Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e32382e302f32342d3234203d3e203234323033.roa
File: 3134302e3231332e32382e302f32342d3234203d3e203234323033.roa (raw, json)
Hash identifier: nokUPRKdCmYWigEAIDfZCW+JfmxBoP7RRr1XXMguoag=
Subject key identifier: 00:CC:4F:DF:A3:62:70:70:72:7A:0B:14:84:1C:6A:37:E3:C7:48:0E
Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Certificate serial: 78E97F9EC9A09364E9B8802BB2ADA395A441E153
Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e32382e302f32342d3234203d3e203234323033.roa
Signing time: Tue 19 Apr 2022 06:00:00 +0000
ROA not before: Tue 19 Apr 2022 05:55:00 +0000
ROA not after: Tue 18 Apr 2023 06:00:00 +0000
asID: 24203
IP address blocks: 140.213.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:e9:7f:9e:c9:a0:93:64:e9:b8:80:2b:b2:ad:a3:95:a4:41:e1:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B
Validity
Not Before: Apr 19 05:55:00 2022 GMT
Not After : Apr 18 06:00:00 2023 GMT
Subject: CN=00CC4FDFA3627070727A0B14841C6A37E3C7480E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:43:cf:c9:9a:52:ae:e5:66:de:01:33:16:31:
b9:97:36:f0:97:cf:66:d9:98:d0:97:84:a6:6f:23:
b1:14:9c:6e:1b:d3:5b:99:d1:83:08:1d:9c:c2:3b:
94:40:71:ef:b3:e6:c3:7c:84:b1:83:0d:9f:e4:da:
f9:fd:a9:35:25:f4:7d:64:c5:47:d6:b9:6b:21:15:
f3:fa:17:9b:24:5e:ed:02:fb:38:47:06:33:c7:68:
0c:f4:9d:c3:8b:4a:f6:d4:1c:f3:f4:d1:6a:70:02:
d5:50:51:cf:e3:b6:44:71:7e:47:0a:21:d4:1d:e4:
32:e3:d9:cb:74:e2:9a:24:48:d0:cc:cb:fe:f5:d2:
1b:10:3c:e3:08:ae:67:2e:e4:eb:35:a0:e7:3a:db:
d7:6f:b6:30:cb:f5:ab:07:eb:03:66:6a:22:4f:4e:
ec:8f:1d:11:c1:c7:46:0e:26:bd:51:b7:24:0d:74:
27:0d:c8:c7:d3:07:95:5c:4b:59:8f:2a:02:3c:2e:
bd:70:c8:5a:09:16:50:79:89:06:03:a9:7a:3b:6f:
db:ec:63:21:a0:ff:75:5a:ef:17:25:c6:65:14:d6:
6c:49:f4:ee:18:84:de:a4:a0:bb:07:df:0f:f3:3d:
d6:3a:ed:47:09:55:8e:3f:e2:fd:d6:80:72:cf:04:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CC:4F:DF:A3:62:70:70:72:7A:0B:14:84:1C:6A:37:E3:C7:48:0E
X509v3 Authority Key Identifier:
keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/3134302e3231332e32382e302f32342d3234203d3e203234323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.213.28.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:5d:d3:b0:59:46:35:d1:05:49:62:30:82:d2:5e:56:f0:f4:
82:ee:46:93:0d:dd:2f:6c:77:d6:08:39:e1:3a:78:58:c7:44:
e5:19:c9:1f:b6:84:22:f0:49:8b:cc:78:b1:a4:f3:03:b2:f8:
ff:5e:10:31:7b:12:00:85:3d:85:e3:1c:8f:bf:c2:22:ce:bd:
f8:37:a8:18:98:95:ca:76:d8:c1:6d:f2:bc:35:1f:8d:91:6f:
62:92:dd:37:50:0b:2f:64:71:0e:e9:7a:08:85:f8:fc:8e:1a:
81:8d:17:09:41:e9:69:90:63:52:fa:69:28:e5:64:86:8c:83:
30:1d:96:31:c7:24:f7:57:5f:11:3d:4a:47:79:1e:59:4e:5a:
56:38:d2:2f:ac:a9:ab:b1:e0:48:ce:75:2d:9f:36:f9:d9:07:
f1:43:8a:a8:66:e7:e6:6a:ee:49:05:8e:8f:ab:36:11:ed:bb:
fa:5f:3f:37:9d:6b:7f:33:c8:4b:08:b3:e6:8c:4f:48:0d:da:
eb:ad:38:49:8c:b3:92:58:73:8c:66:47:6d:87:f4:66:92:e3:
aa:fc:b7:c8:98:f3:bb:7b:f2:61:6c:5a:d3:22:10:76:3e:01:
5d:be:79:86:d8:7b:71:56:55:ab:ca:4e:22:27:43:9f:b8:00:
19:a4:55:f8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUeOl/nsmgk2TpuIArsq2jlaRB4VMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG
QzY2MEExQjAeFw0yMjA0MTkwNTU1MDBaFw0yMzA0MTgwNjAwMDBaMDMxMTAvBgNV
BAMTKDAwQ0M0RkRGQTM2MjcwNzA3MjdBMEIxNDg0MUM2QTM3RTNDNzQ4MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Q8/JmlKu5WbeATMWMbmXNvCX
z2bZmNCXhKZvI7EUnG4b01uZ0YMIHZzCO5RAce+z5sN8hLGDDZ/k2vn9qTUl9H1k
xUfWuWshFfP6F5skXu0C+zhHBjPHaAz0ncOLSvbUHPP00WpwAtVQUc/jtkRxfkcK
IdQd5DLj2ct04pokSNDMy/710hsQPOMIrmcu5Os1oOc629dvtjDL9asH6wNmaiJP
TuyPHRHBx0YOJr1RtyQNdCcNyMfTB5VcS1mPKgI8Lr1wyFoJFlB5iQYDqXo7b9vs
YyGg/3Va7xclxmUU1mxJ9O4YhN6koLsH3w/zPdY67UcJVY4/4v3WgHLPBNNHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUAMxP36NicHByegsUhBxqN+PHSA4wHwYDVR0j
BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE
OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2
MEExQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8xLzMxMzQzMDJlMzIzMTMzMmUzMjM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzNDMyMzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIzVHDANBgkqhkiG
9w0BAQsFAAOCAQEAa13TsFlGNdEFSWIwgtJeVvD0gu5Gkw3dL2x31gg54Tp4WMdE
5RnJH7aEIvBJi8x4saTzA7L4/14QMXsSAIU9heMcj7/CIs69+DeoGJiVynbYwW3y
vDUfjZFvYpLdN1ALL2RxDul6CIX4/I4agY0XCUHpaZBjUvppKOVkhoyDMB2WMcck
91dfET1KR3keWU5aVjjSL6ypq7HgSM51LZ82+dkH8UOKqGbn5mruSQWOj6s2Ee27
+l8/N51rfzPISwiz5oxPSA3a6604SYyzklhzjGZHbYf0ZpLjqvy3yJjzu3vyYWxa
0yIQdj4BXb55hth7cVZVq8pOIidDn7gAGaRV+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:40 2024 by rpki-client on console-ams.rpki-client.org