Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e34322e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e34322e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: ShFYwVSLc3OGYu3oo7OvWxlEuRORw4i0KhJS9yTPfOY=
Subject key identifier: C5:05:4A:6B:0B:74:7B:E3:67:DA:36:A8:6E:A6:8B:1B:37:30:AD:D8
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 2DBA3BAAF000A4AC8790620433B5C239383A99F9
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e34322e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:03 +0000
ROA not before: Tue 12 Apr 2022 08:55:03 +0000
ROA not after: Tue 11 Apr 2023 09:00:03 +0000
asID: 17885
IP address blocks: 121.52.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:ba:3b:aa:f0:00:a4:ac:87:90:62:04:33:b5:c2:39:38:3a:99:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:03 2022 GMT
Not After : Apr 11 09:00:03 2023 GMT
Subject: CN=C5054A6B0B747BE367DA36A86EA68B1B3730ADD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:11:4a:af:d9:f3:e0:05:6f:08:30:7e:66:
ba:a6:a8:8a:68:bb:00:f1:4a:e9:3f:85:ed:bd:49:
03:22:d5:53:84:01:b4:79:e3:84:4f:57:8d:21:a8:
d7:bf:e1:39:3c:cc:76:9a:0d:48:63:94:62:1c:92:
83:a2:37:fb:46:a2:93:b1:85:a2:a6:86:b2:37:48:
2d:aa:57:ad:1e:67:23:23:bb:c1:53:69:7a:b0:f6:
02:56:72:25:b4:41:fb:37:7b:49:6b:da:c8:01:39:
7e:18:6d:61:f6:b1:d9:72:0d:85:05:c8:71:bc:0a:
8f:85:ed:be:62:75:71:fe:e6:68:9b:35:8c:e8:3f:
d7:03:0f:a4:61:da:25:50:8c:a3:4f:ac:c9:79:d8:
ed:4b:28:c7:f9:d2:48:48:a1:26:22:42:d3:34:3a:
bd:f9:c4:91:61:9c:db:7c:b2:9a:e2:e3:16:01:79:
af:96:45:01:dc:ba:8c:95:62:0e:7e:79:9f:7a:11:
6a:e9:58:18:97:dc:31:51:ea:94:88:89:33:c1:fd:
bc:a6:49:bd:2c:a6:76:c5:1a:75:80:56:bc:de:37:
2d:9a:5e:cf:78:32:93:2c:06:ed:44:65:2f:91:3e:
bf:f8:b3:42:b3:4c:74:2e:13:52:8d:d7:56:cf:e1:
3f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:05:4A:6B:0B:74:7B:E3:67:DA:36:A8:6E:A6:8B:1B:37:30:AD:D8
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e34322e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.42.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2f:5b:e5:3c:f5:70:7e:ad:a0:2b:fd:7b:91:fd:15:8a:bf:
1c:27:83:e0:b5:65:e2:26:bd:82:80:9f:44:0f:87:68:0a:19:
ac:7b:71:5e:b5:a4:1b:0d:f1:2e:e9:b0:7a:83:81:65:54:be:
20:2f:8e:ba:e8:ef:30:07:76:1f:84:b0:43:7a:2b:c0:7b:e5:
1b:77:bd:96:83:ad:c4:d2:6c:36:20:87:cc:ec:ed:0a:f8:33:
b7:45:5c:da:c7:ab:6d:aa:10:ce:d9:68:30:5c:39:cd:54:6d:
13:f7:43:ba:df:34:25:4f:e7:2c:82:09:ef:66:1e:d9:4b:b6:
47:a3:0d:ad:b1:5e:3d:be:29:a6:e0:cb:15:c8:84:27:0e:3f:
2e:d0:61:74:44:60:31:f1:46:14:7c:62:94:3f:b2:7b:09:3a:
47:22:ba:bb:6d:49:de:0e:65:52:41:a6:38:66:a0:2e:7c:60:
ec:9d:63:b0:4e:c4:24:74:0d:18:f7:f4:06:cd:d1:ef:e2:eb:
c1:5e:d1:07:fa:ba:07:4f:0d:1b:2a:ca:43:a7:17:ae:3b:7e:
35:75:f8:2c:61:c6:6d:70:d2:0b:c1:dc:e8:73:f1:75:21:93:
8f:23:32:2d:73:9e:21:4d:71:e8:9b:8e:02:23:53:2b:20:a0:
b9:12:c5:84
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIULbo7qvAApKyHkGIEM7XCOTg6mfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDNaFw0yMzA0MTEwOTAwMDNaMDMxMTAvBgNV
BAMTKEM1MDU0QTZCMEI3NDdCRTM2N0RBMzZBODZFQTY4QjFCMzczMEFERDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6LxFKr9nz4AVvCDB+ZrqmqIpo
uwDxSuk/he29SQMi1VOEAbR544RPV40hqNe/4Tk8zHaaDUhjlGIckoOiN/tGopOx
haKmhrI3SC2qV60eZyMju8FTaXqw9gJWciW0Qfs3e0lr2sgBOX4YbWH2sdlyDYUF
yHG8Co+F7b5idXH+5mibNYzoP9cDD6Rh2iVQjKNPrMl52O1LKMf50khIoSYiQtM0
Or35xJFhnNt8spri4xYBea+WRQHcuoyVYg5+eZ96EWrpWBiX3DFR6pSIiTPB/bym
Sb0spnbFGnWAVrzeNy2aXs94MpMsBu1EZS+RPr/4s0KzTHQuE1KN11bP4T+HAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUxQVKawt0e+Nn2jaobqaLGzcwrdgwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzQzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NCowDQYJKoZIhvcN
AQELBQADggEBAEQvW+U89XB+raAr/XuR/RWKvxwng+C1ZeImvYKAn0QPh2gKGax7
cV61pBsN8S7psHqDgWVUviAvjrro7zAHdh+EsEN6K8B75Rt3vZaDrcTSbDYgh8zs
7Qr4M7dFXNrHq22qEM7ZaDBcOc1UbRP3Q7rfNCVP5yyCCe9mHtlLtkejDa2xXj2+
KabgyxXIhCcOPy7QYXREYDHxRhR8YpQ/snsJOkciurttSd4OZVJBpjhmoC58YOyd
Y7BOxCR0DRj39AbN0e/i68Fe0Qf6ugdPDRsqykOnF647fjV1+Cxhxm1w0gvB3Ohz
8XUhk48jMi1zniFNceibjgIjUysgoLkSxYQ=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net