Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235322e302f32342d3234203d3e203137383835.roa
File: 3230322e3135322e3235322e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 6SIuLouQiP+UhyfYatzXJXM0vdXOvLG2ifZRhe7I0kk=
Subject key identifier: 75:1D:53:FD:77:5B:B3:79:19:F3:CE:A3:B4:43:5D:A4:1E:26:D8:AF
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 223E85B349209507E73CF9387A0F625CB5FCD708
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235322e302f32342d3234203d3e203137383835.roa
Signing time: Wed 20 Apr 2022 06:00:00 +0000
ROA not before: Wed 20 Apr 2022 05:55:00 +0000
ROA not after: Wed 19 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 202.152.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3e:85:b3:49:20:95:07:e7:3c:f9:38:7a:0f:62:5c:b5:fc:d7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 20 05:55:00 2022 GMT
Not After : Apr 19 06:00:00 2023 GMT
Subject: CN=751D53FD775BB37919F3CEA3B4435DA41E26D8AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e7:1f:b5:52:22:d0:36:7e:89:9a:d1:05:bf:
20:68:f1:18:a6:99:a5:54:ad:f1:92:98:2b:23:aa:
d6:44:f8:be:88:aa:1a:aa:d9:ea:33:9a:28:a4:1e:
b8:7e:4b:21:93:25:e2:1b:8e:15:f7:a6:b6:20:64:
ee:cf:f7:a0:8b:b3:02:63:09:c9:1f:67:1a:12:98:
db:3d:c2:39:8c:f0:c8:65:f5:3d:28:05:28:a7:d5:
ba:44:2e:2e:d0:cf:57:81:13:9b:2a:3b:d6:14:0d:
c1:7a:0a:42:b3:c0:cd:69:08:fc:38:3d:ee:fa:45:
28:ab:8c:e1:25:e0:58:9f:0b:e7:7f:61:08:be:fa:
2d:9d:84:62:5d:94:c2:c9:88:03:5d:9f:3a:5b:3c:
a9:c6:17:ce:4a:b6:da:78:71:36:0a:29:58:c8:ca:
36:5a:df:f6:b2:f7:ed:0e:13:40:4d:a2:58:43:14:
12:26:8e:5a:d3:b1:a2:10:0d:27:fb:04:91:17:8e:
e0:ea:f8:ee:ca:4f:d1:3e:72:b1:c0:32:fd:3e:d6:
f7:9d:66:b0:3a:cf:10:16:6e:f9:78:1f:86:69:01:
a2:b9:6f:87:77:83:8a:ac:d7:f3:24:e7:5a:ab:dc:
45:02:ea:1b:a2:60:a2:f8:a5:92:02:88:80:15:83:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1D:53:FD:77:5B:B3:79:19:F3:CE:A3:B4:43:5D:A4:1E:26:D8:AF
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235322e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.152.252.0/24
Signature Algorithm: sha256WithRSAEncryption
14:72:13:89:b9:60:f3:99:c8:db:a0:7c:eb:fb:c0:f9:b7:47:
eb:2f:3e:97:a7:51:a3:fb:d1:65:f2:49:69:94:ec:fc:51:ad:
b7:e0:7b:1f:d1:35:4e:92:7c:2c:5a:33:05:ed:9f:78:7c:3a:
23:d2:0a:4a:47:50:25:e1:b6:f6:b1:20:e4:40:34:cc:3b:c0:
98:ae:01:f9:1b:94:8c:e6:4d:42:6e:73:e1:17:fb:22:8e:43:
16:3b:62:fc:93:f9:38:c3:55:0f:f1:e4:1d:93:47:dc:e5:04:
7e:c7:ee:4e:86:c8:9e:98:cb:2f:1a:8c:2e:fc:9e:1b:2f:ab:
fb:92:90:a1:7f:cd:81:36:69:5c:17:5a:3f:34:a1:c9:a8:7f:
84:10:2e:65:74:10:28:42:fe:a6:51:08:ec:18:08:dd:3f:6f:
20:6c:03:14:e5:c6:95:f8:c4:dd:f8:b4:8f:e2:28:2f:53:9c:
6b:1c:cf:8e:8a:57:92:dd:bb:36:e9:b0:69:14:98:13:5e:f7:
83:73:99:2f:8d:5a:26:be:df:ac:c0:2d:00:14:3b:b0:b3:60:
3b:3f:90:c6:0b:e6:09:0f:ad:05:af:36:f2:3b:07:e3:58:cc:
50:6c:5c:e9:c9:c3:ae:d9:90:6f:a3:35:d6:2a:58:2a:47:55:
c1:a0:84:51
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUIj6Fs0kglQfnPPk4eg9iXLX81wgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MjAwNTU1MDBaFw0yMzA0MTkwNjAwMDBaMDMxMTAvBgNV
BAMTKDc1MUQ1M0ZENzc1QkIzNzkxOUYzQ0VBM0I0NDM1REE0MUUyNkQ4QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN5x+1UiLQNn6JmtEFvyBo8Rim
maVUrfGSmCsjqtZE+L6Iqhqq2eozmiikHrh+SyGTJeIbjhX3prYgZO7P96CLswJj
CckfZxoSmNs9wjmM8Mhl9T0oBSin1bpELi7Qz1eBE5sqO9YUDcF6CkKzwM1pCPw4
Pe76RSirjOEl4FifC+d/YQi++i2dhGJdlMLJiANdnzpbPKnGF85Kttp4cTYKKVjI
yjZa3/ay9+0OE0BNolhDFBImjlrTsaIQDSf7BJEXjuDq+O7KT9E+crHAMv0+1ved
ZrA6zxAWbvl4H4ZpAaK5b4d3g4qs1/Mk51qr3EUC6huiYKL4pZICiIAVg87DAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUdR1T/Xdbs3kZ886jtENdpB4m2K8wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMyMzAzMjJlMzEzNTMyMmUzMjM1MzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzgzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypj8MA0GCSqG
SIb3DQEBCwUAA4IBAQAUchOJuWDzmcjboHzr+8D5t0frLz6Xp1Gj+9Fl8klplOz8
Ua234Hsf0TVOknwsWjMF7Z94fDoj0gpKR1Al4bb2sSDkQDTMO8CYrgH5G5SM5k1C
bnPhF/sijkMWO2L8k/k4w1UP8eQdk0fc5QR+x+5OhsiemMsvGowu/J4bL6v7kpCh
f82BNmlcF1o/NKHJqH+EEC5ldBAoQv6mUQjsGAjdP28gbAMU5caV+MTd+LSP4igv
U5xrHM+OileS3bs26bBpFJgTXveDc5kvjVomvt+swC0AFDuws2A7P5DGC+YJD60F
rzbyOwfjWMxQbFzpycOu2ZBvozXWKlgqR1XBoIRR
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net