Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e322e302f32342d3234203d3e203234323033.roa
File: 3134302e3231332e322e302f32342d3234203d3e203234323033.roa (raw, json)
Hash identifier: /OrIftkfE3eiyvYgYIQB+5exscJtfZTut4gH3L9QgDo=
Subject key identifier: 91:32:12:8F:FF:E3:90:08:FC:0D:E9:8A:F4:80:02:B2:50:EB:AF:CE
Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Certificate serial: 65E96AE46DA0245DE9A48909D0845758D95CDC29
Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e322e302f32342d3234203d3e203234323033.roa
Signing time: Wed 13 Apr 2022 08:00:03 +0000
ROA not before: Wed 13 Apr 2022 07:55:03 +0000
ROA not after: Wed 12 Apr 2023 08:00:03 +0000
asID: 24203
IP address blocks: 140.213.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e9:6a:e4:6d:a0:24:5d:e9:a4:89:09:d0:84:57:58:d9:5c:dc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Validity
Not Before: Apr 13 07:55:03 2022 GMT
Not After : Apr 12 08:00:03 2023 GMT
Subject: CN=9132128FFFE39008FC0DE98AF48002B250EBAFCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:63:c5:c0:3b:aa:1c:af:67:4a:b6:eb:ab:bd:
fd:ea:f2:b4:b7:98:27:e3:c6:0b:32:79:97:2d:63:
8d:69:71:50:86:33:32:33:75:85:e4:50:f7:ac:36:
cc:94:7d:79:c8:c5:b5:b9:c1:d1:23:9d:76:fe:bf:
5b:ab:ef:6c:87:8a:02:94:72:9e:83:b1:e7:86:66:
1c:83:4f:e1:2e:d9:8d:6a:76:17:73:f2:22:55:50:
7e:fd:90:38:2a:98:e9:f9:36:3d:21:4f:28:ef:8c:
ba:e9:56:6a:fc:80:9c:bb:e4:ba:90:1a:bb:46:e0:
d1:0b:ee:82:04:4c:c9:b4:07:95:af:51:2e:d5:5a:
7f:1b:fa:76:ad:75:19:17:b1:1f:cd:d8:79:37:c5:
e0:3e:9a:72:51:b7:a9:78:e2:73:6d:e3:c4:10:86:
6d:d5:82:52:29:05:a0:9e:a8:b2:85:5c:a0:e6:0d:
d3:c5:ed:b1:e8:63:eb:8f:a4:74:f4:12:11:c5:4c:
a5:28:4f:c9:e2:48:59:de:dd:92:7c:e5:a5:ab:03:
66:74:5b:4a:74:b5:fa:1e:fa:71:fd:56:e2:af:3a:
2b:83:96:22:1b:79:65:92:fb:03:a1:21:f4:b6:53:
c7:57:0d:08:29:6d:01:69:d4:05:a3:79:24:b2:72:
5a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:32:12:8F:FF:E3:90:08:FC:0D:E9:8A:F4:80:02:B2:50:EB:AF:CE
X509v3 Authority Key Identifier:
keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e322e302f32342d3234203d3e203234323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.2.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:55:d9:39:8c:75:8c:8e:d8:b0:75:06:49:87:c9:a5:1f:88:
a9:04:c0:ac:6f:ec:10:39:34:c8:b6:6c:85:d5:2a:f1:d1:01:
79:b0:dc:7f:45:e9:6d:ca:a0:65:37:ce:73:19:13:86:e0:f7:
db:0a:88:63:41:3a:e1:39:d0:9c:68:eb:fb:8b:e8:73:c4:54:
88:61:14:3c:b4:d9:b0:27:31:49:ce:45:5b:23:bf:7e:06:25:
66:27:32:8a:1c:4b:81:c2:b9:90:1e:2a:68:7b:5c:08:84:87:
72:04:83:16:4e:00:df:c1:ce:6a:65:e9:18:04:0c:fb:2e:4a:
14:af:a2:e1:19:92:91:6a:3a:7c:b6:e6:33:37:c6:d5:bc:bc:
c4:d8:bc:74:13:1d:a8:a8:54:0f:83:12:ed:fc:da:a2:4e:9c:
7e:35:d8:3f:78:d1:41:92:58:e0:2d:bf:81:6b:57:76:f6:48:
60:a7:b3:7c:36:82:a4:6e:78:56:0b:b3:d1:69:41:9b:cb:50:
5e:78:35:61:78:71:d9:46:7d:5e:3f:76:96:ee:c2:61:89:ff:
8e:a1:b3:c6:b1:6c:0e:e4:a0:0f:ec:e1:a9:f8:8c:21:b1:29:
1a:b4:05:42:b0:19:a2:74:47:cc:d1:09:d8:fe:e8:ba:53:af:
7e:0a:56:3d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUZelq5G2gJF3ppIkJ0IRXWNlc3CkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG
QzY2MEExQjAeFw0yMjA0MTMwNzU1MDNaFw0yMzA0MTIwODAwMDNaMDMxMTAvBgNV
BAMTKDkxMzIxMjhGRkZFMzkwMDhGQzBERTk4QUY0ODAwMkIyNTBFQkFGQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJY8XAO6ocr2dKtuurvf3q8rS3
mCfjxgsyeZctY41pcVCGMzIzdYXkUPesNsyUfXnIxbW5wdEjnXb+v1ur72yHigKU
cp6DseeGZhyDT+Eu2Y1qdhdz8iJVUH79kDgqmOn5Nj0hTyjvjLrpVmr8gJy75LqQ
GrtG4NEL7oIETMm0B5WvUS7VWn8b+natdRkXsR/N2Hk3xeA+mnJRt6l44nNt48QQ
hm3VglIpBaCeqLKFXKDmDdPF7bHoY+uPpHT0EhHFTKUoT8niSFne3ZJ85aWrA2Z0
W0p0tfoe+nH9VuKvOiuDliIbeWWS+wOhIfS2U8dXDQgpbQFp1AWjeSSyclorAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUkTISj//jkAj8DemK9IACslDrr84wHwYDVR0j
BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE
OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2
MEExQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8xLzMxMzQzMDJlMzIzMTMzMmUzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzQzMjMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACM1QIwDQYJKoZIhvcN
AQELBQADggEBACxV2TmMdYyO2LB1BkmHyaUfiKkEwKxv7BA5NMi2bIXVKvHRAXmw
3H9F6W3KoGU3znMZE4bg99sKiGNBOuE50Jxo6/uL6HPEVIhhFDy02bAnMUnORVsj
v34GJWYnMoocS4HCuZAeKmh7XAiEh3IEgxZOAN/Bzmpl6RgEDPsuShSvouEZkpFq
Ony25jM3xtW8vMTYvHQTHaioVA+DEu382qJOnH412D940UGSWOAtv4FrV3b2SGCn
s3w2gqRueFYLs9FpQZvLUF54NWF4cdlGfV4/dpbuwmGJ/46hs8axbA7koA/s4an4
jCGxKRq0BUKwGaJ0R8zRCdj+6LpTr34KVj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:40 2024 by rpki-client on console-ams.rpki-client.org