Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38392e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e38392e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: aNDr7DsEo9zJQilpJJ5MYIgx0+Dbm9BMWffyCXk4lwk=
Subject key identifier: 8E:CD:0C:10:5A:A6:D9:B2:91:74:2D:B3:11:5F:19:22:65:87:75:0F
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 0484EB0B6932F0835B339C2675C4C17729D7A64B
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38392e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 06:00:00 +0000
ROA not before: Wed 13 Apr 2022 05:55:00 +0000
ROA not after: Wed 12 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 121.52.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:84:eb:0b:69:32:f0:83:5b:33:9c:26:75:c4:c1:77:29:d7:a6:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 05:55:00 2022 GMT
Not After : Apr 12 06:00:00 2023 GMT
Subject: CN=8ECD0C105AA6D9B291742DB3115F19226587750F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:22:31:13:4b:63:87:29:5d:ce:b1:cd:9a:65:
19:89:28:44:2d:d9:9d:e9:1b:59:1a:cd:51:ff:d7:
01:d8:75:9c:f7:1f:a5:23:f0:67:cc:fc:1a:4e:52:
64:5a:15:82:63:8f:11:4d:a3:4b:19:ff:18:ba:3d:
f9:72:e0:07:19:91:bb:a6:94:a9:13:9c:59:fc:e5:
1c:1f:55:c8:8e:b4:f6:e9:e3:56:de:90:4c:6f:dc:
dd:7b:c8:db:35:bd:c6:e6:6d:0b:fc:65:cf:75:a7:
53:8d:c2:a3:39:d3:3d:07:62:71:97:ae:5e:96:67:
47:60:e6:72:c6:52:ee:44:c8:0c:af:61:af:86:83:
15:7f:07:fb:21:e5:37:0d:c8:f5:7d:4f:eb:44:7f:
bf:b9:ca:1e:d7:64:28:4d:3c:d9:d7:69:1d:46:93:
cf:33:19:d6:09:5e:04:63:f9:42:f0:71:db:23:74:
ba:5e:33:6f:50:af:b7:a0:27:a5:be:69:a4:a8:66:
6f:d1:47:b8:1e:14:7e:0c:9f:1a:f1:cc:17:6d:14:
0a:be:19:f4:00:6e:2e:fb:11:1e:f5:da:57:ed:dc:
cc:91:6a:f4:b4:6c:05:75:cc:ed:b8:fc:75:91:5e:
49:63:71:b1:40:46:72:80:b1:92:b2:32:6f:d9:d5:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:0C:10:5A:A6:D9:B2:91:74:2D:B3:11:5F:19:22:65:87:75:0F
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38392e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f9:b6:59:a2:0f:88:83:d1:b4:33:07:48:70:b7:93:86:6d:
ec:b7:64:45:9f:f3:c6:be:49:4c:9c:34:0c:df:49:4d:19:8f:
9e:f0:fb:0e:e8:db:ed:07:87:db:8c:89:9b:9f:b6:54:a9:7a:
69:89:c4:66:32:7a:30:27:02:a1:0e:5f:61:cf:ef:25:95:f1:
18:bb:d0:3f:a1:f7:fb:22:3d:3e:c6:ae:ed:5f:78:86:62:81:
95:f1:26:5f:d9:3d:a6:ba:e6:96:db:94:25:0a:91:a0:0e:94:
53:63:2e:7a:df:a3:72:7e:ce:ed:69:3e:92:30:39:df:e8:a5:
f0:07:fc:82:f4:22:27:4b:d0:35:8c:53:15:7b:10:b8:e7:1b:
80:83:b9:9b:f6:ee:f3:7c:76:3d:db:79:1a:eb:2d:4e:c7:8d:
16:2e:6e:fc:7b:14:b3:aa:65:73:c1:d9:b2:2d:80:a9:1e:c4:
8f:ac:36:de:08:14:c8:c1:14:32:e3:a1:93:71:97:97:b5:1e:
e7:11:de:8d:5e:4a:36:cb:7a:41:63:b3:41:fd:0d:e2:c1:af:
1c:bb:c3:0a:df:51:8a:da:cc:25:bd:b7:2e:9b:30:6e:01:d2:
3d:9e:88:dd:30:6a:4d:73:ac:fd:db:f1:a6:b4:89:3c:e8:a2:
57:cf:9e:fc
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBITrC2ky8INbM5wmdcTBdynXpkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwNTU1MDBaFw0yMzA0MTIwNjAwMDBaMDMxMTAvBgNV
BAMTKDhFQ0QwQzEwNUFBNkQ5QjI5MTc0MkRCMzExNUYxOTIyNjU4Nzc1MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGIjETS2OHKV3Osc2aZRmJKEQt
2Z3pG1kazVH/1wHYdZz3H6Uj8GfM/BpOUmRaFYJjjxFNo0sZ/xi6Pfly4AcZkbum
lKkTnFn85RwfVciOtPbp41bekExv3N17yNs1vcbmbQv8Zc91p1ONwqM50z0HYnGX
rl6WZ0dg5nLGUu5EyAyvYa+GgxV/B/sh5TcNyPV9T+tEf7+5yh7XZChNPNnXaR1G
k88zGdYJXgRj+ULwcdsjdLpeM29Qr7egJ6W+aaSoZm/RR7geFH4MnxrxzBdtFAq+
GfQAbi77ER712lft3MyRavS0bAV1zO24/HWRXkljcbFARnKAsZKyMm/Z1VCBAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUjs0MEFqm2bKRdC2zEV8ZImWHdQ8wHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzgzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NFkwDQYJKoZIhvcN
AQELBQADggEBAGv5tlmiD4iD0bQzB0hwt5OGbey3ZEWf88a+SUycNAzfSU0Zj57w
+w7o2+0Hh9uMiZuftlSpemmJxGYyejAnAqEOX2HP7yWV8Ri70D+h9/siPT7Gru1f
eIZigZXxJl/ZPaa65pbblCUKkaAOlFNjLnrfo3J+zu1pPpIwOd/opfAH/IL0IidL
0DWMUxV7ELjnG4CDuZv27vN8dj3beRrrLU7HjRYubvx7FLOqZXPB2bItgKkexI+s
Nt4IFMjBFDLjoZNxl5e1HucR3o1eSjbLekFjs0H9DeLBrxy7wwrfUYrazCW9ty6b
MG4B0j2eiN0wak1zrP3b8aa0iTzoolfPnvw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net