Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313439393434.roa
File: 3130332e3136342e36392e302f32342d3234203d3e20313439393434.roa (raw, json)
Hash identifier: rNoNsq6PYh6Hzs+ovLdhuBexAsN6KR8Uazk+EXriJCw=
Subject key identifier: 90:9D:78:F6:8A:18:28:28:41:96:3A:99:42:75:54:BF:BA:E6:66:E7
Certificate issuer: /CN=157A25D171E1AD2FAB695F49BDC2555755B6ED7D
Certificate serial: 3886266E1A8208962DEC579EBA5E99E0569A6BF9
Authority key identifier: 15:7A:25:D1:71:E1:AD:2F:AB:69:5F:49:BD:C2:55:57:55:B6:ED:7D
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313439393434.roa
Signing time: Tue 10 Jan 2023 13:01:36 +0000
ROA not before: Tue 10 Jan 2023 12:56:36 +0000
ROA not after: Tue 09 Jan 2024 13:01:36 +0000
asID: 149944
IP address blocks: 103.164.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:86:26:6e:1a:82:08:96:2d:ec:57:9e:ba:5e:99:e0:56:9a:6b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=157A25D171E1AD2FAB695F49BDC2555755B6ED7D
Validity
Not Before: Jan 10 12:56:36 2023 GMT
Not After : Jan 9 13:01:36 2024 GMT
Subject: CN=909D78F68A18282841963A99427554BFBAE666E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:32:c1:2c:47:c3:b5:2e:20:7e:4b:3a:8e:4f:
ae:f5:da:d1:46:b4:50:3a:64:f9:74:35:d1:c5:9c:
38:8b:bf:2a:e2:08:5e:fe:3e:1b:ca:f2:40:0c:f0:
f0:80:79:cc:e1:71:a5:a0:19:47:f8:8e:67:0e:fe:
de:d5:a3:be:87:df:9b:ca:c6:2f:b4:55:94:05:8f:
6f:35:f5:63:f8:ff:80:ed:cb:6c:e5:73:5c:84:d9:
92:d9:de:2a:2d:6a:7d:74:ba:64:30:e4:c2:ee:b8:
a5:ef:5f:98:c0:38:a7:f8:58:f7:11:e9:58:b7:10:
da:ad:d8:c7:7b:79:9f:52:36:26:43:a3:30:5d:64:
29:00:48:4f:a9:c6:9c:b1:8a:32:0b:5e:ce:aa:6c:
e3:e7:b8:fb:d2:96:45:94:73:97:1d:22:7f:a9:7d:
97:f7:e1:31:6c:22:41:22:fc:ce:b8:cb:96:25:37:
b2:5f:d6:0a:f2:76:95:d2:46:01:e5:ff:ea:66:06:
43:67:fa:39:a5:4e:60:eb:6d:46:c3:dc:0c:f2:0d:
15:f4:71:e5:1f:87:2b:5c:30:54:08:d0:cf:b1:a4:
c6:26:32:f3:5c:c3:d8:27:d8:70:05:29:6f:48:40:
e0:e3:ae:94:6d:5b:27:9d:7d:bb:e6:3a:ee:b2:73:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9D:78:F6:8A:18:28:28:41:96:3A:99:42:75:54:BF:BA:E6:66:E7
X509v3 Authority Key Identifier:
keyid:15:7A:25:D1:71:E1:AD:2F:AB:69:5F:49:BD:C2:55:57:55:B6:ED:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/157A25D171E1AD2FAB695F49BDC2555755B6ED7D.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3db6b3bc-fa65-49f3-af61-0d5dc39334a1/0/3130332e3136342e36392e302f32342d3234203d3e20313439393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.164.69.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:10:f6:41:91:08:b9:a0:96:92:d0:21:e6:a8:77:7b:45:47:
