Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e34312e302f32342d3234203d3e203137383835.roa
File: 3131322e3231352e34312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: E0C5bsTZ6tGlDiAhBRfz16pLEpGp4p2YyyJv4UqmcYE=
Subject key identifier: 02:36:50:EC:BC:8E:57:D6:9F:17:87:42:43:2D:7B:6A:D5:C2:7C:3C
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 48BE8D2F5A3219E33775392D0380EFF105AFE1C1
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e34312e302f32342d3234203d3e203137383835.roa
Signing time: Sat 02 Apr 2022 04:00:00 +0000
ROA not before: Sat 02 Apr 2022 03:55:00 +0000
ROA not after: Sat 01 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 112.215.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:be:8d:2f:5a:32:19:e3:37:75:39:2d:03:80:ef:f1:05:af:e1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 2 03:55:00 2022 GMT
Not After : Apr 1 04:00:00 2023 GMT
Subject: CN=023650ECBC8E57D69F178742432D7B6AD5C27C3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5b:f0:6d:43:21:d1:ff:f1:06:bd:8b:32:2c:
46:08:c4:be:b5:22:db:64:14:2e:a6:38:e1:cc:b0:
9e:2b:b7:0b:68:41:4c:7b:4a:52:aa:4f:95:2f:6e:
67:b2:38:6b:8f:5a:f2:b0:df:48:ec:90:dc:a3:fc:
a8:79:58:54:b3:d9:79:b7:5c:18:a8:9a:70:4b:12:
12:87:da:30:8e:a2:31:06:86:2e:16:d2:d9:a3:77:
62:57:cf:64:43:2a:3b:f5:df:a8:99:c1:4a:a2:e0:
92:09:90:b8:ef:e1:21:ee:50:38:83:09:e8:da:66:
d0:17:ab:c9:e0:29:0c:db:e2:c8:d5:38:9a:db:e6:
c1:72:8a:2e:8a:6d:81:cf:3d:0f:0e:97:12:b4:3e:
7a:97:3b:d1:52:4f:ce:70:56:9e:1b:07:21:07:09:
0f:08:f0:00:32:27:dd:04:fa:13:f3:97:2a:64:a0:
f9:44:1c:20:5d:fc:82:a8:b1:04:15:f3:66:1b:f8:
e5:22:c2:3d:96:2b:bb:57:21:88:0d:77:01:66:b4:
7a:9b:d3:ed:1f:ca:76:be:22:dc:95:b0:f6:dc:67:
77:64:8f:0c:7e:cc:cc:20:20:72:29:4a:19:cd:6a:
0b:62:08:1c:ed:ba:11:01:8f:8b:3e:f1:5a:4b:d3:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:36:50:EC:BC:8E:57:D6:9F:17:87:42:43:2D:7B:6A:D5:C2:7C:3C
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e34312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.41.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:e2:16:fc:f0:ab:d6:cb:9e:03:18:e9:db:97:13:c9:fb:f2:
22:53:a2:20:37:9b:41:1a:3c:eb:d9:31:da:5d:98:81:c5:6c:
fa:5a:5d:b8:81:51:24:4f:48:a7:b4:43:9e:cc:23:31:7b:f0:
b4:ab:6e:0c:99:da:79:4d:33:fd:67:70:e4:16:eb:c9:e6:21:
bf:59:9a:c6:c9:a7:0c:a1:fe:35:bd:32:17:c4:1d:12:21:f2:
be:fa:a5:56:41:5a:2b:4e:f5:1e:e9:65:d7:99:c5:6b:d3:c1:
7a:83:c5:35:8f:6b:b1:19:cb:31:0e:c8:36:64:ab:65:ac:f3:
63:68:a8:0d:89:0c:28:43:b1:2e:53:af:a9:68:ee:8e:62:ad:
b8:fa:03:3d:56:b0:28:f5:b6:27:2b:b1:86:14:cb:13:d1:da:
97:f1:8d:a9:f2:2d:f1:a0:27:09:6e:97:8f:7c:c4:d3:bc:e0:
47:ea:4f:9f:d3:8d:be:f3:80:dd:2f:47:31:d7:9d:86:77:a3:
1a:06:51:13:4a:d2:5b:da:fe:e6:67:71:24:aa:50:6e:c4:fa:
70:04:d2:89:61:88:ab:9e:6e:51:2b:cf:48:6e:b6:c6:4b:98:
17:f4:02:af:70:bf:3c:fd:02:04:e2:d9:52:97:67:c7:ec:a9:
47:07:be:35
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUSL6NL1oyGeM3dTktA4Dv8QWv4cEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MDIwMzU1MDBaFw0yMzA0MDEwNDAwMDBaMDMxMTAvBgNV
BAMTKDAyMzY1MEVDQkM4RTU3RDY5RjE3ODc0MjQzMkQ3QjZBRDVDMjdDM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCW/BtQyHR//EGvYsyLEYIxL61
IttkFC6mOOHMsJ4rtwtoQUx7SlKqT5UvbmeyOGuPWvKw30jskNyj/Kh5WFSz2Xm3
XBiomnBLEhKH2jCOojEGhi4W0tmjd2JXz2RDKjv136iZwUqi4JIJkLjv4SHuUDiD
CejaZtAXq8ngKQzb4sjVOJrb5sFyii6KbYHPPQ8OlxK0PnqXO9FST85wVp4bByEH
CQ8I8AAyJ90E+hPzlypkoPlEHCBd/IKosQQV82Yb+OUiwj2WK7tXIYgNdwFmtHqb
0+0fyna+ItyVsPbcZ3dkjwx+zMwgIHIpShnNagtiCBztuhEBj4s+8VpL01ubAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUAjZQ7LyOV9afF4dCQy17atXCfDwwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzEzMjJlMzIzMTM1MmUzNDMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM4MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHDXKTANBgkqhkiG
9w0BAQsFAAOCAQEAL+IW/PCr1sueAxjp25cTyfvyIlOiIDebQRo869kx2l2YgcVs
+lpduIFRJE9Ip7RDnswjMXvwtKtuDJnaeU0z/Wdw5BbryeYhv1maxsmnDKH+Nb0y
F8QdEiHyvvqlVkFaK071Hull15nFa9PBeoPFNY9rsRnLMQ7INmSrZazzY2ioDYkM
KEOxLlOvqWjujmKtuPoDPVawKPW2JyuxhhTLE9Hal/GNqfIt8aAnCW6Xj3zE07zg
R+pPn9ONvvOA3S9HMdedhnejGgZRE0rSW9r+5mdxJKpQbsT6cATSiWGIq55uUSvP
SG62xkuYF/QCr3C/PP0CBOLZUpdnx+ypRwe+NQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:28:48 2025 by rpki-client