Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235332e302f32342d3234203d3e203137383835.roa
File: 3230322e3135322e3235332e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: CgfqhLyr9if55+hrPl8OwRnxTJDLg1P0AIskXTY6I74=
Subject key identifier: 3D:91:45:9E:19:CA:D1:32:BE:24:44:4B:C1:03:6E:49:07:7B:2C:AF
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 30D90AC75C597650F50B2EBF35B75A4FC6853D6E
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235332e302f32342d3234203d3e203137383835.roa
Signing time: Wed 20 Apr 2022 06:00:00 +0000
ROA not before: Wed 20 Apr 2022 05:55:00 +0000
ROA not after: Wed 19 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 202.152.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d9:0a:c7:5c:59:76:50:f5:0b:2e:bf:35:b7:5a:4f:c6:85:3d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 20 05:55:00 2022 GMT
Not After : Apr 19 06:00:00 2023 GMT
Subject: CN=3D91459E19CAD132BE24444BC1036E49077B2CAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3d:d3:77:01:0c:c5:20:6f:55:da:8f:4d:82:
89:48:fa:c6:4d:29:d5:8e:9b:c0:18:06:a6:e0:41:
90:98:51:e2:a8:43:75:73:7d:91:2a:54:7e:79:d0:
c3:4b:55:25:65:d9:12:7d:b7:ba:21:4c:dc:43:19:
32:12:d7:ef:99:c2:39:f2:d6:db:a9:37:f8:fc:b1:
6e:06:86:80:eb:67:d3:24:dd:66:b4:1e:b2:f5:f2:
88:78:47:1e:87:79:3b:15:af:31:bc:0b:15:c7:03:
ac:ad:54:d4:a8:e8:9f:04:db:54:ed:f0:a4:59:60:
5c:a1:64:28:ee:5d:1e:89:9e:19:c1:81:f3:8e:f7:
c6:ee:fc:58:ce:1f:3d:42:f6:9d:6d:33:ba:2e:e4:
03:47:4c:35:15:30:d4:94:1e:39:67:ca:87:d2:62:
11:b0:89:81:af:b8:e7:1e:1b:e8:3e:a1:a3:e7:7b:
bb:e9:4b:6e:c7:f7:0d:c1:53:c1:26:83:d0:0e:43:
9b:8c:45:2a:fd:6e:51:af:1b:94:5b:d7:82:ba:90:
7d:64:31:af:a2:ab:30:ff:0e:ab:d2:65:b8:a4:45:
72:4b:66:86:c9:9c:85:78:17:4e:59:6e:e7:7f:d3:
ac:d9:bf:35:5a:ae:51:ea:28:c5:e5:b7:5a:74:39:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:91:45:9E:19:CA:D1:32:BE:24:44:4B:C1:03:6E:49:07:7B:2C:AF
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3235332e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.152.253.0/24
Signature Algorithm: sha256WithRSAEncryption
44:83:27:f5:29:dc:d1:e5:c4:cd:99:2a:1f:c1:65:a1:b6:1c:
ed:fa:96:41:3d:cd:f8:b4:78:ff:81:e1:bd:2f:65:4c:55:ba:
9c:b1:f0:be:48:04:ed:a8:b7:70:9a:f9:8e:ab:38:6b:9a:ac:
f5:1d:84:ab:74:d9:be:da:5e:34:96:cd:a3:2d:2f:19:e4:8a:
28:98:1a:f6:34:eb:c8:f6:49:4b:c8:85:7b:01:60:f1:6c:07:
0a:9d:7c:6a:55:b0:bf:ac:32:0d:f7:70:d8:61:48:75:66:4d:
0a:1f:38:6e:b3:c1:f5:89:6c:69:6c:dd:50:6f:43:d2:5d:49:
42:72:78:1c:df:f4:61:4f:a4:ef:27:0b:c7:9c:11:43:35:10:
6e:b8:aa:f6:d3:cf:41:31:4d:11:2f:dd:0a:71:d7:63:0c:4b:
26:7a:2b:a4:75:b1:1d:c0:4a:df:13:86:19:1f:bc:72:cb:77:
18:45:1c:d3:5e:05:ef:4e:4b:26:4c:83:e9:9f:f0:4f:d2:5f:
44:5a:c9:cb:d9:1f:87:c4:bf:9a:a2:18:84:30:32:61:39:51:
aa:fd:5c:58:73:85:ec:63:55:cb:f2:29:02:4b:ab:59:cf:b6:
c7:32:be:32:4f:34:ee:4d:14:8e:c9:fe:d8:ad:77:b4:7a:e1:
10:ad:5a:39
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMNkKx1xZdlD1Cy6/NbdaT8aFPW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MjAwNTU1MDBaFw0yMzA0MTkwNjAwMDBaMDMxMTAvBgNV
BAMTKDNEOTE0NTlFMTlDQUQxMzJCRTI0NDQ0QkMxMDM2RTQ5MDc3QjJDQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMPdN3AQzFIG9V2o9NgolI+sZN
KdWOm8AYBqbgQZCYUeKoQ3VzfZEqVH550MNLVSVl2RJ9t7ohTNxDGTIS1++Zwjny
1tupN/j8sW4GhoDrZ9Mk3Wa0HrL18oh4Rx6HeTsVrzG8CxXHA6ytVNSo6J8E21Tt
8KRZYFyhZCjuXR6JnhnBgfOO98bu/FjOHz1C9p1tM7ou5ANHTDUVMNSUHjlnyofS
YhGwiYGvuOceG+g+oaPne7vpS27H9w3BU8Emg9AOQ5uMRSr9blGvG5Rb14K6kH1k
Ma+iqzD/DqvSZbikRXJLZobJnIV4F05Zbud/06zZvzVarlHqKMXlt1p0OYYBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUPZFFnhnK0TK+JERLwQNuSQd7LK8wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMyMzAzMjJlMzEzNTMyMmUzMjM1MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzgzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypj9MA0GCSqG
SIb3DQEBCwUAA4IBAQBEgyf1KdzR5cTNmSofwWWhthzt+pZBPc34tHj/geG9L2VM
VbqcsfC+SATtqLdwmvmOqzhrmqz1HYSrdNm+2l40ls2jLS8Z5IoomBr2NOvI9klL
yIV7AWDxbAcKnXxqVbC/rDIN93DYYUh1Zk0KHzhus8H1iWxpbN1Qb0PSXUlCcngc
3/RhT6TvJwvHnBFDNRBuuKr2089BMU0RL90KcddjDEsmeiukdbEdwErfE4YZH7xy
y3cYRRzTXgXvTksmTIPpn/BP0l9EWsnL2R+HxL+aohiEMDJhOVGq/VxYc4XsY1XL
8ikCS6tZz7bHMr4yTzTuTRSOyf7YrXe0euEQrVo5
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net