Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3233302e302f32342d3234203d3e203137383835.roa
File: 3230322e3135322e3233302e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: ERwIOR8uoTvIXZHes2U3pbBX09hnMgMkE0sokrRVaHE=
Subject key identifier: 8D:FA:26:4F:20:E2:BE:2D:F6:5C:6A:96:B3:4A:74:B0:A9:02:3E:78
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 1A49F09CAF407D3C9FFBF4B03907A3AEB7FF0DAA
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3233302e302f32342d3234203d3e203137383835.roa
Signing time: Wed 20 Apr 2022 06:00:00 +0000
ROA not before: Wed 20 Apr 2022 05:55:00 +0000
ROA not after: Wed 19 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 202.152.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:49:f0:9c:af:40:7d:3c:9f:fb:f4:b0:39:07:a3:ae:b7:ff:0d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 20 05:55:00 2022 GMT
Not After : Apr 19 06:00:00 2023 GMT
Subject: CN=8DFA264F20E2BE2DF65C6A96B34A74B0A9023E78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:35:53:9d:32:bf:02:0e:68:49:31:93:55:2a:
3a:7f:cc:68:36:80:18:90:08:6e:9a:04:4b:b4:9e:
48:e7:e8:a2:bc:3b:ca:33:cd:fb:83:18:47:d7:32:
e2:1d:f4:3e:a1:c2:4b:4d:0d:00:ce:c0:7c:4a:6f:
11:e8:c7:d1:4e:8d:af:78:b5:6d:3a:4b:10:b8:df:
89:69:b8:ea:f0:f4:90:db:5a:b9:82:cf:08:bd:49:
57:7e:9a:18:d4:b4:f8:78:09:34:5a:2f:56:8e:9c:
e1:f4:6d:95:c1:5b:10:07:83:00:df:b5:bf:2c:2e:
84:b9:4a:38:84:1a:59:c6:3f:e9:3b:c5:d5:d0:7a:
31:85:77:81:35:0b:e4:2e:a5:4a:90:3d:a0:79:df:
e6:92:b1:1a:bb:d0:af:ff:18:9b:dc:32:90:3e:84:
3d:ab:dd:4e:1b:db:df:68:ed:75:40:c5:2e:1e:71:
2b:24:1b:42:e5:b1:50:1d:8b:56:e5:16:c4:56:00:
ea:00:ef:5b:50:a4:9f:3e:ea:a8:0b:01:a1:2b:5b:
fd:e7:9b:0d:52:e3:a3:08:6f:14:28:27:3a:a5:91:
ff:e2:b7:5e:01:92:3a:64:82:ae:75:85:eb:ce:f0:
f4:eb:82:dd:00:4c:21:ac:25:2e:24:28:f3:4d:af:
d2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FA:26:4F:20:E2:BE:2D:F6:5C:6A:96:B3:4A:74:B0:A9:02:3E:78
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3230322e3135322e3233302e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
25:00:f8:95:4c:0d:fd:a3:b1:44:8f:08:81:c8:51:d1:20:aa:
81:ad:86:ee:8d:28:d3:ed:1f:0e:d7:2d:43:08:e9:ff:9a:86:
b5:df:2e:e7:5b:c6:5c:98:13:37:79:82:ea:05:ee:2f:ea:e4:
e7:e2:f5:7a:05:d9:18:79:48:ab:8c:77:fd:91:b6:49:0f:f4:
f8:0c:e2:f2:0f:24:fe:74:f7:3b:5a:b9:34:82:fd:78:66:1a:
f2:1e:f0:90:20:9b:eb:6f:b2:4f:13:90:27:b0:12:be:b2:63:
58:7e:ef:bc:79:f8:2e:aa:3c:3e:2a:96:4e:98:0e:75:bd:82:
8d:39:ea:7f:78:44:02:85:4a:c0:ef:75:e9:72:e5:7a:ae:4e:
d3:a2:80:8a:17:c0:90:54:85:65:79:f2:38:84:b8:55:f5:63:
d7:6e:81:24:10:e0:f6:c4:a9:2b:c2:a1:e3:48:cb:c0:0d:57:
dd:35:28:14:b4:79:e6:4b:e2:43:2f:43:25:0b:ec:45:25:03:
c7:1c:c7:2b:9f:ad:5a:81:38:31:03:4a:79:88:31:55:18:73:
74:cb:b1:78:db:25:a1:0b:d9:bd:a5:72:a5:cc:2f:dd:cf:95:
f7:ea:d5:2d:c1:3b:fa:4d:ac:96:34:d3:df:c4:73:b2:e1:f6:
56:84:37:79
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUGknwnK9AfTyf+/SwOQejrrf/DaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MjAwNTU1MDBaFw0yMzA0MTkwNjAwMDBaMDMxMTAvBgNV
BAMTKDhERkEyNjRGMjBFMkJFMkRGNjVDNkE5NkIzNEE3NEIwQTkwMjNFNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFNVOdMr8CDmhJMZNVKjp/zGg2
gBiQCG6aBEu0nkjn6KK8O8ozzfuDGEfXMuId9D6hwktNDQDOwHxKbxHox9FOja94
tW06SxC434lpuOrw9JDbWrmCzwi9SVd+mhjUtPh4CTRaL1aOnOH0bZXBWxAHgwDf
tb8sLoS5SjiEGlnGP+k7xdXQejGFd4E1C+QupUqQPaB53+aSsRq70K//GJvcMpA+
hD2r3U4b299o7XVAxS4ecSskG0LlsVAdi1blFsRWAOoA71tQpJ8+6qgLAaErW/3n
mw1S46MIbxQoJzqlkf/it14Bkjpkgq51hevO8PTrgt0ATCGsJS4kKPNNr9KFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUjfomTyDivi32XGqWs0p0sKkCPngwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMyMzAzMjJlMzEzNTMyMmUzMjMzMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM3MzgzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAypjmMA0GCSqG
SIb3DQEBCwUAA4IBAQAlAPiVTA39o7FEjwiByFHRIKqBrYbujSjT7R8O1y1DCOn/
moa13y7nW8ZcmBM3eYLqBe4v6uTn4vV6BdkYeUirjHf9kbZJD/T4DOLyDyT+dPc7
Wrk0gv14ZhryHvCQIJvrb7JPE5AnsBK+smNYfu+8efguqjw+KpZOmA51vYKNOep/
eEQChUrA73XpcuV6rk7TooCKF8CQVIVlefI4hLhV9WPXboEkEOD2xKkrwqHjSMvA
DVfdNSgUtHnmS+JDL0MlC+xFJQPHHMcrn61agTgxA0p5iDFVGHN0y7F42yWhC9m9
pXKlzC/dz5X36tUtwTv6TayWNNPfxHOy4fZWhDd5
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:28:49 2025 by rpki-client