Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36342e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e36342e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: uaKNx5avaRc8kt1Iq81THVDnssakFn5/08l/ANgaycM=
Subject key identifier: 7F:6E:91:7C:7D:4D:A5:1E:E6:8E:56:EF:F1:7E:3D:E0:EB:62:75:69
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 3C016D5C38355D972895EF65ACD3343DF6BD5345
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36342e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 10:00:00 +0000
ROA not before: Tue 12 Apr 2022 09:55:00 +0000
ROA not after: Tue 11 Apr 2023 10:00:00 +0000
asID: 17885
IP address blocks: 121.52.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:01:6d:5c:38:35:5d:97:28:95:ef:65:ac:d3:34:3d:f6:bd:53:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 09:55:00 2022 GMT
Not After : Apr 11 10:00:00 2023 GMT
Subject: CN=7F6E917C7D4DA51EE68E56EFF17E3DE0EB627569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:62:f9:cc:fa:49:f2:20:e5:02:83:2c:a0:bc:
fc:0a:0e:84:22:cf:f3:66:00:34:98:9d:77:e0:79:
35:13:1e:85:bc:44:a8:59:52:3b:38:e6:27:d9:5b:
ee:fa:85:ad:89:be:f2:e9:13:8f:dc:9e:7e:79:45:
28:b9:49:56:25:da:9f:d7:d1:bc:7d:5f:32:a5:ef:
33:b6:56:76:6a:6b:5b:9a:1e:85:64:93:71:82:29:
3d:a6:dc:01:12:67:84:11:c5:c1:48:96:34:67:e7:
20:c4:f0:89:e2:f5:4f:3e:56:b0:f5:51:1d:a2:59:
73:44:cb:95:dc:70:9d:c3:aa:93:e1:20:47:ef:d5:
1a:b2:06:29:f7:0c:bb:32:84:b2:bb:d8:1a:94:68:
0e:2a:bf:1c:88:1f:47:70:5a:36:b1:e0:4c:2a:29:
cb:f5:76:94:1b:1d:22:75:ae:15:4d:ba:a2:9f:8f:
eb:ad:53:1e:5f:81:25:73:b6:0e:32:7a:cc:ba:8d:
b4:a5:db:b9:e0:59:7a:a3:5a:f8:4c:89:ce:11:10:
5d:06:ca:f9:43:0c:c2:c0:bf:99:29:23:bc:e9:6e:
38:dc:dd:66:2b:9d:16:3a:de:c0:94:1e:56:4e:33:
61:1d:33:4a:6e:1a:f2:05:23:68:24:a9:43:9c:83:
dd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6E:91:7C:7D:4D:A5:1E:E6:8E:56:EF:F1:7E:3D:E0:EB:62:75:69
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36342e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.64.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b1:7e:7a:fe:98:3b:2c:86:b8:8f:33:b9:0b:c4:39:4a:62:
83:0b:66:cb:6b:11:78:51:86:a4:09:3b:ca:30:11:66:55:54:
3f:3d:6d:fc:ae:79:52:1d:31:62:b6:af:2e:66:81:01:15:1d:
5a:bc:a6:17:ea:68:50:3e:ae:d0:d5:44:a2:40:23:8f:c9:e9:
ab:86:f4:91:92:4d:1c:e0:b7:66:e6:8b:b7:88:79:b0:4e:39:
f5:46:8b:98:26:56:5f:fe:08:a5:92:ac:37:c6:a9:68:01:26:
7c:2d:c5:8e:f9:eb:c0:5f:23:b6:c8:07:fc:45:0a:c8:69:a3:
d8:26:62:b8:d8:ff:c8:65:bc:d0:2e:5e:64:8d:08:4f:6d:fa:
16:9b:8a:60:bf:b0:09:65:52:63:ed:83:51:f3:4e:79:53:16:
6f:a0:11:64:67:21:d4:19:e8:b3:37:78:f9:a4:2f:75:45:0c:
76:fe:5c:c2:6d:ea:9e:7d:70:3f:f2:bd:e5:86:b5:5f:2b:bc:
5f:26:2b:b3:79:0f:01:6f:08:33:7a:b3:3a:8a:e9:d3:0d:65:
66:40:e9:2f:24:25:3d:ee:7f:07:7b:01:15:e7:7d:fc:8d:7e:
af:48:ab:52:22:7b:05:eb:ab:3e:85:08:9e:4b:46:2a:66:92:
95:5e:35:ce
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUPAFtXDg1XZcole9lrNM0Pfa9U0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwOTU1MDBaFw0yMzA0MTExMDAwMDBaMDMxMTAvBgNV
BAMTKDdGNkU5MTdDN0Q0REE1MUVFNjhFNTZFRkYxN0UzREUwRUI2Mjc1NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiYvnM+knyIOUCgyygvPwKDoQi
z/NmADSYnXfgeTUTHoW8RKhZUjs45ifZW+76ha2JvvLpE4/cnn55RSi5SVYl2p/X
0bx9XzKl7zO2VnZqa1uaHoVkk3GCKT2m3AESZ4QRxcFIljRn5yDE8Ini9U8+VrD1
UR2iWXNEy5XccJ3DqpPhIEfv1RqyBin3DLsyhLK72BqUaA4qvxyIH0dwWjax4Ewq
Kcv1dpQbHSJ1rhVNuqKfj+utUx5fgSVztg4yesy6jbSl27ngWXqjWvhMic4REF0G
yvlDDMLAv5kpI7zpbjjc3WYrnRY63sCUHlZOM2EdM0puGvIFI2gkqUOcg93fAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUf26RfH1NpR7mjlbv8X494OtidWkwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzYzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEAwDQYJKoZIhvcN
AQELBQADggEBAAGxfnr+mDsshriPM7kLxDlKYoMLZstrEXhRhqQJO8owEWZVVD89
bfyueVIdMWK2ry5mgQEVHVq8phfqaFA+rtDVRKJAI4/J6auG9JGSTRzgt2bmi7eI
ebBOOfVGi5gmVl/+CKWSrDfGqWgBJnwtxY7568BfI7bIB/xFCshpo9gmYrjY/8hl
vNAuXmSNCE9t+habimC/sAllUmPtg1HzTnlTFm+gEWRnIdQZ6LM3ePmkL3VFDHb+
XMJt6p59cD/yveWGtV8rvF8mK7N5DwFvCDN6szqK6dMNZWZA6S8kJT3ufwd7ARXn
ffyNfq9Iq1IiewXrqz6FCJ5LRipmkpVeNc4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net