Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36362e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e36362e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 241CXhJUugkqiDgmWUbqBg1S5gflZqDcu/2iyO6/Cp4=
Subject key identifier: D0:98:56:9C:3B:D9:EE:81:04:23:39:BD:FD:E6:CF:7D:F1:28:72:0C
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 54BB1637DD3111FE10CF6245BEDA4FF9AB3D31DC
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36362e302f32342d3234203d3e203137383835.roa
Signing time: Tue 12 Apr 2022 10:00:00 +0000
ROA not before: Tue 12 Apr 2022 09:55:00 +0000
ROA not after: Tue 11 Apr 2023 10:00:00 +0000
asID: 17885
IP address blocks: 121.52.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:bb:16:37:dd:31:11:fe:10:cf:62:45:be:da:4f:f9:ab:3d:31:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 12 09:55:00 2022 GMT
Not After : Apr 11 10:00:00 2023 GMT
Subject: CN=D098569C3BD9EE81042339BDFDE6CF7DF128720C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:cb:9e:72:a5:56:50:97:20:0e:8a:07:e2:
08:dd:9a:f2:48:21:95:c3:90:db:3c:e3:1e:59:ac:
c7:63:20:22:57:ac:79:08:d5:f9:84:6b:d1:ba:0c:
b1:54:cd:95:75:48:bf:05:3c:18:a6:cc:fb:bb:15:
ab:9a:2f:6a:bb:ce:72:d7:51:ae:e0:b0:3c:b1:f0:
4c:2d:60:38:37:d1:fe:a3:b0:b1:f5:b9:18:18:08:
ff:47:e3:0d:3d:f4:b1:c6:ab:9d:c3:45:86:ad:4e:
41:2b:03:f5:e7:c0:4b:89:f2:cb:a6:6b:30:d0:f4:
45:ea:ea:f8:d9:dc:99:55:4e:73:e1:e4:63:a5:4a:
24:89:f9:5a:df:36:d9:6f:a7:27:b0:cf:cb:15:4f:
b8:ce:68:d4:32:b6:e5:ef:21:19:40:51:f7:81:5d:
dc:25:69:33:09:cd:02:16:2d:20:d9:e6:e0:4e:3b:
41:f8:fd:37:50:6e:c9:bd:4e:06:4b:6f:b5:23:ef:
a9:e3:35:7c:f5:d3:ea:50:3a:da:c0:98:fc:3b:13:
07:84:73:be:d0:1d:fe:14:c7:27:e3:70:a0:fe:90:
6d:9b:a6:0c:88:6d:46:b4:25:55:f7:33:d1:fb:40:
73:b4:30:eb:ff:ff:dc:fd:39:3b:4a:1b:d4:97:a2:
3f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:56:9C:3B:D9:EE:81:04:23:39:BD:FD:E6:CF:7D:F1:28:72:0C
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e36362e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.66.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c5:77:6a:d6:d7:69:4a:0b:e2:55:70:b9:6e:74:3d:86:b6:
3b:f6:dc:ab:d6:69:31:02:d6:7e:50:03:91:cc:c7:a7:83:26:
ec:26:dd:82:e0:a0:b2:4e:e0:2a:b3:87:38:70:10:6e:0f:1f:
87:28:8f:83:e5:9a:7e:e6:d5:4a:40:05:39:2d:23:d9:db:a2:
dc:b0:8e:50:3c:bb:fe:a6:99:0c:31:a7:18:6c:2f:67:97:e3:
54:39:12:a0:25:1b:d5:4b:ec:2c:f1:07:c3:33:82:61:17:51:
71:60:83:f8:ba:48:70:1f:6d:8c:82:7b:f9:e3:b0:7b:9b:b2:
16:a1:69:19:83:58:0d:19:c2:ed:57:c5:50:4c:54:48:83:20:
27:8f:b9:a9:d0:9d:55:8c:8e:19:72:c0:7b:aa:d1:69:33:48:
fa:1a:da:9d:d6:50:32:f8:80:d6:90:d0:49:4d:5f:83:a9:9b:
23:05:95:00:17:18:1f:fd:85:64:0d:f8:6d:08:50:ef:1c:f6:
d9:b5:3a:53:d1:1d:df:94:39:73:8c:88:df:72:a7:ca:3a:3d:
da:92:ce:89:10:84:88:25:a4:df:7c:04:41:c2:cd:18:ea:18:
07:c0:07:8b:e1:6f:ad:46:88:6a:83:6c:1b:26:ed:05:e8:93:
21:d0:9a:4d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUVLsWN90xEf4Qz2JFvtpP+as9MdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTIwOTU1MDBaFw0yMzA0MTExMDAwMDBaMDMxMTAvBgNV
BAMTKEQwOTg1NjlDM0JEOUVFODEwNDIzMzlCREZERTZDRjdERjEyODcyMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7vMuecqVWUJcgDooH4gjdmvJI
IZXDkNs84x5ZrMdjICJXrHkI1fmEa9G6DLFUzZV1SL8FPBimzPu7FauaL2q7znLX
Ua7gsDyx8EwtYDg30f6jsLH1uRgYCP9H4w099LHGq53DRYatTkErA/XnwEuJ8sum
azDQ9EXq6vjZ3JlVTnPh5GOlSiSJ+VrfNtlvpyewz8sVT7jOaNQytuXvIRlAUfeB
XdwlaTMJzQIWLSDZ5uBOO0H4/TdQbsm9TgZLb7Uj76njNXz10+pQOtrAmPw7EweE
c77QHf4UxyfjcKD+kG2bpgyIbUa0JVX3M9H7QHO0MOv//9z9OTtKG9SXoj9FAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU0JhWnDvZ7oEEIzm9/ebPffEocgwwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzYzNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEIwDQYJKoZIhvcN
AQELBQADggEBABPFd2rW12lKC+JVcLludD2Gtjv23KvWaTEC1n5QA5HMx6eDJuwm
3YLgoLJO4CqzhzhwEG4PH4coj4Plmn7m1UpABTktI9nbotywjlA8u/6mmQwxpxhs
L2eX41Q5EqAlG9VL7CzxB8MzgmEXUXFgg/i6SHAfbYyCe/njsHubshahaRmDWA0Z
wu1XxVBMVEiDICePuanQnVWMjhlywHuq0WkzSPoa2p3WUDL4gNaQ0ElNX4OpmyMF
lQAXGB/9hWQN+G0IUO8c9tm1OlPRHd+UOXOMiN9yp8o6PdqSzokQhIglpN98BEHC
zRjqGAfAB4vhb61GiGqDbBsm7QXokyHQmk0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net