Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e33352e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e33352e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: CYvA11K5ev4htvEBQti74RqDH2mX55ieQfN7AUJDiH8=
Subject key identifier: 8E:C9:43:8D:7B:03:5D:D1:20:D6:78:03:85:CF:81:E1:6C:F5:AE:4B
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 170B9376464199F7E24552CF99AE603328A68B07
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e33352e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:01 +0000
ROA not before: Tue 12 Apr 2022 08:55:01 +0000
ROA not after: Tue 11 Apr 2023 09:00:01 +0000
asID: 17885
IP address blocks: 121.52.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:0b:93:76:46:41:99:f7:e2:45:52:cf:99:ae:60:33:28:a6:8b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:01 2022 GMT
Not After : Apr 11 09:00:01 2023 GMT
Subject: CN=8EC9438D7B035DD120D6780385CF81E16CF5AE4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:aa:52:67:0c:fd:80:e5:28:65:d2:c7:70:4d:
71:a0:7f:c5:c5:8d:00:69:d9:f9:64:df:cf:0d:ab:
6d:c0:19:29:8f:aa:c4:82:31:b9:f8:ed:b9:70:84:
28:04:b2:c5:87:d8:98:74:65:18:02:2c:48:b0:ae:
1f:fb:21:a0:aa:fd:8a:34:cc:f2:0c:26:db:e7:6b:
cc:ee:08:df:25:5e:0d:83:45:e3:34:9e:66:a7:b0:
cd:da:21:14:b9:7a:23:82:27:4e:45:8e:7c:7f:a4:
a2:df:04:54:07:bf:33:68:65:33:1f:7f:d5:6f:3f:
17:89:4b:f5:d8:14:bf:00:b0:b8:b2:29:67:2a:59:
d5:ab:0d:49:de:69:5c:88:28:46:7a:60:87:bf:c8:
7c:8f:2a:d7:99:c9:46:11:27:ec:70:b4:18:0f:48:
1a:ab:2c:22:df:07:6b:65:2d:5c:19:2a:8d:b5:52:
0b:53:93:26:f5:db:16:fb:7a:26:99:41:06:bd:f1:
59:33:2e:8f:f1:f1:1c:6e:f0:b2:d7:ff:f6:9e:f7:
d9:49:bf:1e:d6:62:c4:b6:9a:1b:72:da:b8:45:e6:
f0:b0:66:1f:4a:6f:17:f5:f8:aa:71:90:22:18:63:
f6:b7:5c:4a:8e:b1:3c:f1:6c:ed:2a:b4:23:c6:09:
e2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C9:43:8D:7B:03:5D:D1:20:D6:78:03:85:CF:81:E1:6C:F5:AE:4B
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e33352e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.35.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d8:41:3b:39:19:da:f6:fa:f9:3c:09:a0:e2:b9:b2:30:33:
b3:17:97:91:d9:84:4e:90:e5:3c:41:5c:40:28:0c:e5:04:d0:
7f:9e:4b:33:7d:2e:95:27:e8:e0:69:2c:44:ee:cd:6c:29:5b:
33:77:1b:70:fa:89:d1:bd:08:b9:10:8e:64:fe:df:42:9f:d0:
5d:ab:aa:d5:77:c6:cf:ca:16:1b:9f:82:ec:bb:17:cf:6a:d4:
f7:2b:30:44:0b:14:e2:58:af:1a:86:57:85:c4:95:e6:d9:2a:
0e:ed:1f:4a:a9:6f:d0:6c:cf:82:2c:85:3f:85:d8:84:e1:40:
16:98:22:03:1d:6a:1e:1c:2f:11:f8:51:62:35:0b:0a:d5:d0:
d5:07:61:aa:9b:30:4b:c3:7c:bb:26:c3:ea:d3:c6:0d:f8:31:
9a:ac:53:bc:a3:40:b9:ef:30:5f:a3:23:16:13:12:19:fb:ac:
9d:99:a1:b1:e8:1b:9a:5e:c2:20:6a:e7:ed:16:6d:10:57:bc:
ab:7e:f5:e0:dd:61:b5:0b:47:4b:0b:c3:51:2d:2a:08:fc:9e:
9e:40:77:d9:16:25:d6:34:ec:8c:9f:5e:eb:9d:3a:10:f1:17:
84:6f:ed:c2:7f:90:25:5f:f3:d4:e2:0c:0f:c4:ce:d6:cd:b9:
4a:bd:f8:e8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUFwuTdkZBmffiRVLPma5gMyimiwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDFaFw0yMzA0MTEwOTAwMDFaMDMxMTAvBgNV
BAMTKDhFQzk0MzhEN0IwMzVERDEyMEQ2NzgwMzg1Q0Y4MUUxNkNGNUFFNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHqlJnDP2A5Shl0sdwTXGgf8XF
jQBp2flk388Nq23AGSmPqsSCMbn47blwhCgEssWH2Jh0ZRgCLEiwrh/7IaCq/Yo0
zPIMJtvna8zuCN8lXg2DReM0nmansM3aIRS5eiOCJ05Fjnx/pKLfBFQHvzNoZTMf
f9VvPxeJS/XYFL8AsLiyKWcqWdWrDUneaVyIKEZ6YIe/yHyPKteZyUYRJ+xwtBgP
SBqrLCLfB2tlLVwZKo21UgtTkyb12xb7eiaZQQa98VkzLo/x8Rxu8LLX//ae99lJ
vx7WYsS2mhty2rhF5vCwZh9Kbxf1+KpxkCIYY/a3XEqOsTzxbO0qtCPGCeLpAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUjslDjXsDXdEg1ngDhc+B4Wz1rkswHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzMzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NCMwDQYJKoZIhvcN
AQELBQADggEBABHYQTs5Gdr2+vk8CaDiubIwM7MXl5HZhE6Q5TxBXEAoDOUE0H+e
SzN9LpUn6OBpLETuzWwpWzN3G3D6idG9CLkQjmT+30Kf0F2rqtV3xs/KFhufguy7
F89q1PcrMEQLFOJYrxqGV4XElebZKg7tH0qpb9Bsz4IshT+F2IThQBaYIgMdah4c
LxH4UWI1CwrV0NUHYaqbMEvDfLsmw+rTxg34MZqsU7yjQLnvMF+jIxYTEhn7rJ2Z
obHoG5pewiBq5+0WbRBXvKt+9eDdYbULR0sLw1EtKgj8np5Ad9kWJdY07IyfXuud
OhDxF4Rv7cJ/kCVf89TiDA/EztbNuUq9+Og=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net