Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35372e302f32342d3234203d3e20313337333633.roa
File: 3230322e31302e35372e302f32342d3234203d3e20313337333633.roa (raw, json)
Hash identifier: //fFMFTuzNiu+OAbwcgBpioap5kpnW4AFOHi8Y3f9pQ=
Subject key identifier: B1:62:51:10:64:0F:94:4E:B6:CA:32:ED:72:71:EA:8D:B8:2C:E2:3D
Certificate issuer: /CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
Certificate serial: 43194574918F5DF82186DA40CC94B179C31ED6F1
Authority key identifier: B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35372e302f32342d3234203d3e20313337333633.roa
Signing time: Wed 17 May 2023 09:37:36 +0000
ROA not before: Wed 17 May 2023 09:32:36 +0000
ROA not after: Wed 15 May 2024 09:37:36 +0000
asID: 137363
IP address blocks: 202.10.57.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:19:45:74:91:8f:5d:f8:21:86:da:40:cc:94:b1:79:c3:1e:d6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3
Validity
Not Before: May 17 09:32:36 2023 GMT
Not After : May 15 09:37:36 2024 GMT
Subject: CN=B1625110640F944EB6CA32ED7271EA8DB82CE23D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fc:7f:38:ba:0d:52:66:25:73:28:06:89:54:
6e:7d:c0:b9:eb:0e:18:3b:79:41:50:b6:e2:02:be:
1e:ea:b9:4b:c5:3f:a3:d7:e0:4d:7e:b9:9e:7b:2a:
8c:f3:e1:92:62:c7:3c:d8:c8:81:7c:55:ae:7a:77:
07:5c:6c:dc:2e:eb:43:91:7c:b1:de:24:bc:4b:25:
82:5b:56:cd:8b:ed:d1:8a:e2:09:67:a9:71:39:12:
18:5d:76:3d:76:2e:34:10:31:5f:e2:ff:1c:0e:80:
06:7f:33:70:03:ff:07:09:40:0a:4f:34:c3:60:0d:
ee:ce:8f:d5:55:05:2b:40:88:b5:3b:b1:4e:34:25:
34:79:7a:9c:f6:50:4b:1b:ff:68:44:c1:9d:45:c5:
63:e6:65:df:9c:d6:ad:8e:38:fc:27:b2:d6:5d:77:
de:e2:08:8e:3b:21:3c:45:e5:4a:10:3c:e3:27:14:
23:1d:03:8c:15:a5:65:49:f6:7c:78:8e:2f:b7:94:
6d:83:f9:e6:0f:5a:c6:7b:f9:f3:6f:54:e4:fa:85:
0c:44:c8:f9:d4:16:c4:80:a8:75:5d:df:95:96:9f:
4a:37:a7:7a:a9:00:6b:55:dd:31:7e:97:1e:01:8c:
72:ba:9d:f7:d8:aa:58:bc:cf:2c:a6:37:4b:7d:4f:
fd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:62:51:10:64:0F:94:4E:B6:CA:32:ED:72:71:EA:8D:B8:2C:E2:3D
X509v3 Authority Key Identifier:
keyid:B6:EE:1F:61:D6:E8:E9:EE:C6:40:CC:C1:D7:91:DB:A1:24:99:3C:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6EE1F61D6E8E9EEC640CCC1D791DBA124993CA3.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d1085b4a-f573-42f3-825c-1cf0c872b152/0/3230322e31302e35372e302f32342d3234203d3e20313337333633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.10.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:63:80:cc:f2:81:e5:c7:d5:3b:78:61:92:55:90:04:81:b2:
