Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39312e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e39312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: p5u4FsJxUVMTUSCMTVs0m5auMkJkJYANsjra+jdtPio=
Subject key identifier: FD:08:E4:8D:D3:74:00:E0:39:B7:6C:4F:17:C5:03:CC:AA:74:1B:09
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 0EC9D93DC978499C1340AA7BB62A402015C4DBC4
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39312e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 08:00:00 +0000
ROA not before: Wed 13 Apr 2022 07:55:00 +0000
ROA not after: Wed 12 Apr 2023 08:00:00 +0000
asID: 17885
IP address blocks: 121.52.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:c9:d9:3d:c9:78:49:9c:13:40:aa:7b:b6:2a:40:20:15:c4:db:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 07:55:00 2022 GMT
Not After : Apr 12 08:00:00 2023 GMT
Subject: CN=FD08E48DD37400E039B76C4F17C503CCAA741B09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:bb:8f:2d:fb:98:88:3b:ef:46:4b:57:5b:
f0:58:5f:23:00:ac:7e:73:78:ea:05:4d:bc:fa:a4:
54:08:d8:2d:a1:2c:0b:41:1d:c6:ed:fa:45:20:6e:
10:12:a5:c8:89:09:ee:3f:d5:9b:8f:bb:a7:0e:85:
0d:c1:a6:52:fe:3b:02:fc:7c:c1:c8:9f:cf:a2:52:
2d:0e:79:cb:b0:c3:cd:d5:68:68:c6:fc:ac:51:0e:
7d:1b:3a:a1:25:52:f4:ee:6f:62:dc:38:c6:be:33:
92:32:62:2d:99:8d:d5:f2:b9:42:4c:a5:5c:3e:c6:
3a:e9:1b:34:a8:98:b1:06:fb:a8:ee:af:e7:3d:e0:
25:28:08:91:70:ea:80:9d:1d:58:f1:86:bc:2e:35:
18:8a:af:02:b3:5f:32:a3:b0:c7:28:21:f8:59:58:
96:89:ee:74:2c:0d:d7:9e:c7:29:01:ec:e2:a9:45:
07:60:e7:cb:b4:cc:b8:e7:10:5e:8a:19:31:6b:5e:
26:e7:e7:b1:f4:d3:b7:b9:bf:71:06:b4:41:6d:50:
ec:20:b9:e7:7e:b5:4d:88:1f:39:f2:ec:69:bf:3f:
3a:fa:86:cc:30:6c:db:0e:70:58:a0:56:70:31:c2:
a3:fb:48:20:bf:a3:cb:3d:55:0a:71:a0:b8:8a:ff:
ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:08:E4:8D:D3:74:00:E0:39:B7:6C:4F:17:C5:03:CC:AA:74:1B:09
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e39312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.91.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e7:c9:1f:47:9c:a4:aa:83:e2:06:8a:bb:74:77:46:81:50:
b0:27:a3:94:8b:4a:7e:57:17:d0:a8:5b:c9:63:12:9b:9d:4a:
5b:dd:7f:a0:b8:19:8c:ee:75:74:02:fe:d4:53:5d:46:17:f9:
f1:78:35:f7:43:22:f5:b2:e9:79:82:f6:d1:96:8a:1e:de:20:
fa:7c:7e:9b:c8:c2:2e:20:49:e2:1e:30:9c:af:86:e8:ce:f6:
6d:74:31:b0:c5:5c:6e:be:b9:2f:66:24:d3:d7:8a:a9:ec:1a:
d1:20:be:0c:bb:e2:20:cb:43:f1:09:e1:79:a6:09:6f:61:7e:
9a:8d:76:23:88:f6:08:0b:de:6d:f5:5f:34:61:fa:ac:ff:1f:
15:d4:e0:ed:92:70:95:cb:80:47:a1:31:bc:0d:da:5e:b7:c7:
a8:e8:28:10:07:7e:44:26:17:5a:ed:d1:c1:85:66:76:9a:c8:
87:04:26:fb:02:ac:27:bf:2d:2d:de:63:ea:88:cf:19:ee:b9:
de:da:27:04:d8:59:98:2e:75:0b:fe:fc:97:09:64:a9:de:69:
b0:ed:2e:8d:96:62:1e:5d:a4:cd:90:96:9c:67:b8:07:53:18:
9b:57:84:71:79:a9:8b:8a:e0:1d:26:e1:8f:b3:a4:99:4d:06:
7c:e0:1b:e4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUDsnZPcl4SZwTQKp7tipAIBXE28QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwNzU1MDBaFw0yMzA0MTIwODAwMDBaMDMxMTAvBgNV
BAMTKEZEMDhFNDhERDM3NDAwRTAzOUI3NkM0RjE3QzUwM0NDQUE3NDFCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxeruPLfuYiDvvRktXW/BYXyMA
rH5zeOoFTbz6pFQI2C2hLAtBHcbt+kUgbhASpciJCe4/1ZuPu6cOhQ3BplL+OwL8
fMHIn8+iUi0Oecuww83VaGjG/KxRDn0bOqElUvTub2LcOMa+M5IyYi2ZjdXyuUJM
pVw+xjrpGzSomLEG+6jur+c94CUoCJFw6oCdHVjxhrwuNRiKrwKzXzKjsMcoIfhZ
WJaJ7nQsDdeexykB7OKpRQdg58u0zLjnEF6KGTFrXibn57H007e5v3EGtEFtUOwg
ued+tU2IHzny7Gm/Pzr6hswwbNsOcFigVnAxwqP7SCC/o8s9VQpxoLiK/60tAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU/QjkjdN0AOA5t2xPF8UDzKp0GwkwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzkzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NFswDQYJKoZIhvcN
AQELBQADggEBADrnyR9HnKSqg+IGirt0d0aBULAno5SLSn5XF9CoW8ljEpudSlvd
f6C4GYzudXQC/tRTXUYX+fF4NfdDIvWy6XmC9tGWih7eIPp8fpvIwi4gSeIeMJyv
hujO9m10MbDFXG6+uS9mJNPXiqnsGtEgvgy74iDLQ/EJ4XmmCW9hfpqNdiOI9ggL
3m31XzRh+qz/HxXU4O2ScJXLgEehMbwN2l63x6joKBAHfkQmF1rt0cGFZnaayIcE
JvsCrCe/LS3eY+qIzxnuud7aJwTYWZgudQv+/JcJZKneabDtLo2WYh5dpM2Qlpxn
uAdTGJtXhHF5qYuK4B0m4Y+zpJlNBnzgG+Q=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:34:18 2023 by rpki-client on console.sobornost.net