Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35312e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e35312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: /fVf9xNB6B/nVLrJVIQN19/NUBA8rO7uMbRQdJwExOE=
Subject key identifier: 8A:6E:F3:D5:81:5E:EC:BE:59:14:67:F6:94:75:40:3A:08:51:F4:5E
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 4D89A68858D429334E20425D4BA81F049100306C
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35312e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 09:00:02 +0000
ROA not before: Tue 12 Apr 2022 08:55:02 +0000
ROA not after: Tue 11 Apr 2023 09:00:02 +0000
asID: 17885
IP address blocks: 121.52.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:89:a6:88:58:d4:29:33:4e:20:42:5d:4b:a8:1f:04:91:00:30:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 08:55:02 2022 GMT
Not After : Apr 11 09:00:02 2023 GMT
Subject: CN=8A6EF3D5815EECBE591467F69475403A0851F45E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:57:0e:e0:be:17:9f:4f:84:3d:cb:06:3c:ac:
1f:0b:e5:8a:08:07:78:0f:f1:1b:6b:ea:8e:c2:d1:
95:e6:25:17:bd:a0:ca:34:b0:87:d8:9c:c6:0a:05:
f0:05:1e:bd:68:ed:67:ae:48:58:44:1b:42:5e:ca:
57:ed:cb:f9:d3:f4:dd:1e:b7:6b:1f:24:33:94:ad:
47:72:05:cb:be:58:19:dd:1e:db:d9:f7:b0:ee:54:
dd:84:9a:0c:18:1e:d9:9b:f6:eb:87:f2:1d:ad:37:
ab:ff:e9:d9:05:1d:24:7a:43:93:cc:af:c5:45:36:
65:aa:f4:68:b8:31:b1:cd:bd:8e:c2:d1:93:22:8a:
1c:88:98:51:36:ba:34:6d:c3:8c:1e:72:27:a7:bc:
10:93:7f:f9:96:c2:6e:68:e1:38:e7:c5:b0:d7:d8:
0d:05:3c:23:b8:76:dc:a6:f0:67:12:01:96:b8:30:
01:5f:93:74:30:14:2b:be:91:97:c8:0a:a9:37:5e:
50:58:b8:23:01:ea:e8:76:fa:ce:e3:58:8c:d7:98:
56:d3:f7:87:a9:4d:ea:93:0b:66:6e:80:b4:4d:ae:
48:76:38:17:c5:3c:48:8e:f3:55:6c:27:9c:42:ca:
85:88:2e:8c:33:55:80:4d:b6:1f:a7:3f:f5:0a:4d:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6E:F3:D5:81:5E:EC:BE:59:14:67:F6:94:75:40:3A:08:51:F4:5E
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e35312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.51.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a5:85:26:9a:59:74:11:69:dc:4d:fe:12:7f:c8:dc:b0:79:
eb:f4:b1:3b:70:27:78:54:17:df:88:64:4a:e5:6d:78:6c:c5:
25:7b:ec:39:c5:26:38:30:ca:31:b5:99:5b:48:68:c5:be:b3:
ae:18:de:a1:41:26:79:39:85:09:e7:0d:fb:74:79:76:a3:b4:
eb:09:65:c8:9e:f2:79:0a:26:30:10:47:f6:b1:7d:7a:2f:84:
1e:9e:bf:e1:5b:33:b7:e0:03:cb:c8:5d:52:99:10:d4:d9:d2:
38:ac:a5:62:b8:9e:02:67:da:0a:b9:d8:97:51:3c:db:34:2c:
03:82:f9:2c:ad:1b:1d:37:e0:6a:50:1f:55:c2:7a:f1:0c:4d:
6a:78:a1:29:1f:27:93:10:84:b9:70:d0:14:2d:b1:7b:fe:fe:
83:f3:ee:9f:5b:62:7c:71:0c:03:70:ff:6e:6b:18:74:c3:d5:
43:6b:ba:7d:49:c7:dd:dd:47:bb:ec:71:14:1f:bb:c1:a9:9e:
ff:d7:44:8b:10:2f:b5:77:62:3c:e6:14:83:a9:0b:f8:08:a0:
76:50:4a:aa:0a:cc:c9:a0:a8:df:01:09:ed:04:dc:dd:56:aa:
ba:c2:53:76:44:33:7f:04:eb:52:5c:fe:bb:db:9c:04:55:a0:
3f:b7:1a:9b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUTYmmiFjUKTNOIEJdS6gfBJEAMGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwODU1MDJaFw0yMzA0MTEwOTAwMDJaMDMxMTAvBgNV
BAMTKDhBNkVGM0Q1ODE1RUVDQkU1OTE0NjdGNjk0NzU0MDNBMDg1MUY0NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIVw7gvhefT4Q9ywY8rB8L5YoI
B3gP8Rtr6o7C0ZXmJRe9oMo0sIfYnMYKBfAFHr1o7WeuSFhEG0Jeylfty/nT9N0e
t2sfJDOUrUdyBcu+WBndHtvZ97DuVN2EmgwYHtmb9uuH8h2tN6v/6dkFHSR6Q5PM
r8VFNmWq9Gi4MbHNvY7C0ZMiihyImFE2ujRtw4wecienvBCTf/mWwm5o4TjnxbDX
2A0FPCO4dtym8GcSAZa4MAFfk3QwFCu+kZfICqk3XlBYuCMB6uh2+s7jWIzXmFbT
94epTeqTC2ZugLRNrkh2OBfFPEiO81VsJ5xCyoWILowzVYBNth+nP/UKTVpZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUim7z1YFe7L5ZFGf2lHVAOghR9F4wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzUzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NDMwDQYJKoZIhvcN
AQELBQADggEBAIqlhSaaWXQRadxN/hJ/yNyweev0sTtwJ3hUF9+IZErlbXhsxSV7
7DnFJjgwyjG1mVtIaMW+s64Y3qFBJnk5hQnnDft0eXajtOsJZcie8nkKJjAQR/ax
fXovhB6ev+FbM7fgA8vIXVKZENTZ0jispWK4ngJn2gq52JdRPNs0LAOC+SytGx03
4GpQH1XCevEMTWp4oSkfJ5MQhLlw0BQtsXv+/oPz7p9bYnxxDANw/25rGHTD1UNr
un1Jx93dR7vscRQfu8Gpnv/XRIsQL7V3YjzmFIOpC/gIoHZQSqoKzMmgqN8BCe0E
3N1WqrrCU3ZEM38E61Jc/rvbnARVoD+3Gps=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net