Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37372e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37372e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 4QKEUAHrnsRkSdIf1OzxucWM9vrgW7lDujOgOgihiUA=
Subject key identifier: C8:65:CB:80:6F:DF:93:B9:34:C8:F1:A8:5C:46:7C:7C:24:6B:4B:B1
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 2F4174CC6400AB52DE23869E6C1229F675F39C8A
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37372e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:00 +0000
ROA not before: Wed 13 Apr 2022 03:55:00 +0000
ROA not after: Wed 12 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 121.52.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:41:74:cc:64:00:ab:52:de:23:86:9e:6c:12:29:f6:75:f3:9c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:00 2022 GMT
Not After : Apr 12 04:00:00 2023 GMT
Subject: CN=C865CB806FDF93B934C8F1A85C467C7C246B4BB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9a:d4:78:12:e8:dd:7b:bf:c2:18:ef:7e:35:
c4:95:c9:1c:d2:ba:e0:f0:76:b6:d6:dd:e8:33:85:
40:3e:8c:2d:34:5c:8d:ac:8d:af:b4:e5:fa:3f:42:
16:30:82:a1:cd:70:b6:c1:91:df:23:45:3a:96:3b:
da:cf:cb:b5:a8:9a:99:7e:3d:21:59:98:f6:48:3f:
41:9d:98:84:98:68:05:51:43:05:e0:f7:97:00:56:
3f:f1:a0:43:e8:f7:3f:20:76:56:39:c7:ce:ca:79:
89:f0:b9:f7:53:e6:2e:2d:53:69:ea:c5:1d:65:b8:
0e:15:eb:9c:77:ec:fa:db:ef:94:1a:d1:f7:a2:3c:
a8:3b:e2:cc:92:e1:2d:33:1a:f6:57:dc:45:8c:88:
2e:13:4a:79:0d:53:25:31:88:94:f8:9a:f8:c3:39:
26:fa:43:19:14:1e:b1:ff:f5:db:64:cd:d3:4f:3c:
bc:2f:fb:ac:40:f0:d2:ea:9d:bf:ba:48:a7:22:7e:
04:d4:05:b7:fb:71:3c:44:7d:99:6f:a3:0d:82:58:
7c:4b:d4:55:0d:8e:ea:04:24:e4:f4:36:42:1d:ab:
2f:cf:fa:d6:26:b9:07:8a:4f:e2:89:03:2d:e1:09:
cb:d5:d3:12:d5:41:54:47:69:68:8c:3b:b2:b4:9d:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:65:CB:80:6F:DF:93:B9:34:C8:F1:A8:5C:46:7C:7C:24:6B:4B:B1
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37372e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.77.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ba:db:f0:59:ae:b3:af:b9:a4:7c:4c:a2:24:e5:5a:7e:e8:
e9:32:c2:70:60:f8:22:d8:8c:30:97:64:ce:0d:d2:dc:ac:3d:
58:ad:2d:04:de:84:06:b4:c5:c7:93:45:d9:fe:23:4a:06:c9:
cc:e6:07:5a:8c:94:16:ec:e2:6f:c6:4a:39:82:6e:0f:d4:56:
38:45:59:12:0f:bd:5f:65:83:bc:7c:2d:12:41:17:db:c3:b4:
e3:7d:fe:cf:b5:70:54:7d:7c:e4:c2:70:43:28:5f:a1:e7:49:
20:91:03:2b:54:de:2d:af:65:28:b9:1f:ee:6d:83:9b:97:e8:
31:c6:f1:30:eb:c4:b9:57:a0:dd:2c:ba:4d:37:53:cc:ee:8a:
44:43:4a:1d:a6:29:19:5b:d1:7b:7f:ed:f1:eb:d6:41:8a:8c:
96:c7:cc:04:82:a4:ec:48:0e:18:b6:f5:6c:ba:59:88:d6:00:
fd:9c:10:33:1f:95:5c:1e:2f:ea:33:0b:a9:01:a1:6b:fc:44:
4e:18:52:83:d6:99:69:b9:af:a6:fe:d3:ee:35:f9:c1:5e:91:
0d:17:7a:f0:4e:fb:13:14:81:3c:bd:0b:e7:6c:b4:5f:ec:d7:
44:4e:1d:10:51:d8:52:d7:8c:2a:bb:9f:a5:5e:ba:33:eb:cd:
c3:8a:08:e0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUL0F0zGQAq1LeI4aebBIp9nXznIowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDBaFw0yMzA0MTIwNDAwMDBaMDMxMTAvBgNV
BAMTKEM4NjVDQjgwNkZERjkzQjkzNEM4RjFBODVDNDY3QzdDMjQ2QjRCQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtmtR4Eujde7/CGO9+NcSVyRzS
uuDwdrbW3egzhUA+jC00XI2sja+05fo/QhYwgqHNcLbBkd8jRTqWO9rPy7Wompl+
PSFZmPZIP0GdmISYaAVRQwXg95cAVj/xoEPo9z8gdlY5x87KeYnwufdT5i4tU2nq
xR1luA4V65x37Prb75Qa0feiPKg74syS4S0zGvZX3EWMiC4TSnkNUyUxiJT4mvjD
OSb6QxkUHrH/9dtkzdNPPLwv+6xA8NLqnb+6SKcifgTUBbf7cTxEfZlvow2CWHxL
1FUNjuoEJOT0NkIdqy/P+tYmuQeKT+KJAy3hCcvV0xLVQVRHaWiMO7K0nfkfAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUyGXLgG/fk7k0yPGoXEZ8fCRrS7EwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczNzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NE0wDQYJKoZIhvcN
AQELBQADggEBAEW62/BZrrOvuaR8TKIk5Vp+6OkywnBg+CLYjDCXZM4N0tysPVit
LQTehAa0xceTRdn+I0oGyczmB1qMlBbs4m/GSjmCbg/UVjhFWRIPvV9lg7x8LRJB
F9vDtON9/s+1cFR9fOTCcEMoX6HnSSCRAytU3i2vZSi5H+5tg5uX6DHG8TDrxLlX
oN0suk03U8zuikRDSh2mKRlb0Xt/7fHr1kGKjJbHzASCpOxIDhi29Wy6WYjWAP2c
EDMflVweL+ozC6kBoWv8RE4YUoPWmWm5r6b+0+41+cFekQ0XevBO+xMUgTy9C+ds
tF/s10ROHRBR2FLXjCq7n6VeujPrzcOKCOA=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net