1f:5a:ff:8a:4b:93:c9:e4:38:2c:92:b9:32:f1:31:8b:1a:5e:
2a:d6:de:6b:04:69:86:67:5f:ac:04:34:59:21:b6:1f:f6:a0:
6a:97:b7:7c:a5:6e:74:e3:bf:20:db:af:30:ab:a2:b0:72:77:
ba:9a:5b:a8:48:91:bb:5c:fd:83:cf:f9:82:b9:a0:ce:62:b5:
27:85:8a:13:06:88:cf:35:c7:c6:56:fd:a7:0f:e2:3f:71:cc:
0d:02:10:bb:86:98:ee:19:1c:ad:01:e8:61:ab:55:71:5b:93:
bc:07:ca:66:91:9b:17:4b:ad:40:ea:27:c1:eb:52:71:d0:40:
90:96:11:52:f6:88:59:85:0e:2a:08:83:14:f5:60:ed:93:98:
62:79:ba:08:37:dd:75:5f:32:0f:d9:27:8c:5a:72:95:e4:55:
ce:54:d7:78:bb:e1:39:0c:62:ce:f2:90:dc:4f:27:44:59:31:
a7:0e:67:57:22:e3:b6:ed:2b:88:ed:f3:9c:0f:fe:89:c0:fa:
70:b5:80:a2:16:eb:ae:83:f7:09:a0:e4:95:7c:4f:ab:65:1d:
09:b8:05:96:f7:27:16:46:b4:e0:62:a6:4e:37:e1:b3:93:97:
a4:7f:da:0b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUOIYmbhqCCJYt7Feeul6Z4Faaa/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU3QTI1RDE3MUUxQUQyRkFCNjk1RjQ5QkRDMjU1NTc1
NUI2RUQ3RDAeFw0yMzAxMTAxMjU2MzZaFw0yNDAxMDkxMzAxMzZaMDMxMTAvBgNV
BAMTKDkwOUQ3OEY2OEExODI4Mjg0MTk2M0E5OTQyNzU1NEJGQkFFNjY2RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOMsEsR8O1LiB+SzqOT6712tFG
tFA6ZPl0NdHFnDiLvyriCF7+PhvK8kAM8PCAeczhcaWgGUf4jmcO/t7Vo76H35vK
xi+0VZQFj2819WP4/4Dty2zlc1yE2ZLZ3iotan10umQw5MLuuKXvX5jAOKf4WPcR
6Vi3ENqt2Md7eZ9SNiZDozBdZCkASE+pxpyxijILXs6qbOPnuPvSlkWUc5cdIn+p
fZf34TFsIkEi/M64y5YlN7Jf1grydpXSRgHl/+pmBkNn+jmlTmDrbUbD3AzyDRX0
ceUfhytcMFQI0M+xpMYmMvNcw9gn2HAFKW9IQODjrpRtWyedfbvmOu6yc6qRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUkJ149ooYKChBljqZQnVUv7rmZucwHwYDVR0j
BBgwFoAUFXol0XHhrS+raV9JvcJVV1W27X0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZGI2YjNiYy1mYTY1LTQ5ZjMtYWY2MS0wZDVkYzM5MzM0YTEvMC8xNTdBMjVEMTcx
RTFBRDJGQUI2OTVGNDlCREMyNTU1NzU1QjZFRDdELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU3QTI1RDE3MUUxQUQyRkFCNjk1RjQ5QkRDMjU1NTc1NUI2
RUQ3RC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkYjZiM2JjLWZhNjUtNDlmMy1h
ZjYxLTBkNWRjMzkzMzRhMS8wLzMxMzAzMzJlMzEzNjM0MmUzNjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDM5MzkzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ6RFMA0GCSqG
SIb3DQEBCwUAA4IBAQB9EPZBkQi5oJaS0CHmqHd7RUcfWv+KS5PJ5Dgskrky8TGL
Gl4q1t5rBGmGZ1+sBDRZIbYf9qBql7d8pW50478g268wq6Kwcne6mluoSJG7XP2D
z/mCuaDOYrUnhYoTBojPNcfGVv2nD+I/ccwNAhC7hpjuGRytAehhq1VxW5O8B8pm
kZsXS61A6ifB61Jx0ECQlhFS9ohZhQ4qCIMU9WDtk5hieboIN911XzIP2SeMWnKV
5FXOVNd4u+E5DGLO8pDcTydEWTGnDmdXIuO27SuI7fOcD/6JwPpwtYCiFuuug/cJ
oOSVfE+rZR0JuAWW9ycWRrTgYqZON+Gzk5ekf9oL
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:06 2024 by rpki-client on console-fra.rpki-client.org