Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313431393034.roa
File: 3130332e3136342e36392e302f32342d3234203d3e20313431393034.roa (raw, json)
Hash identifier: e2bMQnZhs1HOVeJUc5ZUpnsyJBxgt/Bkmz6+JWqufYg=
Subject key identifier: F2:EC:91:A5:8C:65:AA:ED:F0:47:C3:02:03:6B:36:DB:73:1C:C1:91
Certificate issuer: /CN=157A25D171E1AD2FAB695F49BDC2555755B6ED7D
Certificate serial: 3E9157E122B8E1AC668B163A23FAB3470698D0F3
Authority key identifier: 15:7A:25:D1:71:E1:AD:2F:AB:69:5F:49:BD:C2:55:57:55:B6:ED:7D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313431393034.roa
Signing time: Fri 20 Jan 2023 19:29:18 +0000
ROA not before: Fri 20 Jan 2023 19:24:18 +0000
ROA not after: Fri 19 Jan 2024 19:29:18 +0000
asID: 141904
IP address blocks: 103.164.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:91:57:e1:22:b8:e1:ac:66:8b:16:3a:23:fa:b3:47:06:98:d0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=157A25D171E1AD2FAB695F49BDC2555755B6ED7D
Validity
Not Before: Jan 20 19:24:18 2023 GMT
Not After : Jan 19 19:29:18 2024 GMT
Subject: CN=F2EC91A58C65AAEDF047C302036B36DB731CC191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:39:aa:0a:6d:bc:e5:fc:d0:50:e7:8d:72:
0a:94:a8:2a:de:e2:3b:07:e7:bf:f7:f6:cd:79:49:
f4:67:c3:5e:81:21:e9:40:7c:f7:98:a1:52:59:e7:
66:b6:fb:ff:f6:5b:fb:3b:41:30:bd:ca:f6:33:1e:
8f:52:87:87:b6:05:bd:f2:bd:bf:d3:f6:72:90:15:
2c:0c:f0:ca:90:37:2e:90:5f:cc:29:8e:5e:a8:06:
6a:ea:35:b1:8c:4b:38:c4:f4:df:2e:3b:ba:c0:11:
c2:a7:e9:5c:ea:8a:3c:bd:3c:ad:c6:6f:eb:b6:ec:
cd:52:5c:bf:b1:98:9e:77:e7:b3:2a:6d:71:0d:50:
1f:a4:a1:e1:86:eb:01:94:cf:d6:a1:d5:d3:29:4c:
fa:6d:60:c2:a2:62:12:a5:98:1d:a8:65:74:7b:af:
10:d4:c7:76:8d:8d:30:19:a7:60:42:ba:3c:3b:32:
cc:e9:91:bd:aa:4b:c0:dc:a9:a3:9a:fb:1e:3d:f1:
b3:e6:5f:28:cb:3e:b5:b6:26:e5:79:c5:76:a6:96:
2b:1e:e1:64:2c:35:f0:e3:b1:65:69:b5:cb:bb:1f:
fa:f4:58:58:10:eb:e4:52:69:3e:ff:fd:d8:2a:f4:
c7:65:e3:43:f5:58:bc:29:3d:c7:d0:51:39:00:a4:
29:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EC:91:A5:8C:65:AA:ED:F0:47:C3:02:03:6B:36:DB:73:1C:C1:91
X509v3 Authority Key Identifier:
keyid:15:7A:25:D1:71:E1:AD:2F:AB:69:5F:49:BD:C2:55:57:55:B6:ED:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313431393034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.164.69.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:40:bc:df:49:df:62:e2:1c:ab:fc:03:ae:64:aa:b7:31:5f:
a9:d0:5d:43:30:51:2a:37:1f:84:ec:3f:f6:dd:c8:0f:0a:ef:
b8:7f:8e:48:75:97:80:66:00:61:0b:34:59:36:03:57:1a:12:
