Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37332e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37332e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: YjRlyiISo4350A8MKBkv51cyd9j8FFfT1Ck72BeXCYg=
Subject key identifier: F3:A7:EE:37:46:6D:BA:AD:74:DC:22:DD:69:CD:8F:37:DF:99:02:27
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 30F15A213C5A741236678EEB04A7CE188BFF25E0
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37332e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:00 +0000
ROA not before: Wed 13 Apr 2022 03:55:00 +0000
ROA not after: Wed 12 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 121.52.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:f1:5a:21:3c:5a:74:12:36:67:8e:eb:04:a7:ce:18:8b:ff:25:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:00 2022 GMT
Not After : Apr 12 04:00:00 2023 GMT
Subject: CN=F3A7EE37466DBAAD74DC22DD69CD8F37DF990227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a0:d3:a9:50:58:f7:b5:03:77:c2:f2:f1:87:
76:42:fb:8f:fa:b9:a4:0b:bf:48:71:83:0f:41:f7:
43:5b:05:fd:d9:b2:4c:18:2b:64:83:89:5c:0d:bb:
d6:32:80:81:53:76:f9:dd:1c:47:5c:3f:5d:d3:86:
07:90:45:cf:dd:74:7f:91:13:aa:c8:ff:ee:c1:e7:
64:57:d2:69:d7:66:be:9d:c1:89:3b:4e:93:a8:47:
74:55:f9:01:86:11:11:28:2b:e3:99:07:44:d7:e9:
fb:77:31:bc:f7:cc:f4:cd:a6:e6:df:6a:74:ce:5a:
8d:e4:de:44:05:e1:f1:2f:6a:3e:23:94:81:9d:42:
5d:cf:69:28:d7:9c:2e:1b:0d:ce:a3:3a:2a:76:08:
f0:5f:42:82:ab:d4:87:bd:d1:a8:a9:2c:0b:5b:9f:
21:c7:93:74:9b:27:01:ab:48:8c:1c:ce:3c:c9:2f:
43:6c:2c:d6:81:f6:09:1d:bd:d5:bb:05:e2:b5:8c:
f8:9c:56:fb:32:6d:69:c5:1d:2a:aa:06:87:22:21:
c8:db:34:c8:e2:98:37:03:1b:76:e1:44:ee:77:e0:
2c:69:1c:ef:51:4c:1e:82:0a:d4:04:a8:2a:13:a4:
88:d9:47:b6:44:2d:95:db:cf:f7:27:57:b2:72:a4:
16:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A7:EE:37:46:6D:BA:AD:74:DC:22:DD:69:CD:8F:37:DF:99:02:27
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37332e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.73.0/24
Signature Algorithm: sha256WithRSAEncryption
58:1f:3c:59:e1:1c:c5:56:fe:6d:66:87:11:f2:20:08:8a:99:
79:9a:8e:30:b2:2f:8d:e4:6c:8c:d4:32:cf:f2:09:e9:c9:f6:
5a:99:a3:23:7b:65:bb:fe:f5:ea:82:a3:48:8d:50:b3:a9:2d:
0a:61:50:f4:5e:2c:e8:99:b1:e9:e9:a1:0d:17:50:e2:40:8d:
d6:55:6c:9b:17:64:23:c8:42:a0:ec:83:36:05:cd:d4:f1:e9:
1a:7c:af:38:ef:c7:37:9a:32:c0:e5:01:4a:ac:7b:0f:a0:73:
9b:a2:a1:b8:40:3b:73:c2:3d:e6:a7:e3:e2:29:bf:d5:54:33:
0d:20:4b:de:72:f9:2f:b3:53:1c:51:7c:e0:12:b4:98:01:b0:
32:a2:d6:43:18:c2:a9:22:cd:7c:bd:33:bb:c1:3d:ec:79:2e:
5c:11:46:fb:45:64:63:9a:2b:d6:09:11:05:d9:7d:b7:f7:53:
22:5f:11:ce:10:b6:e5:74:e5:a9:e4:f2:39:2b:00:40:63:67:
7a:43:44:b3:35:2e:ed:2b:f9:76:6b:76:0e:e3:14:f5:e6:26:
d7:02:ae:b3:7a:9d:ad:b8:87:0f:0b:a5:ad:bc:1d:71:e6:4d:
53:c1:91:90:53:e0:ad:63:b4:60:ff:29:4e:03:aa:6e:1e:80:
a1:1d:14:82
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUMPFaITxadBI2Z47rBKfOGIv/JeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDBaFw0yMzA0MTIwNDAwMDBaMDMxMTAvBgNV
BAMTKEYzQTdFRTM3NDY2REJBQUQ3NERDMjJERDY5Q0Q4RjM3REY5OTAyMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJoNOpUFj3tQN3wvLxh3ZC+4/6
uaQLv0hxgw9B90NbBf3ZskwYK2SDiVwNu9YygIFTdvndHEdcP13ThgeQRc/ddH+R
E6rI/+7B52RX0mnXZr6dwYk7TpOoR3RV+QGGEREoK+OZB0TX6ft3Mbz3zPTNpubf
anTOWo3k3kQF4fEvaj4jlIGdQl3PaSjXnC4bDc6jOip2CPBfQoKr1Ie90aipLAtb
nyHHk3SbJwGrSIwczjzJL0NsLNaB9gkdvdW7BeK1jPicVvsybWnFHSqqBociIcjb
NMjimDcDG3bhRO534CxpHO9RTB6CCtQEqCoTpIjZR7ZELZXbz/cnV7JypBZ7AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU86fuN0Ztuq103CLdac2PN9+ZAicwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEkwDQYJKoZIhvcN
AQELBQADggEBAFgfPFnhHMVW/m1mhxHyIAiKmXmajjCyL43kbIzUMs/yCenJ9lqZ
oyN7Zbv+9eqCo0iNULOpLQphUPReLOiZsenpoQ0XUOJAjdZVbJsXZCPIQqDsgzYF
zdTx6Rp8rzjvxzeaMsDlAUqsew+gc5uiobhAO3PCPean4+Ipv9VUMw0gS95y+S+z
UxxRfOAStJgBsDKi1kMYwqkizXy9M7vBPex5LlwRRvtFZGOaK9YJEQXZfbf3UyJf
Ec4QtuV05ank8jkrAEBjZ3pDRLM1Lu0r+XZrdg7jFPXmJtcCrrN6na24hw8Lpa28
HXHmTVPBkZBT4K1jtGD/KU4Dqm4egKEdFII=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net