Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e32392e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e32392e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: Fh3FUJNjL4fRjZPDX8e5QRoWm8+//C8CB7MZbeqzEWc=
Subject key identifier: 6F:92:7E:D3:F4:0B:F4:BA:83:78:DB:13:BC:4C:33:B5:21:34:49:C2
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 044531F3AF241DEB534066ABDE97A54DAB0F937D
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e32392e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:03 +0000
ROA not before: Tue 12 Apr 2022 08:55:03 +0000
ROA not after: Tue 11 Apr 2023 09:00:03 +0000
asID: 17885
IP address blocks: 121.52.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:45:31:f3:af:24:1d:eb:53:40:66:ab:de:97:a5:4d:ab:0f:93:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:03 2022 GMT
Not After : Apr 11 09:00:03 2023 GMT
Subject: CN=6F927ED3F40BF4BA8378DB13BC4C33B5213449C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:df:f3:66:08:05:c7:f5:21:5f:49:af:8f:
72:f5:48:66:54:a5:04:98:e9:4e:53:07:0c:e3:79:
bc:de:0d:55:41:9c:93:6f:be:3e:51:ca:70:ba:77:
39:02:58:7c:a7:68:3e:f9:24:03:95:6e:91:81:65:
bf:7c:37:4b:64:d9:c8:f9:e0:fb:f6:f8:84:6d:51:
9a:52:62:17:c9:3d:f5:4c:5b:a5:99:55:87:86:bf:
49:38:3b:1c:74:e0:d6:7b:2f:56:c7:93:45:ce:7d:
f9:f6:95:40:c2:67:64:29:84:56:49:c9:4f:de:fc:
f4:c4:4f:39:8d:aa:7d:ed:1e:9c:dd:e5:73:0c:f3:
6c:d8:5b:5e:5c:73:d9:21:f0:a9:07:89:63:92:89:
a4:6c:cf:70:f2:a4:8d:5d:c9:a9:b6:35:2b:30:ed:
38:46:88:c1:67:83:55:01:e8:2f:93:6c:c5:f5:0d:
de:be:e8:7f:f3:44:20:92:62:06:4b:59:5c:a7:4e:
ea:4c:bb:85:0d:53:84:ac:5a:37:0d:f3:c8:cc:de:
60:6f:66:ae:61:64:8b:83:72:25:18:6f:da:47:83:
99:69:eb:5a:ac:b9:3f:78:bb:48:09:02:8a:9b:7f:
2d:4f:83:53:c8:60:fb:c6:1e:9b:3f:2e:38:30:b7:
2a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:92:7E:D3:F4:0B:F4:BA:83:78:DB:13:BC:4C:33:B5:21:34:49:C2
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e32392e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.29.0/24
Signature Algorithm: sha256WithRSAEncryption
49:fd:aa:35:7d:46:f1:78:db:9f:52:d3:44:c8:59:72:3e:47:
bc:1a:78:ef:76:03:f2:9f:a5:ab:81:f8:b4:e9:f6:6c:9a:b1:
41:b1:5e:e7:d4:eb:5e:bd:05:6a:19:db:c0:55:6b:41:0b:dc:
93:68:9f:9a:16:b9:80:02:22:04:84:f7:5f:c0:c6:55:d5:7d:
17:31:79:0b:15:82:af:39:29:67:fc:5e:4f:9e:e3:2b:5b:19:
ed:6e:3e:97:ec:fe:fe:86:ee:53:cf:09:ef:3d:bc:41:d9:f0:
e6:51:72:e9:7e:30:24:27:20:b9:1b:08:c8:0d:d6:e0:1e:6d:
71:dd:22:9b:ca:a5:b4:30:e4:05:39:6b:27:cc:f1:96:57:47:
74:bd:e4:14:6a:b6:c9:3f:dc:fd:c0:d7:ef:9f:77:07:00:d9:
56:74:06:02:10:ce:3e:6f:e2:5b:d3:c5:3c:3b:b3:fc:47:6d:
6d:25:6b:b7:67:ed:1b:31:59:e3:f2:42:5e:88:b9:61:35:47:
1c:88:0b:3d:7d:f0:ee:80:82:f8:db:da:34:93:45:f3:17:bd:
0d:06:13:21:8f:3d:17:5f:12:9b:79:9a:1d:2a:d5:1c:2e:1d:
16:56:5f:a4:43:5f:b6:fc:50:34:70:98:2f:a3:26:24:e3:08:
f8:2d:5d:14
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBEUx868kHetTQGar3pelTasPk30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDNaFw0yMzA0MTEwOTAwMDNaMDMxMTAvBgNV
BAMTKDZGOTI3RUQzRjQwQkY0QkE4Mzc4REIxM0JDNEMzM0I1MjEzNDQ5QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA0N/zZggFx/UhX0mvj3L1SGZU
pQSY6U5TBwzjebzeDVVBnJNvvj5RynC6dzkCWHynaD75JAOVbpGBZb98N0tk2cj5
4Pv2+IRtUZpSYhfJPfVMW6WZVYeGv0k4Oxx04NZ7L1bHk0XOffn2lUDCZ2QphFZJ
yU/e/PTETzmNqn3tHpzd5XMM82zYW15cc9kh8KkHiWOSiaRsz3DypI1dyam2NSsw
7ThGiMFng1UB6C+TbMX1Dd6+6H/zRCCSYgZLWVynTupMu4UNU4SsWjcN88jM3mBv
Zq5hZIuDciUYb9pHg5lp61qsuT94u0gJAoqbfy1Pg1PIYPvGHps/LjgwtyrvAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUb5J+0/QL9LqDeNsTvEwztSE0ScIwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzIzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NB0wDQYJKoZIhvcN
AQELBQADggEBAEn9qjV9RvF4259S00TIWXI+R7waeO92A/KfpauB+LTp9myasUGx
XufU6169BWoZ28BVa0EL3JNon5oWuYACIgSE91/AxlXVfRcxeQsVgq85KWf8Xk+e
4ytbGe1uPpfs/v6G7lPPCe89vEHZ8OZRcul+MCQnILkbCMgN1uAebXHdIpvKpbQw
5AU5ayfM8ZZXR3S95BRqtsk/3P3A1++fdwcA2VZ0BgIQzj5v4lvTxTw7s/xHbW0l
a7dn7RsxWePyQl6IuWE1RxyICz198O6Agvjb2jSTRfMXvQ0GEyGPPRdfEpt5mh0q
1RwuHRZWX6RDX7b8UDRwmC+jJiTjCPgtXRQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net