Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e32312e302f32342d3234203d3e203137383835.roa
File: 3131322e3231352e32312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: q3gZkntTWnzZ98JHk7ieBex9M05FUs9exxBZGwND8Bs=
Subject key identifier: B1:28:6B:DA:9A:57:80:57:24:CB:E8:F7:68:9D:5F:E1:83:DC:96:5D
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 79381C532967271B9D039F579D49530D7C165D51
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e32312e302f32342d3234203d3e203137383835.roa
Signing time: Sat 02 Apr 2022 03:00:00 +0000
ROA not before: Sat 02 Apr 2022 02:55:00 +0000
ROA not after: Sat 01 Apr 2023 03:00:00 +0000
asID: 17885
IP address blocks: 112.215.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:38:1c:53:29:67:27:1b:9d:03:9f:57:9d:49:53:0d:7c:16:5d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 2 02:55:00 2022 GMT
Not After : Apr 1 03:00:00 2023 GMT
Subject: CN=B1286BDA9A57805724CBE8F7689D5FE183DC965D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:dd:74:44:33:d2:05:2f:6d:6a:30:7a:2e:
ae:63:cf:a5:2b:c0:1b:0c:82:1d:27:87:3e:80:90:
17:d3:79:15:44:01:7c:c6:68:76:4a:57:31:0c:1b:
54:56:28:bf:47:d7:1d:2c:0d:8d:d7:f5:8f:f5:f5:
27:16:04:ce:94:b8:a9:03:48:75:96:32:3c:0c:7f:
55:2b:45:60:a7:11:3a:70:6c:44:fb:03:23:5f:0a:
f7:af:46:da:d3:e0:aa:5f:49:4b:a8:5f:69:73:98:
de:ab:af:d1:f5:3d:c6:78:c7:b4:b5:74:05:72:83:
2f:dc:54:21:fa:e5:51:7c:25:22:55:a5:da:6a:64:
87:a9:2a:77:cf:e2:8f:95:63:50:a2:d1:7d:6e:d2:
8e:54:d3:60:e0:04:e8:88:47:3c:17:0b:aa:bc:03:
1a:3c:f1:35:6d:a9:6b:27:bb:42:e9:12:8d:ba:7e:
96:dd:10:b8:0c:09:67:f7:06:43:00:1c:a5:ec:17:
1f:27:5d:d9:78:ea:d6:9d:ba:80:d7:68:72:69:62:
8b:bf:7a:6f:1b:d0:ef:31:08:a9:6e:8d:24:10:73:
50:e9:91:9a:59:00:41:51:71:74:e2:b7:29:a0:00:
0a:1a:22:f7:d1:0f:20:5c:df:61:eb:c8:dc:9f:fc:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:28:6B:DA:9A:57:80:57:24:CB:E8:F7:68:9D:5F:E1:83:DC:96:5D
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3131322e3231352e32312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.215.21.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a7:bf:f8:3f:2c:17:99:f5:d3:4f:50:1c:4d:5c:20:ca:de:
b3:ff:3b:77:82:57:8a:0d:f4:77:a0:11:15:b1:ef:ba:c0:fb:
e9:52:fb:0e:f4:80:65:19:f2:70:53:eb:80:73:62:07:15:23:
5c:0f:94:79:b6:72:6f:a5:5e:0a:d8:d2:3d:b9:db:74:6d:a3:
33:09:7c:0a:3f:c1:f2:4d:8e:1a:c5:d0:5f:ac:d3:79:f9:84:
42:2e:e9:5f:45:48:d3:fe:77:ba:82:73:d6:97:b0:12:a6:ad:
0d:29:50:04:29:ec:f1:1e:9a:ea:74:70:a4:a8:2e:d7:6f:72:
3f:e9:f1:52:4c:9f:d8:82:36:9b:9c:fe:2f:81:97:57:94:e1:
04:cf:da:e7:8f:73:cc:fd:8e:b2:8c:6e:70:61:bb:f5:3e:b2:
8e:ba:ab:9e:31:66:de:a6:a3:cb:12:c2:e1:a2:49:5a:f7:81:
16:a8:64:a4:65:c7:d3:3b:0c:b3:2b:b6:28:08:f4:d3:4b:ff:
67:9b:3a:a8:65:91:8d:fb:d0:86:ae:7a:e8:43:26:27:97:55:
80:72:fc:91:f0:1d:72:11:ba:6a:61:fe:21:b8:96:b3:6c:e0:
0b:95:fe:c5:a6:b9:5e:19:49:0f:cd:8e:7a:87:eb:eb:fa:e5:
41:ef:f7:d6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUeTgcUylnJxudA59XnUlTDXwWXVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MDIwMjU1MDBaFw0yMzA0MDEwMzAwMDBaMDMxMTAvBgNV
BAMTKEIxMjg2QkRBOUE1NzgwNTcyNENCRThGNzY4OUQ1RkUxODNEQzk2NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpkN10RDPSBS9tajB6Lq5jz6Ur
wBsMgh0nhz6AkBfTeRVEAXzGaHZKVzEMG1RWKL9H1x0sDY3X9Y/19ScWBM6UuKkD
SHWWMjwMf1UrRWCnETpwbET7AyNfCvevRtrT4KpfSUuoX2lzmN6rr9H1PcZ4x7S1
dAVygy/cVCH65VF8JSJVpdpqZIepKnfP4o+VY1Ci0X1u0o5U02DgBOiIRzwXC6q8
Axo88TVtqWsnu0LpEo26fpbdELgMCWf3BkMAHKXsFx8nXdl46taduoDXaHJpYou/
em8b0O8xCKlujSQQc1DpkZpZAEFRcXTitymgAAoaIvfRDyBc32HryNyf/JgPAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUsShr2ppXgFcky+j3aJ1f4YPcll0wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzEzMjJlMzIzMTM1MmUzMjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNzM4MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHDXFTANBgkqhkiG
9w0BAQsFAAOCAQEAMqe/+D8sF5n1009QHE1cIMres/87d4JXig30d6ARFbHvusD7
6VL7DvSAZRnycFPrgHNiBxUjXA+UebZyb6VeCtjSPbnbdG2jMwl8Cj/B8k2OGsXQ
X6zTefmEQi7pX0VI0/53uoJz1pewEqatDSlQBCns8R6a6nRwpKgu129yP+nxUkyf
2II2m5z+L4GXV5ThBM/a549zzP2OsoxucGG79T6yjrqrnjFm3qajyxLC4aJJWveB
FqhkpGXH0zsMsyu2KAj000v/Z5s6qGWRjfvQhq566EMmJ5dVgHL8kfAdchG6amH+
IbiWs2zgC5X+xaa5XhlJD82Oeofr6/rlQe/31g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net