91:33:00:39:fb:fd:64:97:d6:8b:8c:61:fa:90:28:96:0b:5a:
38:33:ce:f7:d0:34:70:cc:a5:a6:76:11:2a:34:14:78:7a:5b:
07:67:60:75:fc:0f:9d:02:62:0f:c0:9c:a9:1b:ad:86:00:7b:
af:98:be:bd:1f:1c:dc:0f:e9:35:ef:93:c0:1f:60:23:67:97:
1e:dc:b6:f5:71:0f:b6:4d:05:42:8f:8e:c1:30:ff:f4:84:b5:
45:ea:1e:73:d5:93:73:ca:36:7b:c6:2f:77:27:12:fc:de:9c:
96:8e:f6:fc:38:6c:05:b7:2d:54:bc:59:40:5c:7b:a0:8d:2c:
e3:df:7d:d8:1e:d3:64:3c:a0:79:c8:c3:01:ac:24:77:21:3a:
02:3b:6b:17:a6:af:21:29:39:4b:4e:c2:b7:36:2b:a2:50:bf:
a4:dc:05:0c:d6:fe:16:f9:7d:af:ed:bb:91:19:a3:f0:ef:c7:
64:12:9f:82:c8:51:51:d6:cc:d8:aa:db:00:00:ab:af:d6:36:
c4:ae:33:2a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUPpFX4SK44axmixY6I/qzRwaY0PMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU3QTI1RDE3MUUxQUQyRkFCNjk1RjQ5QkRDMjU1NTc1
NUI2RUQ3RDAeFw0yMzAxMjAxOTI0MThaFw0yNDAxMTkxOTI5MThaMDMxMTAvBgNV
BAMTKEYyRUM5MUE1OEM2NUFBRURGMDQ3QzMwMjAzNkIzNkRCNzMxQ0MxOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs4zmqCm285fzQUOeNcgqUqCre
4jsH57/39s15SfRnw16BIelAfPeYoVJZ52a2+//2W/s7QTC9yvYzHo9Sh4e2Bb3y
vb/T9nKQFSwM8MqQNy6QX8wpjl6oBmrqNbGMSzjE9N8uO7rAEcKn6Vzqijy9PK3G
b+u27M1SXL+xmJ5357MqbXENUB+koeGG6wGUz9ah1dMpTPptYMKiYhKlmB2oZXR7
rxDUx3aNjTAZp2BCujw7Mszpkb2qS8DcqaOa+x498bPmXyjLPrW2JuV5xXamlise
4WQsNfDjsWVptcu7H/r0WFgQ6+RSaT7//dgq9Mdl40P1WLwpPcfQUTkApCnnAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU8uyRpYxlqu3wR8MCA2s223McwZEwHwYDVR0j
BBgwFoAUFXol0XHhrS+raV9JvcJVV1W27X0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZGI2YjNiYy1mYTY1LTQ5ZjMtYWY2MS0wZDVkYzM5MzM0YTEvMC8xNTdBMjVEMTcx
RTFBRDJGQUI2OTVGNDlCREMyNTU1NzU1QjZFRDdELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU3QTI1RDE3MUUxQUQyRkFCNjk1RjQ5QkRDMjU1NTc1NUI2
RUQ3RC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkYjZiM2JjLWZhNjUtNDlmMy1h
ZjYxLTBkNWRjMzkzMzRhMS8wLzMxMzAzMzJlMzEzNjM0MmUzNjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzkzMDM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6RFMA0GCSqG
SIb3DQEBCwUAA4IBAQAaQLzfSd9i4hyr/AOuZKq3MV+p0F1DMFEqNx+E7D/23cgP
Cu+4f45IdZeAZgBhCzRZNgNXGhKRMwA5+/1kl9aLjGH6kCiWC1o4M8730DRwzKWm
dhEqNBR4elsHZ2B1/A+dAmIPwJypG62GAHuvmL69HxzcD+k175PAH2AjZ5ce3Lb1
cQ+2TQVCj47BMP/0hLVF6h5z1ZNzyjZ7xi93JxL83pyWjvb8OGwFty1UvFlAXHug
jSzj333YHtNkPKB5yMMBrCR3IToCO2sXpq8hKTlLTsK3NiuiUL+k3AUM1v4W+X2v
7buRGaPw78dkEp+CyFFR1szYqtsAAKuv1jbErjMq
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:06 2024 by rpki-client on console-fra.rpki-client.org