Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234322e302f32332d3233203d3e203535363832.roa
File: 3131342e3139382e3234322e302f32332d3233203d3e203535363832.roa (raw, json)
Hash identifier: 5UTCzXPyndSIdZzZ6blz0/8HbqyO+Uk6VmKzUJR5Aj8=
Subject key identifier: E1:38:A0:49:90:DA:E3:8F:C9:85:21:97:54:BF:BE:F2:16:B8:9D:53
Certificate issuer: /CN=C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E
Certificate serial: 0685CFD2AC5AC2A348734039E13B92A8E8C3C2C7
Authority key identifier: C3:0D:E7:1F:7C:AE:16:CA:2D:8D:AB:6D:01:CA:43:D7:2F:B4:FE:6E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234322e302f32332d3233203d3e203535363832.roa
Signing time: Wed 13 Apr 2022 12:00:01 +0000
ROA not before: Wed 13 Apr 2022 11:55:01 +0000
ROA not after: Wed 12 Apr 2023 12:00:01 +0000
asID: 55682
IP address blocks: 114.198.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:85:cf:d2:ac:5a:c2:a3:48:73:40:39:e1:3b:92:a8:e8:c3:c2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E
Validity
Not Before: Apr 13 11:55:01 2022 GMT
Not After : Apr 12 12:00:01 2023 GMT
Subject: CN=E138A04990DAE38FC985219754BFBEF216B89D53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:38:2e:fa:22:23:e9:6c:de:e1:99:77:05:
4d:0d:44:4e:e2:f6:5f:8b:e8:ac:f6:0d:36:16:4f:
91:80:ee:d6:f6:5d:e5:39:03:8f:6b:e2:38:76:18:
76:34:5e:5b:7d:95:46:14:73:50:a1:5d:fd:74:9c:
1f:30:63:ef:9a:3f:8d:62:bc:81:46:0b:40:ce:c1:
98:85:81:01:92:7c:b7:22:2e:55:89:e2:03:08:71:
90:d0:49:d1:73:72:6c:37:11:15:62:ba:aa:74:ef:
07:90:86:50:6b:53:55:e6:22:15:bb:a4:7b:d7:d8:
04:06:b2:a1:f4:21:14:1a:c3:95:38:e8:5b:21:19:
90:95:df:0a:97:9b:85:d2:6a:44:a7:09:b8:79:7d:
f0:7c:0a:97:0a:16:cd:ea:ad:1f:3e:dd:65:e8:9e:
f2:20:66:0c:4c:e0:eb:7a:db:4b:e4:ac:aa:24:a8:
01:59:94:08:fd:7c:d0:5d:2d:c5:0a:42:e8:b6:74:
e8:9f:74:da:07:cd:32:b4:96:d5:15:49:4d:94:69:
92:e1:2a:3b:db:15:b9:48:d6:14:b8:05:29:6b:9f:
62:3e:31:bf:a0:54:9e:55:69:a1:40:10:64:78:ac:
98:54:93:a7:00:17:3d:d6:4f:eb:87:8e:53:02:94:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:38:A0:49:90:DA:E3:8F:C9:85:21:97:54:BF:BE:F2:16:B8:9D:53
X509v3 Authority Key Identifier:
keyid:C3:0D:E7:1F:7C:AE:16:CA:2D:8D:AB:6D:01:CA:43:D7:2F:B4:FE:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C30DE71F7CAE16CA2D8DAB6D01CA43D72FB4FE6E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/03b59ce4-66a2-4f4d-b3d6-9299484ba56b/0/3131342e3139382e3234322e302f32332d3233203d3e203535363832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
114.198.242.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:56:4d:7e:b5:7f:56:5c:65:6e:78:f4:11:f3:70:81:d8:f7:
