Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa
File: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (raw, json)
Hash identifier: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=
Subject key identifier: 0B:1E:03:47:33:5F:A9:CC:2E:6D:31:07:5E:0C:B8:90:51:D9:8D:A2
Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208
Certificate serial: 2171C0C51286AD8C7876637661F3D4DF56BFB421
Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa
Signing time: Thu 01 May 2025 09:00:02 +0000
ROA not before: Thu 01 May 2025 08:55:02 +0000
ROA not after: Thu 30 Apr 2026 09:00:02 +0000
asID: 136825
IP address blocks: 123.253.248.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:71:c0:c5:12:86:ad:8c:78:76:63:76:61:f3:d4:df:56:bf:b4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208
Validity
Not Before: May 1 08:55:02 2025 GMT
Not After : Apr 30 09:00:02 2026 GMT
Subject: CN=0B1E0347335FA9CC2E6D31075E0CB89051D98DA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1e:f3:c2:c8:28:d1:47:43:f8:fa:ff:0b:34:
2a:80:86:4d:9c:ba:db:ff:49:42:2d:90:69:cd:d8:
c2:c4:7d:ed:03:4a:0a:65:8b:34:de:1a:4a:82:c9:
15:29:72:78:a7:b1:69:0f:c3:29:78:e7:20:df:46:
7a:c7:7a:a6:d3:b8:7c:56:e1:f4:40:50:4d:3f:d3:
e2:94:65:5e:39:e6:27:df:c8:75:12:16:79:8b:67:
87:97:1a:70:6e:86:d1:49:32:d9:96:34:b1:d2:1f:
0d:90:72:9e:41:e3:cd:e0:30:ba:74:23:41:de:88:
04:93:85:4c:bc:45:d7:8a:71:ff:13:7d:50:ba:96:
7d:64:b3:e3:ec:d0:89:64:65:92:df:7c:a7:a0:21:
2b:b2:ae:50:cf:09:86:a4:53:db:71:e7:b5:ac:cd:
89:40:bf:89:67:65:0d:69:96:21:84:03:c1:14:96:
55:c2:c6:bf:55:07:22:a6:63:ac:6d:9c:f4:c8:ff:
9d:72:96:1e:60:7f:b9:46:42:a2:81:c4:c6:6e:df:
78:ba:24:78:cf:13:4c:43:51:f8:b2:e8:dc:ac:0e:
94:45:f5:ff:aa:62:58:14:52:d6:ea:aa:21:62:ef:
8a:ab:32:6b:20:b0:a9:e2:22:e7:82:51:71:ab:2d:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1E:03:47:33:5F:A9:CC:2E:6D:31:07:5E:0C:B8:90:51:D9:8D:A2
X509v3 Authority Key Identifier:
keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.248.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:3a:a5:fd:3e:bf:54:94:e3:60:e9:18:08:d0:41:0a:93:8b:
89:fb:cc:ba:46:12:f7:6f:5c:01:4f:52:83:7d:2f:96:3f:67:
00:3f:4a:5a:1a:16:20:bb:b0:e6:eb:cd:d2:b0:23:bf:d9:bd:
8f:60:ec:8d:97:1f:27:52:ad:45:54:fb:4d:b0:ad:a6:06:2f:
73:21:02:c1:c5:fd:28:11:1f:68:69:be:bf:86:4d:aa:ff:58:
6f:1f:91:df:13:5a:42:ea:c3:d0:10:3b:2a:50:b7:7e:5f:1a:
85:c8:ec:16:2e:2d:ab:9a:c6:a7:e4:42:cc:81:e4:c7:35:7b:
2a:79:77:dd:d7:81:81:40:87:64:97:ab:32:99:42:d6:d9:37:
23:c5:54:4c:d3:c4:22:a0:b1:58:80:4b:2a:31:16:98:70:41:
6d:ec:19:f2:73:59:7b:1d:38:8b:21:54:df:bf:3c:23:98:20:
62:e6:c2:be:b2:1a:f6:b7:0a:f0:a0:1e:cc:5a:7b:bb:6b:61:
a7:28:7a:22:f1:5b:1a:10:89:b8:30:14:32:14:5e:32:65:30:
4b:64:2c:f2:87:8d:f3:fd:19:27:3f:83:9f:14:e4:73:a3:8e:
72:e3:71:91:a6:cb:1b:de:4d:9b:d0:6c:47:e2:5a:fc:94:9c:
86:04:af:30
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUIXHAxRKGrYx4dmN2YfPU31a/tCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE
RkY1NjIwODAeFw0yNTA1MDEwODU1MDJaFw0yNjA0MzAwOTAwMDJaMDMxMTAvBgNV
BAMTKDBCMUUwMzQ3MzM1RkE5Q0MyRTZEMzEwNzVFMENCODkwNTFEOThEQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYHvPCyCjRR0P4+v8LNCqAhk2c
utv/SUItkGnN2MLEfe0DSgplizTeGkqCyRUpcninsWkPwyl45yDfRnrHeqbTuHxW
4fRAUE0/0+KUZV455iffyHUSFnmLZ4eXGnBuhtFJMtmWNLHSHw2Qcp5B483gMLp0
I0HeiASThUy8RdeKcf8TfVC6ln1ks+Ps0IlkZZLffKegISuyrlDPCYakU9tx57Ws
zYlAv4lnZQ1pliGEA8EUllXCxr9VByKmY6xtnPTI/51ylh5gf7lGQqKBxMZu33i6
JHjPE0xDUfiy6NysDpRF9f+qYlgUUtbqqiFi74qrMmsgsKniIueCUXGrLbbTAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUCx4DRzNfqcwubTEHXgy4kFHZjaIwHwYDVR0j
BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB
NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1
NjIwOC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2YTc2NjVhLWI1MGItNGE0NS1h
OGY5LTBkNjliZDdkNzQzZC8wLzMxMzIzMzJlMzIzNTMzMmUzMjM0MzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzYzODMyMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAF7/fgwDQYJ
KoZIhvcNAQELBQADggEBAF06pf0+v1SU42DpGAjQQQqTi4n7zLpGEvdvXAFPUoN9
L5Y/ZwA/SloaFiC7sObrzdKwI7/ZvY9g7I2XHydSrUVU+02wraYGL3MhAsHF/SgR
H2hpvr+GTar/WG8fkd8TWkLqw9AQOypQt35fGoXI7BYuLauaxqfkQsyB5Mc1eyp5
d93XgYFAh2SXqzKZQtbZNyPFVEzTxCKgsViASyoxFphwQW3sGfJzWXsdOIshVN+/
PCOYIGLmwr6yGva3CvCgHsxae7trYacoeiLxWxoQibgwFDIUXjJlMEtkLPKHjfP9
GSc/g58U5HOjjnLjcZGmyxveTZvQbEfiWvyUnIYErzA=
-----END CERTIFICATE-----
Generated at Wed May 7 10:56:59 2025 by rpki-client