Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/871ada9e-e2a9-400e-8dff-9be481aba583/0/3130332e35382e3130342e302f32342d3234203d3e20313333383334.roa
File: 3130332e35382e3130342e302f32342d3234203d3e20313333383334.roa (raw, json)
Hash identifier: GLJypok2NrYUzxDav0WTrZeJZMTOKZKenZlHVmMDk84=
Subject key identifier: 41:C4:88:A6:A8:26:67:A6:FC:A0:02:93:AB:A8:32:93:9D:14:D4:01
Certificate issuer: /CN=007C91B049F735F71F2BE8CF92AEAA538D6B1F0B
Certificate serial: 51822ED83D9F27FD2C0ACAB76E486E91A9D1E5D6
Authority key identifier: 00:7C:91:B0:49:F7:35:F7:1F:2B:E8:CF:92:AE:AA:53:8D:6B:1F:0B
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/007C91B049F735F71F2BE8CF92AEAA538D6B1F0B.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/871ada9e-e2a9-400e-8dff-9be481aba583/0/3130332e35382e3130342e302f32342d3234203d3e20313333383334.roa
Signing time: Mon 06 Nov 2023 06:22:53 +0000
ROA not before: Mon 06 Nov 2023 06:17:53 +0000
ROA not after: Mon 04 Nov 2024 06:22:53 +0000
asID: 133834
IP address blocks: 103.58.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:82:2e:d8:3d:9f:27:fd:2c:0a:ca:b7:6e:48:6e:91:a9:d1:e5:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007C91B049F735F71F2BE8CF92AEAA538D6B1F0B
Validity
Not Before: Nov 6 06:17:53 2023 GMT
Not After : Nov 4 06:22:53 2024 GMT
Subject: CN=41C488A6A82667A6FCA00293ABA832939D14D401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:17:a5:16:1e:17:84:53:80:e1:55:09:82:7a:
23:2e:87:98:af:32:a3:cf:6a:01:b1:04:e9:4d:81:
05:ae:94:88:35:2f:97:49:74:24:53:84:3a:e2:00:
5f:fa:25:a9:cb:53:29:02:04:cd:97:f4:96:bb:68:
79:eb:5d:8e:ec:52:8a:d7:7e:73:02:35:45:ee:bb:
8d:93:5d:ec:71:79:b1:45:a0:bd:2f:a3:20:8a:aa:
cd:78:3d:c5:c0:f5:01:87:7e:97:25:81:7c:ef:cc:
7b:42:f9:c2:66:78:dd:31:fd:94:d2:c4:4e:50:57:
5f:af:9b:89:7d:ea:f2:a3:95:74:b4:a4:19:c5:12:
33:24:77:37:da:52:2d:83:a9:47:40:72:12:0f:47:
db:67:67:82:2d:b2:38:be:4e:03:c7:d4:02:48:8c:
65:03:76:85:4c:a7:36:17:3b:be:c6:09:23:c3:40:
52:2c:f0:72:13:e9:2f:ef:71:7a:c4:e6:4c:02:00:
f6:c0:04:ea:0f:94:a2:2b:5c:41:7c:1b:28:22:91:
45:72:24:a4:35:99:7c:2c:67:9f:6d:f8:27:84:26:
8a:30:e7:78:66:b7:16:91:ec:86:85:79:f7:83:51:
49:3a:9e:27:50:31:61:c0:92:6d:dd:bf:5a:2f:d9:
f0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C4:88:A6:A8:26:67:A6:FC:A0:02:93:AB:A8:32:93:9D:14:D4:01
X509v3 Authority Key Identifier:
keyid:00:7C:91:B0:49:F7:35:F7:1F:2B:E8:CF:92:AE:AA:53:8D:6B:1F:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/871ada9e-e2a9-400e-8dff-9be481aba583/0/007C91B049F735F71F2BE8CF92AEAA538D6B1F0B.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/007C91B049F735F71F2BE8CF92AEAA538D6B1F0B.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/871ada9e-e2a9-400e-8dff-9be481aba583/0/3130332e35382e3130342e302f32342d3234203d3e20313333383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.58.104.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:df:5c:32:a0:4a:f0:60:5c:fa:15:0c:05:fe:4c:10:1a:b2:
