Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37362e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37362e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: ZdGYBZ+71zpgvYejUtc2rVQ7KVZRjPFg65us5/grPHE=
Subject key identifier: B2:78:DC:EC:B9:5D:EF:36:48:57:06:1A:74:30:A9:52:EC:7C:61:DA
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 2E184D10F9CAE0758C1E33171000527EFDB22569
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37362e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:00 +0000
ROA not before: Wed 13 Apr 2022 03:55:00 +0000
ROA not after: Wed 12 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 121.52.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:18:4d:10:f9:ca:e0:75:8c:1e:33:17:10:00:52:7e:fd:b2:25:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:00 2022 GMT
Not After : Apr 12 04:00:00 2023 GMT
Subject: CN=B278DCECB95DEF364857061A7430A952EC7C61DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:fd:9c:d2:87:88:1e:60:01:ab:96:b6:dc:
7c:81:7d:6d:80:52:1a:f8:e1:70:d7:41:65:19:f4:
8b:40:ba:18:47:1c:f0:c5:5d:42:f2:97:3a:02:f8:
f6:ac:d7:d0:0d:2f:62:97:e8:34:80:7c:b9:bc:1b:
57:5c:1e:24:e7:3e:cc:30:a7:09:57:77:15:e1:ef:
1f:5e:1f:c6:ba:95:98:dc:1e:a6:76:85:53:46:52:
57:e8:0a:b6:e7:75:54:7d:0a:5e:9a:1a:53:53:52:
ed:98:c4:79:5c:a2:84:4f:63:99:28:1b:a3:d0:26:
44:16:aa:7e:6b:63:83:44:a9:90:d2:7c:79:c5:0f:
62:02:f5:67:9e:fb:8e:f8:83:9b:5a:bd:b6:53:3e:
0b:b8:84:df:e3:07:c6:36:61:22:a2:42:ff:80:d6:
97:1c:0a:ce:c2:db:6b:21:6b:80:2f:9d:09:b7:f9:
03:11:62:de:e6:69:28:11:52:6a:e0:0f:b4:b1:7a:
30:fd:52:8c:29:d5:60:78:04:a6:4e:c6:1f:bb:7a:
de:55:7c:dc:d9:23:0f:8b:49:55:1b:8a:9a:c2:73:
c8:6c:8b:15:48:1b:2b:5c:88:0a:a0:a5:dc:08:0f:
6c:cc:d0:bc:a8:0a:b6:82:ac:53:90:11:87:a9:eb:
fd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:78:DC:EC:B9:5D:EF:36:48:57:06:1A:74:30:A9:52:EC:7C:61:DA
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37362e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.76.0/24
Signature Algorithm: sha256WithRSAEncryption
07:6e:66:4c:d3:74:72:2b:8f:7b:3c:1f:6d:31:70:95:7a:f4:
84:90:34:1a:df:0a:eb:9b:a4:ee:88:eb:59:5e:89:a0:ca:e1:
21:ea:73:a9:37:13:5c:72:f1:3e:9d:80:fc:5d:58:79:07:9d:
e8:6c:29:57:82:65:3b:5f:d2:b9:d2:03:01:85:c8:98:70:6c:
09:d0:fc:9e:5c:58:a4:97:68:8e:f5:d7:93:a7:22:82:1d:14:
7e:6f:d3:83:f4:05:76:da:d8:7c:17:61:db:31:15:cb:93:91:
6e:0f:ee:22:65:31:2b:0e:7a:d6:09:6e:08:a0:b9:fe:bf:a9:
ea:84:8f:52:70:b0:f4:1d:64:7d:aa:8e:04:45:d6:df:60:50:
a3:ce:fc:34:5c:a8:6d:42:29:64:80:c6:c1:c8:66:fa:8c:f4:
b7:38:97:48:e3:db:36:4a:bc:7c:da:48:9b:df:33:c4:d7:0c:
07:61:2a:4f:84:bb:5c:30:d6:67:a9:57:3f:d9:c8:4f:ee:c7:
b2:c4:e1:fa:5b:04:c0:97:86:68:93:31:39:b6:86:20:00:b4:
08:9e:10:2a:75:90:42:8c:ae:be:6e:32:fa:ed:4b:f4:ef:a0:
00:ec:7f:94:0b:b5:55:d2:4d:13:90:a8:b4:e3:da:b3:fc:64:
99:2b:26:0c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIULhhNEPnK4HWMHjMXEABSfv2yJWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDBaFw0yMzA0MTIwNDAwMDBaMDMxMTAvBgNV
BAMTKEIyNzhEQ0VDQjk1REVGMzY0ODU3MDYxQTc0MzBBOTUyRUM3QzYxREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrrP2c0oeIHmABq5a23HyBfW2A
Uhr44XDXQWUZ9ItAuhhHHPDFXULylzoC+Pas19ANL2KX6DSAfLm8G1dcHiTnPsww
pwlXdxXh7x9eH8a6lZjcHqZ2hVNGUlfoCrbndVR9Cl6aGlNTUu2YxHlcooRPY5ko
G6PQJkQWqn5rY4NEqZDSfHnFD2IC9Wee+474g5tavbZTPgu4hN/jB8Y2YSKiQv+A
1pccCs7C22sha4AvnQm3+QMRYt7maSgRUmrgD7SxejD9Uowp1WB4BKZOxh+7et5V
fNzZIw+LSVUbiprCc8hsixVIGytciAqgpdwID2zM0LyoCraCrFOQEYep6/3NAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUsnjc7Lld7zZIVwYadDCpUux8YdowHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEwwDQYJKoZIhvcN
AQELBQADggEBAAduZkzTdHIrj3s8H20xcJV69ISQNBrfCuubpO6I61leiaDK4SHq
c6k3E1xy8T6dgPxdWHkHnehsKVeCZTtf0rnSAwGFyJhwbAnQ/J5cWKSXaI7115On
IoIdFH5v04P0BXba2HwXYdsxFcuTkW4P7iJlMSsOetYJbgiguf6/qeqEj1JwsPQd
ZH2qjgRF1t9gUKPO/DRcqG1CKWSAxsHIZvqM9Lc4l0jj2zZKvHzaSJvfM8TXDAdh
Kk+Eu1ww1mepVz/ZyE/ux7LE4fpbBMCXhmiTMTm2hiAAtAieECp1kEKMrr5uMvrt
S/TvoADsf5QLtVXSTROQqLTj2rP8ZJkrJgw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net