Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e36392e302f32342d3234203d3e203137383835.roa
File: 3131322e3231352e36392e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: aBsNF5vGbMuqDLDigmcDLGGhVNcE6fhJo+eTXzCmtQA=
Subject key identifier: 7C:E3:A5:2A:4C:6E:99:47:FF:DA:36:3C:86:1E:9F:B4:F1:2D:51:32
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 2241EE662BDE46C30A2239B0AC4A890450A38ED1
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e36392e302f32342d3234203d3e203137383835.roa
Signing time: Tue 05 Apr 2022 06:00:00 +0000
ROA not before: Tue 05 Apr 2022 05:55:00 +0000
ROA not after: Tue 04 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 112.215.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:41:ee:66:2b:de:46:c3:0a:22:39:b0:ac:4a:89:04:50:a3:8e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 5 05:55:00 2022 GMT
Not After : Apr 4 06:00:00 2023 GMT
Subject: CN=7CE3A52A4C6E9947FFDA363C861E9FB4F12D5132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e9:96:36:45:70:97:c8:5d:6b:cf:6e:57:df:
43:3e:20:fc:03:71:d7:24:cc:c8:c9:3e:d6:8f:1e:
4b:3a:09:3d:e4:22:12:44:77:11:c8:80:61:ba:67:
01:5f:e0:47:15:36:41:b7:a1:8f:59:5f:77:f7:91:
fd:7f:69:84:1e:a9:c7:2c:36:86:74:9f:c1:d7:c8:
1d:ab:24:97:05:ee:b2:fc:24:9c:2e:de:d7:76:48:
34:0c:4a:71:95:95:9f:00:aa:e4:b3:a0:06:e0:94:
78:92:76:62:f1:2a:9c:8a:84:3f:a4:0e:da:1f:bf:
d1:a0:12:34:9a:f7:fc:56:c3:83:75:c9:fb:45:99:
c6:bf:b1:f8:07:87:da:00:be:a1:75:ac:72:96:c1:
e0:06:47:b2:db:35:cd:e4:a0:9b:52:41:97:f2:4e:
56:19:4c:41:70:ce:75:23:53:9c:3e:5c:ba:f4:9a:
0d:13:34:dc:61:c4:87:1e:ec:a5:20:b9:34:31:42:
98:24:5e:3c:58:15:71:ea:d0:7c:89:27:fb:36:ad:
1e:be:71:92:a3:00:91:f8:20:69:4f:3e:fb:a3:9c:
75:e5:6d:17:39:87:03:bc:7d:38:a6:4b:da:27:ce:
85:1f:96:23:39:2f:22:96:28:cf:19:aa:08:ca:97:
a7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E3:A5:2A:4C:6E:99:47:FF:DA:36:3C:86:1E:9F:B4:F1:2D:51:32
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e36392e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.69.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ab:6a:22:3c:4c:20:9b:08:a9:f0:e4:ae:94:8f:f6:4b:17:
e7:99:24:a5:5a:8b:d3:93:d3:67:f8:84:d3:7c:8a:36:c4:f7:
52:0f:46:2f:b2:f4:b7:a8:d9:35:65:33:ca:6f:2d:60:75:b3:
f2:2a:31:36:67:2e:e7:04:50:b5:cd:b2:f2:ea:dd:84:cd:a5:
af:0d:fe:e3:ce:94:ec:74:87:e0:ea:e2:5c:9c:06:a4:d1:0c:
52:3b:88:03:14:be:e3:53:6c:cb:d8:e2:67:a1:76:b3:37:76:
39:54:3c:c9:3d:ea:32:65:6a:af:df:85:ef:80:8b:92:a9:99:
31:fc:f2:a9:4f:64:61:79:ca:fc:fd:b5:5c:81:b4:b8:66:1f:
24:88:cb:0d:0d:2a:81:a1:89:1a:db:84:8e:3c:e3:bd:4e:c4:
ad:a9:5a:0b:a7:ac:cc:11:cd:45:1c:67:4a:01:8f:1b:ed:ae:
ac:96:74:5e:71:a1:61:3b:27:10:f2:a3:ef:52:aa:fa:29:d9:
92:0b:fa:31:91:48:4d:46:32:ce:cb:1d:db:68:83:c0:ed:ce:
b5:fb:0c:24:20:5c:1f:a3:c8:c9:ab:ad:3a:46:6d:6a:96:c1:
6d:9a:88:83:f2:40:45:a7:74:d9:eb:5c:33:a5:3d:f1:d7:4b:
07:3b:98:d5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUIkHuZiveRsMKIjmwrEqJBFCjjtEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MDUwNTU1MDBaFw0yMzA0MDQwNjAwMDBaMDMxMTAvBgNV
BAMTKDdDRTNBNTJBNEM2RTk5NDdGRkRBMzYzQzg2MUU5RkI0RjEyRDUxMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+6ZY2RXCXyF1rz25X30M+IPwD
cdckzMjJPtaPHks6CT3kIhJEdxHIgGG6ZwFf4EcVNkG3oY9ZX3f3kf1/aYQeqccs
NoZ0n8HXyB2rJJcF7rL8JJwu3td2SDQMSnGVlZ8AquSzoAbglHiSdmLxKpyKhD+k
Dtofv9GgEjSa9/xWw4N1yftFmca/sfgHh9oAvqF1rHKWweAGR7LbNc3koJtSQZfy
TlYZTEFwznUjU5w+XLr0mg0TNNxhxIce7KUguTQxQpgkXjxYFXHq0HyJJ/s2rR6+
cZKjAJH4IGlPPvujnHXlbRc5hwO8fTimS9onzoUfliM5LyKWKM8ZqgjKl6cDAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUfOOlKkxumUf/2jY8hh6ftPEtUTIwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzEzMjJlMzIzMTM1MmUzNjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM4MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHDXRTANBgkqhkiG
9w0BAQsFAAOCAQEAPatqIjxMIJsIqfDkrpSP9ksX55kkpVqL05PTZ/iE03yKNsT3
Ug9GL7L0t6jZNWUzym8tYHWz8ioxNmcu5wRQtc2y8urdhM2lrw3+486U7HSH4Ori
XJwGpNEMUjuIAxS+41Nsy9jiZ6F2szd2OVQ8yT3qMmVqr9+F74CLkqmZMfzyqU9k
YXnK/P21XIG0uGYfJIjLDQ0qgaGJGtuEjjzjvU7EralaC6eszBHNRRxnSgGPG+2u
rJZ0XnGhYTsnEPKj71Kq+inZkgv6MZFITUYyzssd22iDwO3OtfsMJCBcH6PIyaut
OkZtapbBbZqIg/JARad02etcM6U98ddLBzuY1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:28:51 2025 by rpki-client