Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e20313331363931.roa
File: 3232302e3135372e39362e302f32302d3234203d3e20313331363931.roa (raw, json)
Hash identifier: pV1LGYRrOQrUWKt/TIiuB0+VNPNkbUYgbdJRsj5b088=
Subject key identifier: 3A:92:3A:10:0F:B8:6C:9C:1E:2A:A2:80:7D:D2:77:13:48:E6:32:C8
Certificate issuer: /CN=BF3B675AEBEE64D00B323056545D1F630F1C489E
Certificate serial: 7650F921389CCD5F568D10A45FC51DC7013359E2
Authority key identifier: BF:3B:67:5A:EB:EE:64:D0:0B:32:30:56:54:5D:1F:63:0F:1C:48:9E
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF3B675AEBEE64D00B323056545D1F630F1C489E.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e20313331363931.roa
Signing time: Mon 16 Jan 2023 18:21:59 +0000
ROA not before: Mon 16 Jan 2023 18:16:59 +0000
ROA not after: Mon 15 Jan 2024 18:21:59 +0000
asID: 131691
IP address blocks: 220.157.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:50:f9:21:38:9c:cd:5f:56:8d:10:a4:5f:c5:1d:c7:01:33:59:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF3B675AEBEE64D00B323056545D1F630F1C489E
Validity
Not Before: Jan 16 18:16:59 2023 GMT
Not After : Jan 15 18:21:59 2024 GMT
Subject: CN=3A923A100FB86C9C1E2AA2807DD2771348E632C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:80:0a:0b:2e:ab:a6:75:19:86:0d:45:84:
b7:66:88:a0:c3:8d:65:b4:c4:b7:18:dc:2f:a2:8d:
ce:1e:13:d8:ac:06:3a:60:fa:6a:b0:fe:17:7c:8a:
e3:7d:25:ba:9f:d6:6f:00:c1:41:6e:39:0a:29:02:
76:d2:61:a5:9e:c0:8d:bb:82:47:65:25:0b:50:4a:
4f:eb:2b:53:4f:74:bc:07:8b:5d:0e:67:fb:69:7c:
f8:f7:93:c4:41:4a:70:bd:af:cf:40:af:1a:c4:ba:
59:ca:24:79:49:54:2e:27:47:8a:ed:02:a4:27:d0:
e3:f8:c4:cb:49:26:8a:df:73:ae:33:98:d0:ed:45:
44:a0:0c:c3:97:dd:3b:a7:b4:63:04:f0:0a:18:68:
22:95:dd:78:3d:0e:09:c4:10:a7:45:6c:3b:44:86:
da:f1:b1:ba:aa:c7:d3:d6:26:bd:fa:40:e6:14:b6:
3b:d2:65:a4:48:8c:65:69:72:5c:8b:de:e4:f5:72:
04:e9:f9:e4:a4:4f:5b:75:68:e8:b2:2d:1f:93:14:
cf:4d:4e:7e:95:1a:4b:a8:f4:48:ef:17:ad:7b:25:
c9:25:f4:51:b4:3d:97:10:a8:a9:23:7a:04:bc:26:
f5:81:16:f3:9b:6e:30:5a:b7:fc:1e:69:0d:09:af:
52:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:3A:10:0F:B8:6C:9C:1E:2A:A2:80:7D:D2:77:13:48:E6:32:C8
X509v3 Authority Key Identifier:
keyid:BF:3B:67:5A:EB:EE:64:D0:0B:32:30:56:54:5D:1F:63:0F:1C:48:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/BF3B675AEBEE64D00B323056545D1F630F1C489E.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF3B675AEBEE64D00B323056545D1F630F1C489E.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/3232302e3135372e39362e302f32302d3234203d3e20313331363931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
220.157.96.0/20