62:42:ac:d1:30:65:2e:f4:cb:6c:65:f4:c5:fa:4d:2d:fe:c0:
0e:a2:f3:16:75:f4:6a:f7:d4:90:29:bb:5a:99:76:10:67:8b:
60:b3:3e:aa:a8:ea:1a:ca:57:4b:e5:08:86:7f:a7:2c:fa:0e:
37:31:70:40:33:c6:a3:61:39:d9:6b:a2:fc:6a:81:29:eb:fc:
12:3f:a5:53:4f:c6:3d:ff:d6:02:7f:f9:25:98:a0:26:8c:68:
2e:c1:fa:c4:fa:2d:e2:36:1d:c9:e7:41:3d:93:51:ba:82:17:
3a:ad:0e:ce:35:04:71:48:68:0d:e8:a0:c4:3f:ef:1f:f7:88:
8f:63:60:1a:7b:7e:d1:99:ed:7c:86:64:86:25:52:3d:dc:5a:
e2:b6:19:33:a2:79:51:72:25:9b:28:81:1f:d4:d6:37:cc:75:
fa:c8:c8:79:d0:6d:d8:44:f3:d7:b1:97:6e:74:67:93:8e:cb:
12:e7:fe:86:e1:54:c5:53:c6:2b:95:ed:03:7a:28:b4:97:c3:
c4:1e:2b:a3:62:80:2f:7e:e4:6c:10:e7:38:06:03:30:41:12:
ea:da:60:0d:2c:3d:93:32:51:48:f4:82:99:a5:1a:be:da:35:
b3:55:4e:29
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUBoXP0qxawqNIc0A54TuSqOjDwscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzMwREU3MUY3Q0FFMTZDQTJEOERBQjZEMDFDQTQzRDcy
RkI0RkU2RTAeFw0yMjA0MTMxMTU1MDFaFw0yMzA0MTIxMjAwMDFaMDMxMTAvBgNV
BAMTKEUxMzhBMDQ5OTBEQUUzOEZDOTg1MjE5NzU0QkZCRUYyMTZCODlENTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/oDgu+iIj6Wze4Zl3BU0NRE7i
9l+L6Kz2DTYWT5GA7tb2XeU5A49r4jh2GHY0Xlt9lUYUc1ChXf10nB8wY++aP41i
vIFGC0DOwZiFgQGSfLciLlWJ4gMIcZDQSdFzcmw3ERViuqp07weQhlBrU1XmIhW7
pHvX2AQGsqH0IRQaw5U46FshGZCV3wqXm4XSakSnCbh5ffB8CpcKFs3qrR8+3WXo
nvIgZgxM4Ot620vkrKokqAFZlAj9fNBdLcUKQui2dOifdNoHzTK0ltUVSU2UaZLh
KjvbFblI1hS4BSlrn2I+Mb+gVJ5VaaFAEGR4rJhUk6cAFz3WT+uHjlMClH8xAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU4TigSZDa44/JhSGXVL++8ha4nVMwHwYDVR0j
BBgwFoAUww3nH3yuFsotjattAcpD1y+0/m4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
M2I1OWNlNC02NmEyLTRmNGQtYjNkNi05Mjk5NDg0YmE1NmIvMC9DMzBERTcxRjdD
QUUxNkNBMkQ4REFCNkQwMUNBNDNENzJGQjRGRTZFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzMwREU3MUY3Q0FFMTZDQTJEOERBQjZEMDFDQTQzRDcyRkI0
RkU2RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAzYjU5Y2U0LTY2YTItNGY0ZC1i
M2Q2LTkyOTk0ODRiYTU2Yi8wLzMxMzEzNDJlMzEzOTM4MmUzMjM0MzIyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzNTM1MzYzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBcsbyMA0GCSqG
SIb3DQEBCwUAA4IBAQBrVk1+tX9WXGVuePQR83CB2PdiQqzRMGUu9MtsZfTF+k0t
/sAOovMWdfRq99SQKbtamXYQZ4tgsz6qqOoayldL5QiGf6cs+g43MXBAM8ajYTnZ
a6L8aoEp6/wSP6VTT8Y9/9YCf/klmKAmjGguwfrE+i3iNh3J50E9k1G6ghc6rQ7O
NQRxSGgN6KDEP+8f94iPY2Aae37Rme18hmSGJVI93FrithkzonlRciWbKIEf1NY3
zHX6yMh50G3YRPPXsZdudGeTjssS5/6G4VTFU8Yrle0Deii0l8PEHiujYoAvfuRs
EOc4BgMwQRLq2mANLD2TMlFI9IKZpRq+2jWzVU4p
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:03:37 2025 by rpki-client