d6:07:d8:e3:e3:a0:eb:c9:89:6b:1a:e0:08:93:94:04:ba:ba:
a8:cd:6b:55:a6:33:92:d5:80:c5:b5:96:45:3e:d9:57:b9:57:
f0:df:0e:c3:1f:2b:b8:cc:0c:3a:6d:57:77:55:4c:87:64:d7:
45:82:93:44:0b:f6:30:37:c5:48:80:79:f0:58:55:19:14:c0:
8c:52:30:b0:39:28:e4:10:29:35:36:c6:a6:2c:bf:10:7a:19:
b2:0b:56:5e:93:7f:81:e3:84:83:24:71:09:81:71:bb:4c:f1:
20:e2:cf:a4:28:1e:6d:7f:39:f3:4e:b3:ba:c1:b8:08:9e:ae:
ca:e0:89:84:7a:a1:69:d4:b3:ad:16:54:74:c5:33:c7:20:cb:
ab:ba:a4:a8:9e:4b:ad:47:25:bc:ea:b7:5d:07:c1:e7:39:80:
b9:1c:8d:7c:7a:c7:01:52:49:42:ba:f0:ac:0d:e0:be:69:aa:
56:70:e8:c4:af:07:5e:da:d3:5d:e1:7c:1c:48:9b:a8:4f:ba:
a3:31:b9:28:a3:08:e9:bc:7e:ce:7f:9e:d4:8c:0c:24:ce:3f:
da:7a:4c:d0:78:38:c4:b1:16:63:c6:7c:be:b2:5b:14:81:fe:
9c:f8:cf:7d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUQxlFdJGPXfghhtpAzJSxecMe1vEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEy
NDk5M0NBMzAeFw0yMzA1MTcwOTMyMzZaFw0yNDA1MTUwOTM3MzZaMDMxMTAvBgNV
BAMTKEIxNjI1MTEwNjQwRjk0NEVCNkNBMzJFRDcyNzFFQThEQjgyQ0UyM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd/H84ug1SZiVzKAaJVG59wLnr
Dhg7eUFQtuICvh7quUvFP6PX4E1+uZ57Kozz4ZJixzzYyIF8Va56dwdcbNwu60OR
fLHeJLxLJYJbVs2L7dGK4glnqXE5Ehhddj12LjQQMV/i/xwOgAZ/M3AD/wcJQApP
NMNgDe7Oj9VVBStAiLU7sU40JTR5epz2UEsb/2hEwZ1FxWPmZd+c1q2OOPwnstZd
d97iCI47ITxF5UoQPOMnFCMdA4wVpWVJ9nx4ji+3lG2D+eYPWsZ7+fNvVOT6hQxE
yPnUFsSAqHVd35WWn0o3p3qpAGtV3TF+lx4BjHK6nffYqli8zyymN0t9T/0DAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUsWJREGQPlE62yjLtcnHqjbgs4j0wHwYDVR0j
BBgwFoAUtu4fYdbo6e7GQMzB15HboSSZPKMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MTA4NWI0YS1mNTczLTQyZjMtODI1Yy0xY2YwYzg3MmIxNTIvMC9CNkVFMUY2MUQ2
RThFOUVFQzY0MENDQzFENzkxREJBMTI0OTkzQ0EzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjZFRTFGNjFENkU4RTlFRUM2NDBDQ0MxRDc5MURCQTEyNDk5
M0NBMy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxMDg1YjRhLWY1NzMtNDJmMy04
MjVjLTFjZjBjODcyYjE1Mi8wLzMyMzAzMjJlMzEzMDJlMzUzNzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzMzNzMzMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMoKOTANBgkqhkiG
9w0BAQsFAAOCAQEAp2OAzPKB5cfVO3hhklWQBIGy1gfY4+Og68mJaxrgCJOUBLq6
qM1rVaYzktWAxbWWRT7ZV7lX8N8Owx8ruMwMOm1Xd1VMh2TXRYKTRAv2MDfFSIB5
8FhVGRTAjFIwsDko5BApNTbGpiy/EHoZsgtWXpN/geOEgyRxCYFxu0zxIOLPpCge
bX85806zusG4CJ6uyuCJhHqhadSzrRZUdMUzxyDLq7qkqJ5LrUclvOq3XQfB5zmA
uRyNfHrHAVJJQrrwrA3gvmmqVnDoxK8HXtrTXeF8HEibqE+6ozG5KKMI6bx+zn+e
1IwMJM4/2npM0Hg4xLEWY8Z8vrJbFIH+nPjPfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:52 2024 by rpki-client on console-ams.rpki-client.org