Signature Algorithm: sha256WithRSAEncryption
73:e5:33:d7:57:e0:29:8e:9f:c2:e0:67:fa:67:6d:2c:12:b7:
5f:39:38:80:0d:c2:34:43:d6:6e:5a:f5:68:d4:fb:40:bf:63:
0f:63:12:13:7f:a2:6c:d1:3c:cb:4d:e1:92:13:5f:c0:0d:79:
23:26:26:6c:a1:a5:0b:a4:44:4d:17:70:39:d4:8e:48:b5:89:
2b:c3:62:28:4b:ca:82:6b:d3:06:c2:a9:b7:8c:d8:fe:b5:4c:
c4:8e:f8:7a:b7:57:8a:3e:9b:b8:5d:5d:9e:c8:d9:f4:d5:59:
0f:e1:4f:3e:8d:13:7a:32:e4:87:d2:8e:9c:ea:6c:0c:a8:83:
37:75:8f:dc:ee:18:f3:6e:09:30:31:d2:db:3d:9e:43:8c:44:
ee:65:e6:ff:65:9c:37:f0:19:63:42:5a:ec:dc:7b:d7:44:1e:
7d:ed:9f:0a:b9:8f:ba:7a:a3:75:2d:05:48:bf:b7:c6:78:7d:
ba:b7:17:f5:74:a1:36:f2:4d:9a:10:61:c0:ed:58:a5:4e:5c:
ad:ed:c3:ed:59:6a:54:70:8c:39:ce:3d:fd:56:c3:18:98:58:
37:5b:2d:b8:b8:5a:db:23:94:48:c1:44:ff:aa:80:23:00:41:
7b:2f:00:32:9e:4c:4d:42:38:cf:80:5c:7d:8b:43:28:08:cf:
69:ef:6c:ce
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUdlD5ITiczV9WjRCkX8UdxwEzWeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkYzQjY3NUFFQkVFNjREMDBCMzIzMDU2NTQ1RDFGNjMw
RjFDNDg5RTAeFw0yMzAxMTYxODE2NTlaFw0yNDAxMTUxODIxNTlaMDMxMTAvBgNV
BAMTKDNBOTIzQTEwMEZCODZDOUMxRTJBQTI4MDdERDI3NzEzNDhFNjMyQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ4IAKCy6rpnUZhg1FhLdmiKDD
jWW0xLcY3C+ijc4eE9isBjpg+mqw/hd8iuN9Jbqf1m8AwUFuOQopAnbSYaWewI27
gkdlJQtQSk/rK1NPdLwHi10OZ/tpfPj3k8RBSnC9r89ArxrEulnKJHlJVC4nR4rt
AqQn0OP4xMtJJorfc64zmNDtRUSgDMOX3TuntGME8AoYaCKV3Xg9DgnEEKdFbDtE
htrxsbqqx9PWJr36QOYUtjvSZaRIjGVpclyL3uT1cgTp+eSkT1t1aOiyLR+TFM9N
Tn6VGkuo9EjvF617Jckl9FG0PZcQqKkjegS8JvWBFvObbjBat/weaQ0Jr1JBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOpI6EA+4bJweKqKAfdJ3E0jmMsgwHwYDVR0j
BBgwFoAUvztnWuvuZNALMjBWVF0fYw8cSJ4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
OTBjOTAwOS1hZDUzLTRmYTYtYTE4My0zNGIzNDU3YmVhMDMvMC9CRjNCNjc1QUVC
RUU2NEQwMEIzMjMwNTY1NDVEMUY2MzBGMUM0ODlFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkYzQjY3NUFFQkVFNjREMDBCMzIzMDU2NTQ1RDFGNjMwRjFD
NDg5RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5MGM5MDA5LWFkNTMtNGZhNi1h
MTgzLTM0YjM0NTdiZWEwMy8wLzMyMzIzMDJlMzEzNTM3MmUzOTM2MmUzMDJmMzIz
MDJkMzIzNDIwM2QzZTIwMzEzMzMxMzYzOTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE3J1gMA0GCSqG
SIb3DQEBCwUAA4IBAQBz5TPXV+Apjp/C4Gf6Z20sErdfOTiADcI0Q9ZuWvVo1PtA
v2MPYxITf6Js0TzLTeGSE1/ADXkjJiZsoaULpERNF3A51I5ItYkrw2IoS8qCa9MG
wqm3jNj+tUzEjvh6t1eKPpu4XV2eyNn01VkP4U8+jRN6MuSH0o6c6mwMqIM3dY/c
7hjzbgkwMdLbPZ5DjETuZeb/ZZw38BljQlrs3HvXRB597Z8KuY+6eqN1LQVIv7fG
eH26txf1dKE28k2aEGHA7VilTlyt7cPtWWpUcIw5zj39VsMYmFg3Wy24uFrbI5RI
wUT/qoAjAEF7LwAynkxNQjjPgFx9i0MoCM9p72zO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:07 2024 by rpki-client on console-fra.rpki-client.org