Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38342e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e38342e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: ewlN5Z8rGDpjilzBubC2ymOG2uNofwn5tgQIReqCU30=
Subject key identifier: 75:40:E7:79:ED:0F:6B:FF:01:F5:1A:B4:8B:00:4E:1B:51:3F:7E:80
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 53CE7F6CCBEFA926684ACFC85A93B4FF38570BD6
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38342e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 06:00:00 +0000
ROA not before: Wed 13 Apr 2022 05:55:00 +0000
ROA not after: Wed 12 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 121.52.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ce:7f:6c:cb:ef:a9:26:68:4a:cf:c8:5a:93:b4:ff:38:57:0b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 05:55:00 2022 GMT
Not After : Apr 12 06:00:00 2023 GMT
Subject: CN=7540E779ED0F6BFF01F51AB48B004E1B513F7E80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:65:4a:fc:58:fb:d7:84:82:f7:c1:b8:5f:c0:
bd:7e:2d:fd:76:28:81:7b:b0:6a:68:1b:63:69:c6:
a2:b9:13:44:56:86:5c:ce:3c:f8:60:72:29:f2:fb:
46:d5:bd:9b:0d:80:53:d9:50:cb:cd:46:b8:57:0f:
16:84:f1:e1:50:10:0a:b8:01:0c:f3:9c:3e:b8:96:
d7:4b:d0:ff:af:61:9d:21:5e:35:9a:79:65:5f:f1:
59:11:6a:75:35:df:46:1e:ee:37:da:bc:ae:a5:29:
65:3d:40:34:34:95:65:77:3a:63:df:2a:5a:d0:ca:
44:c1:af:41:f3:9f:6e:fb:3d:eb:65:91:7a:cf:50:
06:a0:db:98:24:0d:d5:32:c2:89:b5:9d:ad:65:3c:
91:3a:f7:51:f7:30:25:14:8a:aa:46:8b:88:29:59:
be:b3:b5:fa:43:73:ec:0e:36:73:03:69:9b:61:d7:
b2:5b:f8:b9:c3:18:ce:a6:b4:40:d1:5a:16:0b:fd:
77:61:e3:0e:fc:d9:16:8c:4d:8d:a5:59:33:9c:0a:
22:0a:aa:59:9e:84:6f:10:da:57:88:89:78:03:34:
f7:86:f2:90:d4:34:64:c1:12:bb:60:1f:1b:0a:dc:
dc:32:8e:2b:8b:93:5d:6e:ee:73:ca:34:7d:f7:88:
11:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:40:E7:79:ED:0F:6B:FF:01:F5:1A:B4:8B:00:4E:1B:51:3F:7E:80
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38342e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.84.0/24
Signature Algorithm: sha256WithRSAEncryption
35:23:f3:78:aa:b5:ea:e4:48:00:f1:0e:99:2c:e5:3d:e2:05:
ba:04:a8:8d:77:9f:e1:af:4a:5a:6d:f6:6e:cf:95:e3:f7:d6:
f7:7f:7c:a1:b8:92:25:02:a0:c6:9f:18:75:1e:45:fa:4c:2f:
b7:ac:21:9e:a5:af:4a:28:3b:d0:8a:00:a2:8b:35:7e:32:8a:
11:cb:75:d7:a5:80:d3:79:99:b0:0b:97:77:8f:42:76:09:6b:
78:27:82:3f:67:e9:80:f8:b4:f0:35:cf:d8:b1:ea:e6:44:12:
ad:09:b1:71:cc:3d:21:de:d0:6c:44:41:61:cf:e9:a8:43:66:
55:91:6c:28:e7:26:86:83:34:02:9f:38:7c:66:9f:b1:f9:de:
b2:54:24:0d:b2:95:36:08:23:1e:5b:76:30:2b:c2:9b:65:ba:
f1:02:e8:6f:2f:ff:c7:ee:3b:67:6a:95:83:0c:27:90:9e:8c:
d3:de:aa:a9:e9:14:ed:7e:8e:f6:07:ef:7d:3f:98:13:95:a4:
e5:93:c8:f0:f7:a6:0d:09:39:77:17:90:3a:a2:92:82:5e:39:
4c:ed:65:70:80:28:c2:97:c1:96:d1:9a:91:00:f1:37:b7:af:
ad:58:5d:db:df:04:f9:94:93:61:c7:d3:c9:21:3e:15:bd:8c:
5e:05:60:76
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUU85/bMvvqSZoSs/IWpO0/zhXC9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwNTU1MDBaFw0yMzA0MTIwNjAwMDBaMDMxMTAvBgNV
BAMTKDc1NDBFNzc5RUQwRjZCRkYwMUY1MUFCNDhCMDA0RTFCNTEzRjdFODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ZUr8WPvXhIL3wbhfwL1+Lf12
KIF7sGpoG2NpxqK5E0RWhlzOPPhgciny+0bVvZsNgFPZUMvNRrhXDxaE8eFQEAq4
AQzznD64ltdL0P+vYZ0hXjWaeWVf8VkRanU130Ye7jfavK6lKWU9QDQ0lWV3OmPf
KlrQykTBr0Hzn277PetlkXrPUAag25gkDdUywom1na1lPJE691H3MCUUiqpGi4gp
Wb6ztfpDc+wONnMDaZth17Jb+LnDGM6mtEDRWhYL/Xdh4w782RaMTY2lWTOcCiIK
qlmehG8Q2leIiXgDNPeG8pDUNGTBErtgHxsK3NwyjiuLk11u7nPKNH33iBGlAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUdUDnee0Pa/8B9Rq0iwBOG1E/foAwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzgzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NFQwDQYJKoZIhvcN
AQELBQADggEBADUj83iqterkSADxDpks5T3iBboEqI13n+GvSlpt9m7PleP31vd/
fKG4kiUCoMafGHUeRfpML7esIZ6lr0ooO9CKAKKLNX4yihHLddelgNN5mbALl3eP
QnYJa3gngj9n6YD4tPA1z9ix6uZEEq0JsXHMPSHe0GxEQWHP6ahDZlWRbCjnJoaD
NAKfOHxmn7H53rJUJA2ylTYIIx5bdjArwptluvEC6G8v/8fuO2dqlYMMJ5CejNPe
qqnpFO1+jvYH730/mBOVpOWTyPD3pg0JOXcXkDqikoJeOUztZXCAKMKXwZbRmpEA
8Te3r61YXdvfBPmUk2HH08khPhW9jF4FYHY=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net