ae:d6:9b:1b:d2:d4:e6:c2:4c:ac:82:f7:fb:ff:a6:52:aa:cf:
6e:b6:ce:a4:52:41:d6:47:2e:cc:10:16:4e:48:d8:99:14:b1:
9a:c2:d7:d2:ed:c9:63:dd:e1:22:12:75:b4:98:d8:47:fc:65:
f3:19:0b:87:bf:8f:02:53:a8:a9:21:3e:6f:35:4a:79:6f:05:
37:57:7c:1f:11:dc:87:20:ae:ef:05:a2:38:2f:82:8c:be:bc:
09:72:69:9e:62:de:ce:87:db:72:78:5a:aa:a1:53:a9:99:7a:
95:a5:1d:28:e5:1a:e0:1e:4c:ab:cf:56:bc:da:fb:00:0d:77:
ec:eb:3c:9a:30:dc:3d:13:d3:98:1f:30:aa:33:ba:f1:8f:41:
44:9b:51:b5:e2:3d:03:24:df:88:30:67:2e:a5:97:08:9f:92:
6a:0a:16:8f:09:bc:38:d6:a2:69:ec:97:3e:99:fb:8b:0d:6e:
62:f8:ec:86:89:57:90:a0:d7:d8:e8:38:32:a3:ef:14:48:28:
de:62:aa:3d:86:83:d9:f7:77:9b:f5:53:e9:96:69:2e:bb:32:
e3:da:22:62:9b:52:28:01:6c:73:27:39:ee:93:26:b9:a1:67:
0f:ff:0a:97
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUYIu2D2fJ/0sCsq3bkhukanR5dYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDA3QzkxQjA0OUY3MzVGNzFGMkJFOENGOTJBRUFBNTM4
RDZCMUYwQjAeFw0yMzExMDYwNjE3NTNaFw0yNDExMDQwNjIyNTNaMDMxMTAvBgNV
BAMTKDQxQzQ4OEE2QTgyNjY3QTZGQ0EwMDI5M0FCQTgzMjkzOUQxNEQ0MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzF6UWHheEU4DhVQmCeiMuh5iv
MqPPagGxBOlNgQWulIg1L5dJdCRThDriAF/6JanLUykCBM2X9Ja7aHnrXY7sUorX
fnMCNUXuu42TXexxebFFoL0voyCKqs14PcXA9QGHfpclgXzvzHtC+cJmeN0x/ZTS
xE5QV1+vm4l96vKjlXS0pBnFEjMkdzfaUi2DqUdAchIPR9tnZ4Itsji+TgPH1AJI
jGUDdoVMpzYXO77GCSPDQFIs8HIT6S/vcXrE5kwCAPbABOoPlKIrXEF8GygikUVy
JKQ1mXwsZ59t+CeEJoow53hmtxaR7IaFefeDUUk6nidQMWHAkm3dv1ov2fCVAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUQcSIpqgmZ6b8oAKTq6gyk50U1AEwHwYDVR0j
BBgwFoAUAHyRsEn3NfcfK+jPkq6qU41rHwswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NzFhZGE5ZS1lMmE5LTQwMGUtOGRmZi05YmU0ODFhYmE1ODMvMC8wMDdDOTFCMDQ5
RjczNUY3MUYyQkU4Q0Y5MkFFQUE1MzhENkIxRjBCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDA3QzkxQjA0OUY3MzVGNzFGMkJFOENGOTJBRUFBNTM4RDZC
MUYwQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg3MWFkYTllLWUyYTktNDAwZS04
ZGZmLTliZTQ4MWFiYTU4My8wLzMxMzAzMzJlMzUzODJlMzEzMDM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMzMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzpoMA0GCSqG
SIb3DQEBCwUAA4IBAQC531wyoErwYFz6FQwF/kwQGrKu1psb0tTmwkysgvf7/6ZS
qs9uts6kUkHWRy7MEBZOSNiZFLGawtfS7clj3eEiEnW0mNhH/GXzGQuHv48CU6ip
IT5vNUp5bwU3V3wfEdyHIK7vBaI4L4KMvrwJcmmeYt7Oh9tyeFqqoVOpmXqVpR0o
5RrgHkyrz1a82vsADXfs6zyaMNw9E9OYHzCqM7rxj0FEm1G14j0DJN+IMGcupZcI
n5JqChaPCbw41qJp7Jc+mfuLDW5i+OyGiVeQoNfY6Dgyo+8USCjeYqo9hoPZ93eb
9VPplmkuuzLj2iJim1IoAWxzJznukya5oWcP/wqX
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:11:34 2025 by rpki-client