Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3234302e302f32342d3234203d3e203234323033.roa
File: 3230322e3135322e3234302e302f32342d3234203d3e203234323033.roa (raw, json)
Hash identifier: aCECvRsecl6p1DHgIA8SKAqPaZxCoXpEvO/KDFWJaZc=
Subject key identifier: 56:D4:5E:B1:9A:5C:20:45:FA:75:F0:81:3F:4A:B9:3F:DB:18:FB:04
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 1BD30FF55CE3BE69FA32788E05027E4389E4DDBA
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3234302e302f32342d3234203d3e203234323033.roa
Signing time: Wed 20 Apr 2022 06:00:00 +0000
ROA not before: Wed 20 Apr 2022 05:55:00 +0000
ROA not after: Wed 19 Apr 2023 06:00:00 +0000
asID: 24203
IP address blocks: 202.152.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d3:0f:f5:5c:e3:be:69:fa:32:78:8e:05:02:7e:43:89:e4:dd:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 20 05:55:00 2022 GMT
Not After : Apr 19 06:00:00 2023 GMT
Subject: CN=56D45EB19A5C2045FA75F0813F4AB93FDB18FB04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:38:77:6c:9a:66:e4:1e:01:4c:81:b8:86:
28:1a:4f:b9:0f:43:e0:33:f0:4a:2b:50:b9:82:97:
a4:f0:82:cc:d6:e4:63:77:23:f7:3d:05:0e:f9:d3:
19:a3:ab:64:46:77:9b:1f:a5:62:bd:0c:36:31:74:
e8:c3:15:65:71:66:ab:9d:9f:55:a5:94:9e:88:79:
86:e1:27:22:83:9f:d9:2a:46:7d:4d:d0:5e:18:2f:
a0:c0:0a:fd:a8:c3:57:73:58:c3:f3:d2:51:11:05:
20:7d:bd:9d:51:9a:87:2c:d5:75:5f:11:e0:27:32:
51:0b:9e:3c:b5:78:91:fa:2d:e0:bf:8b:c2:91:1b:
e9:e5:d3:b1:78:2d:82:32:84:da:62:e9:f5:5e:54:
ab:92:f7:df:11:65:95:00:2a:01:74:8c:c8:12:71:
b7:08:7f:bd:6d:6a:75:b3:00:48:a5:c4:31:53:67:
15:30:d7:15:38:d4:48:35:f5:5f:18:2b:8b:e7:0a:
60:1c:3a:c9:63:4c:db:5f:f9:7c:6b:d4:14:e2:9a:
a5:57:07:99:5b:99:58:0e:02:b0:98:80:04:d1:25:
3f:d3:65:69:bb:4e:2f:a0:a7:77:31:fc:6d:b4:67:
3d:9c:49:ac:db:70:08:2d:16:7b:d4:6b:37:82:81:
e5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D4:5E:B1:9A:5C:20:45:FA:75:F0:81:3F:4A:B9:3F:DB:18:FB:04
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3234302e302f32342d3234203d3e203234323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.152.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:2a:cd:a9:ea:95:d8:d6:56:c7:4b:d1:12:cd:cb:50:c8:d6:
42:84:a1:e0:f1:fe:f8:f8:00:04:18:fe:39:e3:f7:69:b3:1e:
21:fc:cc:b9:da:bb:a8:7a:ef:93:6d:22:fb:dc:a7:16:fa:9c:
0b:cd:9f:21:b0:81:69:af:b9:df:37:3f:96:4c:e8:b5:47:5c:
41:ec:3a:89:e3:a4:00:f0:39:5b:2d:02:6d:e5:45:12:fa:fb:
ce:65:aa:32:84:c3:bb:e1:9e:ad:3c:f1:ec:3a:ae:6a:ef:8e:
74:d3:fc:a2:80:e6:94:7f:0f:99:fc:e7:64:bf:8f:dc:72:58:
ce:52:78:62:48:8e:65:74:bc:c9:9d:bb:02:dd:11:a5:91:64:
87:fc:a4:52:ff:64:3e:8e:fd:5f:3a:40:07:1f:f7:83:c1:da:
4d:d1:ef:48:ad:7e:80:d0:23:7e:1f:7b:d7:2d:ce:6f:59:f9:
28:1c:14:b9:99:71:95:0e:f7:3f:9c:b2:a3:64:2e:e6:e5:9c:
a1:39:74:fd:f9:92:e4:9e:85:b2:85:de:b4:00:76:6c:ee:07:
a9:18:b4:88:d9:a6:d0:54:19:fe:58:93:f7:d4:16:7b:3b:78:
3b:1d:34:c8:b7:ea:00:ab:46:6f:2b:91:96:b1:1e:11:85:ee:
5e:6c:35:cd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUG9MP9Vzjvmn6MniOBQJ+Q4nk3bowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MjAwNTU1MDBaFw0yMzA0MTkwNjAwMDBaMDMxMTAvBgNV
BAMTKDU2RDQ1RUIxOUE1QzIwNDVGQTc1RjA4MTNGNEFCOTNGREIxOEZCMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeXDh3bJpm5B4BTIG4higaT7kP
Q+Az8EorULmCl6TwgszW5GN3I/c9BQ750xmjq2RGd5sfpWK9DDYxdOjDFWVxZqud
n1WllJ6IeYbhJyKDn9kqRn1N0F4YL6DACv2ow1dzWMPz0lERBSB9vZ1Rmocs1XVf
EeAnMlELnjy1eJH6LeC/i8KRG+nl07F4LYIyhNpi6fVeVKuS998RZZUAKgF0jMgS
cbcIf71tanWzAEilxDFTZxUw1xU41Eg19V8YK4vnCmAcOsljTNtf+Xxr1BTimqVX
B5lbmVgOArCYgATRJT/TZWm7Ti+gp3cx/G20Zz2cSazbcAgtFnvUazeCgeVtAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUVtResZpcIEX6dfCBP0q5P9sY+wQwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMyMzAzMjJlMzEzNTMyMmUzMjM0MzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMjM0MzIzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypjwMA0GCSqG
SIb3DQEBCwUAA4IBAQBtKs2p6pXY1lbHS9ESzctQyNZChKHg8f74+AAEGP454/dp
sx4h/My52ruoeu+TbSL73KcW+pwLzZ8hsIFpr7nfNz+WTOi1R1xB7DqJ46QA8Dlb
LQJt5UUS+vvOZaoyhMO74Z6tPPHsOq5q74500/yigOaUfw+Z/Odkv4/ccljOUnhi
SI5ldLzJnbsC3RGlkWSH/KRS/2Q+jv1fOkAHH/eDwdpN0e9IrX6A0CN+H3vXLc5v
WfkoHBS5mXGVDvc/nLKjZC7m5ZyhOXT9+ZLknoWyhd60AHZs7gepGLSI2abQVBn+
WJP31BZ7O3g7HTTIt+oAq0ZvK5GWsR4Rhe5ebDXN
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net