Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37302e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37302e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: tTi8n3oXPgG4O77ym8Tr0kKgcVoIPCPpkEZ5krZbiY0=
Subject key identifier: 89:85:31:00:DA:AA:59:E3:9E:03:A4:3F:78:44:0E:B7:7F:D2:80:A7
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 38A03FD7132DB6036D5CF7D9B7AA031C8813582B
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37302e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:01 +0000
ROA not before: Wed 13 Apr 2022 03:55:01 +0000
ROA not after: Wed 12 Apr 2023 04:00:01 +0000
asID: 17885
IP address blocks: 121.52.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:a0:3f:d7:13:2d:b6:03:6d:5c:f7:d9:b7:aa:03:1c:88:13:58:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:01 2022 GMT
Not After : Apr 12 04:00:01 2023 GMT
Subject: CN=89853100DAAA59E39E03A43F78440EB77FD280A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:b5:c4:7a:70:5c:a9:31:1e:89:29:0c:7f:
4f:3d:3a:a5:54:00:93:39:c8:f6:28:dc:b5:66:89:
f9:0e:c4:b3:68:2a:67:36:b3:b9:d9:ce:50:8c:d1:
88:8c:9e:b0:8f:c7:d3:ee:3d:47:1a:9f:a5:ce:df:
c1:c3:6e:ad:03:14:7c:6e:ef:c3:7a:65:d5:f4:1a:
eb:e8:79:d4:a3:6d:28:3c:57:64:d2:87:08:82:7c:
cc:3d:54:e0:68:8a:50:cf:fc:82:ca:31:f4:e5:39:
bc:29:77:7a:fd:ac:45:af:d0:4a:07:6d:5f:ea:cd:
ed:25:f8:f0:21:02:c0:bf:92:fc:c5:0b:49:36:51:
cd:37:d1:95:50:fa:55:94:14:ee:dd:e3:1f:81:3b:
c5:ab:04:97:08:16:c0:06:fe:5a:44:6a:27:41:78:
19:43:66:0a:42:b2:a8:38:8a:93:9d:bc:5d:c6:a7:
32:13:fe:86:7c:63:ca:82:a7:35:38:c1:cc:af:84:
e2:dd:7c:a9:b4:fd:93:e8:71:97:c8:b0:69:15:eb:
1c:fe:ae:85:07:b1:12:79:2f:9c:27:e0:8d:71:4c:
02:b6:4d:12:ec:8b:19:c4:71:47:02:54:d2:f8:85:
54:09:ff:48:66:88:67:9a:25:b9:2b:11:cc:92:ee:
c6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:85:31:00:DA:AA:59:E3:9E:03:A4:3F:78:44:0E:B7:7F:D2:80:A7
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37302e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.70.0/24
Signature Algorithm: sha256WithRSAEncryption
81:72:f8:30:c3:9f:e9:95:cc:38:4e:a1:d2:30:e8:62:e7:3f:
cf:20:9a:47:27:03:4f:54:b5:44:2e:53:78:d3:7d:c6:23:2b:
67:f2:bf:b6:48:12:93:d3:2d:03:a7:35:58:ef:10:6e:4e:f9:
36:12:a4:0d:03:08:d8:b1:e3:d4:25:b0:c5:d9:44:b3:24:28:
7e:42:bf:f4:75:fc:5e:9b:4b:37:67:66:31:b8:40:ef:d8:1c:
0a:ba:64:bb:d2:b3:a3:7a:9d:60:1d:15:c8:06:58:33:fc:4d:
09:9e:1f:ac:c7:86:12:6c:92:5f:91:e4:a8:ed:7d:01:63:20:
1f:75:32:d0:3f:1a:34:7f:25:9b:bd:2f:48:46:44:d1:d3:d9:
24:4f:ff:75:5b:1d:50:17:51:e6:c6:55:07:c6:1e:0b:42:92:
65:72:cf:c6:9b:10:9d:4f:17:4b:9a:1f:69:d8:b8:52:03:e2:
cf:42:4e:01:b6:e2:76:b5:12:41:73:9b:9f:ec:14:13:7d:97:
0d:a2:9f:31:03:4b:5a:43:7f:ed:cf:ad:4d:d7:68:7d:5b:a1:
3c:85:d6:b1:0b:07:32:b5:6f:51:57:12:36:ed:d7:d9:71:6a:
c5:30:bb:93:de:71:21:f0:d8:af:93:d2:f1:38:07:71:03:f1:
c5:91:16:53
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUOKA/1xMttgNtXPfZt6oDHIgTWCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDFaFw0yMzA0MTIwNDAwMDFaMDMxMTAvBgNV
BAMTKDg5ODUzMTAwREFBQTU5RTM5RTAzQTQzRjc4NDQwRUI3N0ZEMjgwQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCunrXEenBcqTEeiSkMf089OqVU
AJM5yPYo3LVmifkOxLNoKmc2s7nZzlCM0YiMnrCPx9PuPUcan6XO38HDbq0DFHxu
78N6ZdX0GuvoedSjbSg8V2TShwiCfMw9VOBoilDP/ILKMfTlObwpd3r9rEWv0EoH
bV/qze0l+PAhAsC/kvzFC0k2Uc030ZVQ+lWUFO7d4x+BO8WrBJcIFsAG/lpEaidB
eBlDZgpCsqg4ipOdvF3GpzIT/oZ8Y8qCpzU4wcyvhOLdfKm0/ZPocZfIsGkV6xz+
roUHsRJ5L5wn4I1xTAK2TRLsixnEcUcCVNL4hVQJ/0hmiGeaJbkrEcyS7sbJAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUiYUxANqqWeOeA6Q/eEQOt3/SgKcwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczMDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEYwDQYJKoZIhvcN
AQELBQADggEBAIFy+DDDn+mVzDhOodIw6GLnP88gmkcnA09UtUQuU3jTfcYjK2fy
v7ZIEpPTLQOnNVjvEG5O+TYSpA0DCNix49QlsMXZRLMkKH5Cv/R1/F6bSzdnZjG4
QO/YHAq6ZLvSs6N6nWAdFcgGWDP8TQmeH6zHhhJskl+R5KjtfQFjIB91MtA/GjR/
JZu9L0hGRNHT2SRP/3VbHVAXUebGVQfGHgtCkmVyz8abEJ1PF0uaH2nYuFID4s9C
TgG24na1EkFzm5/sFBN9lw2inzEDS1pDf+3PrU3XaH1boTyF1rELBzK1b1FXEjbt
19lxasUwu5PecSHw2K+T0vE4B3ED8cWRFlM=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net