5a:83:dc:b4:84:c8:d9:eb:
74:07:b5:e5:ec:1c:7e:6b:9d:60:de:0a:79:d1:72:
84:39:f9:69:23:ee:51:a7:0a:5e:e8:fa:9c:08:f9:
89:75:df:1f:bb:60:89:0b:da:9e:94:c4:a2:38:01:
52:01:98:c8:15:54:29:c9:13:7b:55:a5:9c:12:19:
5b:86:22:0d:12:dd:a4:30:41:1f:7a:6d:b8:4f:c2:
34:2f:09:6f:b2:db:ff:b3:12:b2:18:bc:e3:8e:ab:
3e:22:cb:73:c0:84:24:07:a5:d6:6f:b3:66:a4:1c:
23:22:06:a7:91:b4:8f:d8:c0:30:fe:9b:ce:ee:b8:
8a:cb:06:b7:61:e7:35:16:1b:b4:09:a7:53:66:ed:
84:d1:bc:17:26:63:c1:20:6a:87:80:3d:8a:2e:17:
a7:8a:d2:01:5a:3c:0d:fd:fc:c4:08:64:8c:53:ed:
ba:c3:44:c2:9b:0d:16:d6:2d:0e:bd:96:25:a6:5c:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D9:08:D7:1A:FA:65:B9:95:48:22:56:C3:90:BD:8D:E7:E3:0B:58
X509v3 Authority Key Identifier:
keyid:B2:A7:61:D6:1C:BF:02:4F:24:CD:3A:18:BE:96:E5:8F:7E:D6:C9:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/bba97b0b-39ae-4c2c-b13b-01e395b7a24b/0/B2A761D61CBF024F24CD3A18BE96E58F7ED6C909.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B2A761D61CBF024F24CD3A18BE96E58F7ED6C909.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bba97b0b-39ae-4c2c-b13b-01e395b7a24b/0/323030313a6466343a633838303a3a2f34382d3438203d3e20313431303538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:c880::/48
Signature Algorithm: sha256WithRSAEncryption
b4:55:89:c1:70:d6:6a:80:9e:71:a8:40:c5:b1:48:25:9d:e1:
72:d2:59:78:26:cc:db:2d:95:36:3b:d9:d6:25:84:4c:da:9a:
c3:e8:e3:59:d5:48:98:ac:02:8a:26:9a:fc:ad:f3:80:e0:a8:
07:58:36:ef:38:7b:18:1b:7b:27:47:5e:07:8c:6b:96:05:9c:
1c:1d:f5:34:e6:64:e2:63:e8:dd:a6:5c:86:c9:34:d2:66:7b:
36:b5:4c:7c:84:47:59:73:13:cb:18:77:2c:f1:ba:ef:11:89:
5e:22:d9:33:12:6d:08:0d:e3:3a:cf:33:84:a2:d8:ff:1f:fe:
b2:6f:1e:c6:bc:89:c7:7f:d4:73:5e:0f:18:a2:8e:b3:ec:e8:
be:5f:6b:6d:fa:1e:de:da:f6:17:91:8d:f7:a2:7a:32:9a:cf:
40:bf:23:c2:28:cb:53:d6:0b:fb:c4:ea:9b:a3:5c:28:b9:ee:
56:9a:03:c7:21:50:b5:11:ea:23:0b:6c:3a:12:4e:c9:5b:ee:
6d:38:d4:ad:19:d7:98:3b:3d:52:c1:2d:94:1a:e6:cd:40:b2:
e1:89:1b:8e:a6:9c:e4:d9:66:41:f3:85:6d:83:a5:37:ae:e3:
44:98:16:a6:67:6e:82:23:02:74:5f:63:00:ac:cd:a3:c8:d6:
3d:3e:26:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTfAm13x9T2MI2XsGMAx1YNPSFMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjJBNzYxRDYxQ0JGMDI0RjI0Q0QzQTE4QkU5NkU1OEY3
RUQ2QzkwOTAeFw0yNDAzMjAyMzUxMDRaFw0yNTAzMTkyMzU2MDRaMDMxMTAvBgNV
BAMTKDFFRDkwOEQ3MUFGQTY1Qjk5NTQ4MjI1NkMzOTBCRDhERTdFMzBCNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFN3KVRv6WQnOodWdLIYMctZiB
nh87DhKo9AkDrP5yGt3yzD9WW/LuNd2re83nDZ17tZv/gSWfU8VFHlLCwksnDWpa
g9y0hMjZ63QHteXsHH5rnWDeCnnRcoQ5+Wkj7lGnCl7o+pwI+Yl13x+7YIkL2p6U
xKI4AVIBmMgVVCnJE3tVpZwSGVuGIg0S3aQwQR96bbhPwjQvCW+y2/+zErIYvOOO
qz4iy3PAhCQHpdZvs2akHCMiBqeRtI/YwDD+m87uuIrLBrdh5zUWG7QJp1Nm7YTR
vBcmY8EgaoeAPYouF6eK0gFaPA39/MQIZIxT7brDRMKbDRbWLQ69liWmXFiFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHtkI1xr6ZbmVSCJWw5C9jefjC1gwHwYDVR0j
BBgwFoAUsqdh1hy/Ak8kzToYvpblj37WyQkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
YmE5N2IwYi0zOWFlLTRjMmMtYjEzYi0wMWUzOTViN2EyNGIvMC9CMkE3NjFENjFD
QkYwMjRGMjRDRDNBMThCRTk2RTU4RjdFRDZDOTA5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjJBNzYxRDYxQ0JGMDI0RjI0Q0QzQTE4QkU5NkU1OEY3RUQ2
QzkwOS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiYTk3YjBiLTM5YWUtNGMyYy1i
MTNiLTAxZTM5NWI3YTI0Yi8wLzMyMzAzMDMxM2E2NDY2MzQzYTYzMzgzODMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMxMzAzNTM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9MiAMA0GCSqGSIb3DQEBCwUAA4IBAQC0VYnBcNZqgJ5xqEDFsUglneFy0ll4Jszb
LZU2O9nWJYRM2prD6ONZ1UiYrAKKJpr8rfOA4KgHWDbvOHsYG3snR14HjGuWBZwc
HfU05mTiY+jdplyGyTTSZns2tUx8hEdZcxPLGHcs8brvEYleItkzEm0IDeM6zzOE
otj/H/6ybx7GvInHf9RzXg8Yoo6z7Oi+X2tt+h7e2vYXkY33onoyms9AvyPCKMtT
1gv7xOqbo1woue5WmgPHIVC1EeojC2w6Ek7JW+5tONStGdeYOz1SwS2UGubNQLLh
iRuOppzk2WZB84Vtg6U3ruNEmBamZ26CIwJ0X2MArM2jyNY9PiaD
-----END CERTIFICATE-----
Generated at Fri Sep 20 15:00:17 2024 by rpki-client on console-ams.rpki-client.org