Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e33332e302f32342d3234203d3e203137383835.roa
File: 3131322e3231352e33332e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 7C/kfYGjyKwmaAyRxtLKazhHQjpa3IdC908MRfM6DBE=
Subject key identifier: 9F:D2:4F:FB:39:27:C8:DC:B3:F3:4D:49:56:59:FA:63:9A:05:36:E6
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 15845A1D3594305888BE72656C54E687471054D6
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e33332e302f32342d3234203d3e203137383835.roa
Signing time: Sat 02 Apr 2022 03:00:00 +0000
ROA not before: Sat 02 Apr 2022 02:55:00 +0000
ROA not after: Sat 01 Apr 2023 03:00:00 +0000
asID: 17885
IP address blocks: 112.215.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:84:5a:1d:35:94:30:58:88:be:72:65:6c:54:e6:87:47:10:54:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 2 02:55:00 2022 GMT
Not After : Apr 1 03:00:00 2023 GMT
Subject: CN=9FD24FFB3927C8DCB3F34D495659FA639A0536E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:41:be:b3:d8:89:fb:0b:46:d3:ca:1d:65:
bd:3f:6c:b5:dc:c0:fb:8a:93:1f:9f:ca:3b:09:a5:
0b:93:aa:f8:51:59:27:13:5c:89:74:02:c8:80:f2:
34:c2:07:ba:ad:7b:65:1f:4e:11:bf:3a:ec:19:86:
01:19:52:f5:b6:5e:ff:5f:d3:6c:72:f9:3f:f6:e1:
a5:f8:16:6b:27:2e:57:0d:8d:67:81:39:00:d1:36:
a5:93:e5:5a:09:e8:90:7a:bf:44:20:77:52:2f:c7:
35:7e:e5:bb:2e:39:47:3e:93:d3:7b:9e:54:e7:3b:
66:9a:6d:7a:35:0f:32:b1:4a:f6:12:f0:7c:30:5a:
88:21:22:64:f1:3b:8a:b0:f8:6f:6a:85:e1:56:97:
c1:45:d9:d5:60:84:ef:3e:77:3b:ce:0e:ff:98:83:
41:fc:aa:0e:17:3d:27:e3:9b:f7:ba:16:94:da:39:
59:30:0b:23:d3:af:44:1b:30:28:1d:6b:4a:da:f4:
32:05:19:00:ce:85:52:0a:0a:8d:97:88:77:24:b7:
cd:cf:0d:90:fa:cd:9e:6b:eb:75:da:17:78:d9:7b:
40:b9:5b:b8:2a:69:b0:e7:65:f5:f6:e8:b5:32:51:
2b:5c:36:b3:2f:d9:38:fe:f0:bc:80:7c:86:62:27:
e7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D2:4F:FB:39:27:C8:DC:B3:F3:4D:49:56:59:FA:63:9A:05:36:E6
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e33332e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.33.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6d:0a:23:51:5f:50:51:be:2b:ac:93:37:b7:35:63:41:4a:
dc:2f:d4:d9:e0:3e:82:4d:49:ea:68:e6:30:5b:8d:5e:a0:7c:
fb:9c:11:74:fa:8f:ba:8f:60:63:9c:20:bd:89:10:25:10:af:
6e:30:cc:81:a5:c1:5d:90:36:8f:b9:af:7e:30:a9:ba:c6:b0:
6d:02:f2:b2:6b:80:5c:23:3a:45:94:42:7a:e3:37:54:cb:3a:
72:f8:01:76:75:71:70:33:2b:cb:15:1b:68:ec:85:ae:07:3b:
bf:67:ea:62:21:b6:b7:78:72:3f:6e:43:c5:19:c4:d1:77:cb:
77:3c:70:92:46:c1:b5:87:f2:53:63:ad:3f:da:bd:5e:2b:4e:
19:d8:f9:d6:ae:16:a4:78:fe:a1:c9:ea:8e:d0:f9:a0:10:fd:
c9:77:d3:86:b4:59:5e:4c:2e:fd:1e:99:ce:bb:04:0c:58:11:
2b:10:5d:50:00:48:10:17:ad:b2:6b:dd:35:1e:b6:c6:27:54:
b9:40:c0:55:10:8c:0d:27:1e:48:0c:4d:dd:70:ac:8e:88:10:
39:7e:3c:84:83:64:f1:c9:d6:c9:28:42:b4:b5:d6:de:05:21:
a8:b6:c2:71:4e:a0:5c:e6:66:e7:5e:4e:0e:10:85:1b:aa:a3:
06:c8:dd:bb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUFYRaHTWUMFiIvnJlbFTmh0cQVNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MDIwMjU1MDBaFw0yMzA0MDEwMzAwMDBaMDMxMTAvBgNV
BAMTKDlGRDI0RkZCMzkyN0M4RENCM0YzNEQ0OTU2NTlGQTYzOUEwNTM2RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmmUG+s9iJ+wtG08odZb0/bLXc
wPuKkx+fyjsJpQuTqvhRWScTXIl0AsiA8jTCB7qte2UfThG/OuwZhgEZUvW2Xv9f
02xy+T/24aX4FmsnLlcNjWeBOQDRNqWT5VoJ6JB6v0Qgd1IvxzV+5bsuOUc+k9N7
nlTnO2aabXo1DzKxSvYS8HwwWoghImTxO4qw+G9qheFWl8FF2dVghO8+dzvODv+Y
g0H8qg4XPSfjm/e6FpTaOVkwCyPTr0QbMCgda0ra9DIFGQDOhVIKCo2XiHckt83P
DZD6zZ5r63XaF3jZe0C5W7gqabDnZfX26LUyUStcNrMv2Tj+8LyAfIZiJ+dPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUn9JP+zknyNyz801JVln6Y5oFNuYwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzEzMjJlMzIzMTM1MmUzMzMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM4MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHDXITANBgkqhkiG
9w0BAQsFAAOCAQEAf20KI1FfUFG+K6yTN7c1Y0FK3C/U2eA+gk1J6mjmMFuNXqB8
+5wRdPqPuo9gY5wgvYkQJRCvbjDMgaXBXZA2j7mvfjCpusawbQLysmuAXCM6RZRC
euM3VMs6cvgBdnVxcDMryxUbaOyFrgc7v2fqYiG2t3hyP25DxRnE0XfLdzxwkkbB
tYfyU2OtP9q9XitOGdj51q4WpHj+ocnqjtD5oBD9yXfThrRZXkwu/R6ZzrsEDFgR
KxBdUABIEBetsmvdNR62xidUuUDAVRCMDSceSAxN3XCsjogQOX48hINk8cnWyShC
tLXW3gUhqLbCcU6gXOZm515ODhCFG6qjBsjduw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net