Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36352e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e36352e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: jxZ5l10yOrKBGtCCKRCp9LZfmLOS2H+dzqNC7+l09V0=
Subject key identifier: DE:59:F0:20:9C:15:24:BD:7C:C2:32:34:EE:0E:AE:E6:02:DA:F6:DD
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 1AB2CB4B9FE284BC98C29531E2C3DD611CA1BF78
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36352e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 10:00:00 +0000
ROA not before: Tue 12 Apr 2022 09:55:00 +0000
ROA not after: Tue 11 Apr 2023 10:00:00 +0000
asID: 17885
IP address blocks: 121.52.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b2:cb:4b:9f:e2:84:bc:98:c2:95:31:e2:c3:dd:61:1c:a1:bf:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 09:55:00 2022 GMT
Not After : Apr 11 10:00:00 2023 GMT
Subject: CN=DE59F0209C1524BD7CC23234EE0EAEE602DAF6DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4d:b1:d8:51:8a:7a:7a:e2:8a:f3:1c:e7:ad:
93:26:ec:2b:8c:8b:53:0b:b9:3e:7b:23:54:ce:91:
8e:34:d3:58:5a:06:e1:00:db:21:4d:c7:8a:ba:7d:
48:60:51:36:75:c7:c5:f5:8f:57:07:a4:14:05:ea:
c1:43:61:f8:84:a6:b6:c8:fe:bf:b1:7f:9e:45:41:
cd:44:c4:2d:87:6f:62:65:2a:39:60:47:34:d1:e8:
e9:bc:9e:47:3f:e6:43:9d:ae:d6:32:db:c2:7e:9b:
fc:09:25:63:8d:ce:b7:f5:bf:f4:5b:be:2c:91:71:
bc:90:ad:f6:fe:e7:39:ed:9e:b0:02:f2:53:33:c8:
81:aa:ca:0d:41:9d:bc:05:bf:77:32:57:c7:eb:f7:
c9:b5:84:83:00:69:5f:2f:06:10:05:d3:79:c5:2c:
1a:ef:87:8b:e7:2c:5b:04:1a:ec:91:c1:2d:cf:34:
e9:7f:13:b9:1d:5c:d9:9a:22:23:89:20:40:8d:7d:
a2:56:68:43:81:80:6c:af:7d:b9:6e:9b:15:3b:8b:
0d:37:f8:d5:1a:0b:13:3e:70:cd:fc:71:69:4f:d5:
f7:43:9d:80:79:ae:fc:3b:f0:b5:fc:67:d6:a7:d8:
0d:6a:4f:62:c9:2a:c9:44:be:01:e4:a5:36:8b:49:
9f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:59:F0:20:9C:15:24:BD:7C:C2:32:34:EE:0E:AE:E6:02:DA:F6:DD
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36352e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.65.0/24
Signature Algorithm: sha256WithRSAEncryption
74:88:22:37:e7:77:c7:3f:49:ea:0d:71:cc:e4:ac:f5:c1:26:
a1:9c:61:a0:73:ad:c0:51:07:84:58:6e:fd:aa:05:b4:00:db:
4c:a9:cc:2f:61:59:7b:6e:7d:ee:38:16:70:c8:1e:b5:49:55:
b9:8b:bf:87:67:84:f2:8a:d0:7e:9a:47:be:12:7c:47:55:85:
f9:e9:49:13:a9:da:57:3f:20:ed:1a:ce:be:51:82:7f:24:fc:
9f:64:ee:5e:41:1f:a4:0d:c9:98:b4:c6:8d:3d:09:30:e0:b4:
6d:a0:10:85:55:d0:0f:ab:a5:21:1a:8a:d3:bd:5f:61:94:ee:
d1:f6:d7:40:17:07:44:de:04:9a:bd:2c:0e:87:c2:8e:b2:24:
f5:1b:58:fb:67:db:c9:56:0f:75:b1:84:c1:f9:51:ad:ef:87:
fd:22:18:c5:56:08:d1:70:9e:f0:0c:1e:73:c1:95:37:7b:cd:
fc:5f:ce:d3:99:6f:9d:55:a1:59:9c:5a:0d:78:7b:a3:a5:12:
b5:9e:15:17:1a:c3:98:da:98:f4:4f:ce:c7:6d:d5:cf:b7:de:
2c:34:8f:c1:d3:74:1a:f6:0b:b4:29:b3:4f:d6:75:c6:97:af:
69:8a:d2:1f:f6:e3:36:c9:f7:ac:4a:6e:5a:67:94:c0:8f:9b:
45:1e:3b:0a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUGrLLS5/ihLyYwpUx4sPdYRyhv3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwOTU1MDBaFw0yMzA0MTExMDAwMDBaMDMxMTAvBgNV
BAMTKERFNTlGMDIwOUMxNTI0QkQ3Q0MyMzIzNEVFMEVBRUU2MDJEQUY2REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUTbHYUYp6euKK8xznrZMm7CuM
i1MLuT57I1TOkY4001haBuEA2yFNx4q6fUhgUTZ1x8X1j1cHpBQF6sFDYfiEprbI
/r+xf55FQc1ExC2Hb2JlKjlgRzTR6Om8nkc/5kOdrtYy28J+m/wJJWONzrf1v/Rb
viyRcbyQrfb+5zntnrAC8lMzyIGqyg1BnbwFv3cyV8fr98m1hIMAaV8vBhAF03nF
LBrvh4vnLFsEGuyRwS3PNOl/E7kdXNmaIiOJIECNfaJWaEOBgGyvfblumxU7iw03
+NUaCxM+cM38cWlP1fdDnYB5rvw78LX8Z9an2A1qT2LJKslEvgHkpTaLSZ8DAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU3lnwIJwVJL18wjI07g6u5gLa9t0wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzYzNTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEEwDQYJKoZIhvcN
AQELBQADggEBAHSIIjfnd8c/SeoNcczkrPXBJqGcYaBzrcBRB4RYbv2qBbQA20yp
zC9hWXtufe44FnDIHrVJVbmLv4dnhPKK0H6aR74SfEdVhfnpSROp2lc/IO0azr5R
gn8k/J9k7l5BH6QNyZi0xo09CTDgtG2gEIVV0A+rpSEaitO9X2GU7tH210AXB0Te
BJq9LA6Hwo6yJPUbWPtn28lWD3WxhMH5Ua3vh/0iGMVWCNFwnvAMHnPBlTd7zfxf
ztOZb51VoVmcWg14e6OlErWeFRcaw5jamPRPzsdt1c+33iw0j8HTdBr2C7Qps0/W
dcaXr2mK0h/24zbJ96xKblpnlMCPm0UeOwo=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net