Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36312e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e36312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 9dlVD1BiMWPpgpBn0aRsA/jrBa+mZ+19j5eH9dR22Yg=
Subject key identifier: 59:34:8A:E6:A5:15:F0:5B:60:89:0E:2D:59:D8:07:E8:83:35:79:1B
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 73EDC18E8DC4F0561F1C426A69C7FA178FD20C24
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36312e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 10:00:00 +0000
ROA not before: Tue 12 Apr 2022 09:55:00 +0000
ROA not after: Tue 11 Apr 2023 10:00:00 +0000
asID: 17885
IP address blocks: 121.52.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ed:c1:8e:8d:c4:f0:56:1f:1c:42:6a:69:c7:fa:17:8f:d2:0c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 09:55:00 2022 GMT
Not After : Apr 11 10:00:00 2023 GMT
Subject: CN=59348AE6A515F05B60890E2D59D807E88335791B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9f:5c:5d:48:99:06:e5:eb:c2:39:8b:39:d5:
91:46:19:8b:cf:71:11:fe:c8:0c:0a:08:44:84:ea:
87:88:16:32:af:b6:6f:34:b8:a1:f4:80:8b:25:a6:
d4:9c:62:eb:23:57:0f:a4:11:bb:e1:7d:12:85:b9:
f0:f7:b3:2b:a2:a2:38:06:72:3c:91:0f:3c:98:aa:
ef:58:a9:3f:71:8c:ed:07:59:7b:55:ee:2a:dd:d5:
34:ab:cd:eb:dc:a0:f8:91:8c:77:6b:e7:dd:75:19:
ea:21:d9:2f:fd:3c:a5:38:2a:df:d5:1b:b4:fa:c6:
82:e9:95:5d:1b:98:ec:8f:12:17:6f:90:30:ff:a3:
f9:e9:a6:8d:80:41:63:a0:6a:d0:cc:0d:93:ef:93:
7f:a4:4c:ee:61:db:97:17:16:06:6b:43:b2:94:02:
fe:03:b2:06:d1:bf:33:8b:19:ac:ff:12:0f:c3:74:
21:0b:ee:30:3a:18:61:fb:ef:41:6c:16:e1:31:a2:
bf:b5:fa:1c:de:7a:c9:13:b9:26:cc:31:5f:7b:b1:
f7:77:41:4e:fb:95:87:c1:ef:50:90:90:08:79:77:
bc:8d:2d:67:cf:26:07:cc:1f:d6:f5:03:4c:70:e1:
e3:db:ea:f9:c4:c2:53:7c:14:f1:ea:45:95:1c:cb:
90:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:34:8A:E6:A5:15:F0:5B:60:89:0E:2D:59:D8:07:E8:83:35:79:1B
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.61.0/24
Signature Algorithm: sha256WithRSAEncryption
25:c5:cf:fd:89:ec:97:e2:04:a6:93:bb:cf:40:ec:29:29:f9:
48:46:d1:03:c7:56:50:36:0e:b9:a0:7a:9f:d2:50:8f:0a:03:
bd:83:84:8d:25:2d:9f:f2:59:6c:35:db:86:be:5a:ea:da:44:
33:2f:d8:55:da:f9:b3:0b:09:28:6e:79:14:f6:23:cf:d1:09:
63:75:3c:c1:8c:58:9a:ff:02:9a:d7:f4:c4:bd:fc:2e:74:e5:
6a:f0:e9:e4:bf:a5:17:d1:c2:ab:ee:66:31:76:e7:94:75:63:
1c:48:2a:dc:59:89:71:c2:fd:30:10:25:03:df:8a:62:8a:d3:
03:63:53:3a:50:ab:16:10:4e:30:4d:2b:8a:66:51:21:da:1f:
05:34:95:82:02:34:2b:38:b5:ab:da:85:5d:89:51:bf:dc:48:
00:33:a2:7f:01:9d:7f:cd:1f:35:62:5a:19:d2:fc:07:97:c5:
7f:ab:ec:3a:ad:cd:32:bf:5a:ea:ab:3a:e3:26:5b:5a:c6:8b:
f1:e4:72:a5:bb:8c:7d:30:fe:1f:26:36:40:3f:f5:aa:d7:2d:
9e:4b:cc:11:fb:bb:9f:f7:4b:86:58:fe:a1:fe:11:c8:f9:c2:
d9:d5:27:2f:04:e0:6a:b1:da:07:79:ae:11:ae:ea:64:e3:7a:
06:a7:52:2b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUc+3Bjo3E8FYfHEJqacf6F4/SDCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwOTU1MDBaFw0yMzA0MTExMDAwMDBaMDMxMTAvBgNV
BAMTKDU5MzQ4QUU2QTUxNUYwNUI2MDg5MEUyRDU5RDgwN0U4ODMzNTc5MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOn1xdSJkG5evCOYs51ZFGGYvP
cRH+yAwKCESE6oeIFjKvtm80uKH0gIslptScYusjVw+kEbvhfRKFufD3syuiojgG
cjyRDzyYqu9YqT9xjO0HWXtV7ird1TSrzevcoPiRjHdr5911Geoh2S/9PKU4Kt/V
G7T6xoLplV0bmOyPEhdvkDD/o/nppo2AQWOgatDMDZPvk3+kTO5h25cXFgZrQ7KU
Av4DsgbRvzOLGaz/Eg/DdCEL7jA6GGH770FsFuExor+1+hzeeskTuSbMMV97sfd3
QU77lYfB71CQkAh5d7yNLWfPJgfMH9b1A0xw4ePb6vnEwlN8FPHqRZUcy5B9AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUWTSK5qUV8FtgiQ4tWdgH6IM1eRswHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzYzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5ND0wDQYJKoZIhvcN
AQELBQADggEBACXFz/2J7JfiBKaTu89A7Ckp+UhG0QPHVlA2Drmgep/SUI8KA72D
hI0lLZ/yWWw124a+WuraRDMv2FXa+bMLCShueRT2I8/RCWN1PMGMWJr/AprX9MS9
/C505Wrw6eS/pRfRwqvuZjF255R1YxxIKtxZiXHC/TAQJQPfimKK0wNjUzpQqxYQ
TjBNK4pmUSHaHwU0lYICNCs4tavahV2JUb/cSAAzon8BnX/NHzViWhnS/AeXxX+r
7DqtzTK/WuqrOuMmW1rGi/HkcqW7jH0w/h8mNkA/9arXLZ5LzBH7u5/3S4ZY/qH+
Ecj5wtnVJy8E4Gqx2gd5rhGu6mTjeganUis=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net