Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa
File: 3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa (raw, json)
Hash identifier: +n84ekOQjTQlJim4Da1heQScHv/2w+w2w4pleCqRfro=
Subject key identifier: 5C:92:DC:31:25:E4:5F:BD:60:81:31:22:9F:B2:03:15:9E:F9:10:89
Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF
Certificate serial: 0C300489E3497A81CAD84CB79CF98861258865F4
Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa
Signing time: Sun 11 Aug 2024 11:00:05 +0000
ROA not before: Sun 11 Aug 2024 10:55:05 +0000
ROA not after: Sun 10 Aug 2025 11:00:05 +0000
asID: 63859
IP address blocks: 158.140.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:30:04:89:e3:49:7a:81:ca:d8:4c:b7:9c:f9:88:61:25:88:65:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF
Validity
Not Before: Aug 11 10:55:05 2024 GMT
Not After : Aug 10 11:00:05 2025 GMT
Subject: CN=5C92DC3125E45FBD608131229FB203159EF91089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d9:ec:41:70:3d:2d:81:e4:08:71:fb:7d:94:
37:e5:97:8c:d3:86:51:ee:e1:46:a9:82:8b:6e:25:
b1:72:90:8a:7f:db:bb:ce:de:2d:39:17:ff:e6:c1:
33:40:fa:ee:cc:29:95:78:fa:67:9a:25:7a:60:0a:
f6:9d:3d:6e:1d:a9:e7:39:10:b0:09:07:8b:c0:45:
70:46:76:22:63:ea:eb:69:3b:35:f2:f7:ce:6f:38:
6a:5e:6d:82:c9:ec:aa:b8:ed:49:c5:21:86:f8:25:
d9:06:ff:ea:f9:3e:9e:5f:67:9a:86:87:64:27:3d:
d0:21:b2:e0:29:02:a2:bb:2f:b1:92:70:39:f7:be:
1f:88:94:2a:71:7d:45:15:94:15:d6:63:9a:0f:3a:
fc:3c:5c:bd:1a:bc:9d:28:60:b2:f9:57:2b:57:03:
4a:ad:69:4a:0b:5b:de:67:52:b3:56:91:67:e4:3e:
1c:06:5f:40:40:fb:0f:4d:cf:c3:e9:a5:ff:1b:a7:
59:90:a3:7f:32:0d:f7:aa:f1:ac:3a:02:88:6c:0d:
df:43:ea:bb:10:f6:33:7e:ca:8a:41:6d:24:e8:8e:
45:4e:8c:d2:c7:14:3b:1a:b1:12:c8:ac:f5:04:73:
ba:d6:98:89:21:35:4b:db:a9:63:9d:71:5c:12:a0:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:92:DC:31:25:E4:5F:BD:60:81:31:22:9F:B2:03:15:9E:F9:10:89
X509v3 Authority Key Identifier:
keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.140.172.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ce:1b:71:28:36:6c:04:d6:6c:a3:8c:78:9d:47:59:8d:e0:
7d:97:97:d8:8a:69:5a:c0:cd:c0:b1:d6:be:de:90:57:cf:fd:
2a:84:de:32:39:2a:a3:eb:b5:30:a8:de:16:b3:9e:80:c1:15:
fa:f5:d5:9d:2e:13:01:a9:20:ae:2f:7e:7b:51:27:18:2d:61:
8b:71:d8:49:df:e3:fe:68:9d:e9:ff:dd:e3:6d:6e:5c:08:40:
c7:3c:3d:72:a2:28:b0:9c:a3:aa:29:0d:26:96:11:7a:ae:0e:
34:82:72:47:bb:5e:4a:96:12:79:af:d9:1b:4a:7c:d9:0e:60:
a9:77:1d:ea:c2:ca:88:99:f1:aa:28:76:30:17:43:2b:5e:c0:
e2:17:ef:9a:4d:92:57:5e:1b:b2:60:fc:1d:87:20:7e:86:0a:
3f:4c:d2:27:98:fc:4f:69:97:20:92:88:96:32:ee:be:b7:d9:
78:54:ba:3a:57:2f:50:3f:fe:41:1c:16:db:b6:63:3d:16:fd:
7e:0d:7d:55:f5:ad:08:ef:1d:46:48:4e:31:e1:39:40:fe:54:
65:d9:70:ef:8e:d2:60:7c:df:b2:60:84:d4:76:a1:20:78:d4:
de:09:a8:e9:22:dc:48:2c:94:32:27:e3:b5:ad:cf:70:d0:c8:
9a:aa:a8:91
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDDAEieNJeoHK2Ey3nPmIYSWIZfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0
NzBFOEZDRjAeFw0yNDA4MTExMDU1MDVaFw0yNTA4MTAxMTAwMDVaMDMxMTAvBgNV
BAMTKDVDOTJEQzMxMjVFNDVGQkQ2MDgxMzEyMjlGQjIwMzE1OUVGOTEwODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW2exBcD0tgeQIcft9lDfll4zT
hlHu4UapgotuJbFykIp/27vO3i05F//mwTNA+u7MKZV4+meaJXpgCvadPW4dqec5
ELAJB4vARXBGdiJj6utpOzXy985vOGpebYLJ7Kq47UnFIYb4JdkG/+r5Pp5fZ5qG
h2QnPdAhsuApAqK7L7GScDn3vh+IlCpxfUUVlBXWY5oPOvw8XL0avJ0oYLL5VytX
A0qtaUoLW95nUrNWkWfkPhwGX0BA+w9Nz8Pppf8bp1mQo38yDfeq8aw6AohsDd9D
6rsQ9jN+yopBbSTojkVOjNLHFDsasRLIrPUEc7rWmIkhNUvbqWOdcVwSoArHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUXJLcMSXkX71ggTEin7IDFZ75EIkwHwYDVR0j
BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC
QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF
OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04
NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM3MzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoysMA0GCSqG
SIb3DQEBCwUAA4IBAQBSzhtxKDZsBNZso4x4nUdZjeB9l5fYimlawM3Asda+3pBX
z/0qhN4yOSqj67UwqN4Ws56AwRX69dWdLhMBqSCuL357UScYLWGLcdhJ3+P+aJ3p
/93jbW5cCEDHPD1yoiiwnKOqKQ0mlhF6rg40gnJHu15KlhJ5r9kbSnzZDmCpdx3q
wsqImfGqKHYwF0MrXsDiF++aTZJXXhuyYPwdhyB+hgo/TNInmPxPaZcgkoiWMu6+
t9l4VLo6Vy9QP/5BHBbbtmM9Fv1+DX1V9a0I7x1GSE4x4TlA/lRl2XDvjtJgfN+y
YITUdqEgeNTeCajpItxILJQyJ+O1rc9w0MiaqqiR
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:08:31 2025 by rpki-client