Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37312e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37312e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: Yk44fj9tsgeSZ5A8snn0TWsbYq+NWPa6Qrv3iQ3pOj4=
Subject key identifier: 44:CE:F6:B4:55:DE:55:97:99:85:2D:29:28:E1:87:EA:7C:C2:E2:D7
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 384D52DF93152C74EEF6DE2E2999F23F439F40DC
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37312e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:00 +0000
ROA not before: Wed 13 Apr 2022 03:55:00 +0000
ROA not after: Wed 12 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 121.52.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4d:52:df:93:15:2c:74:ee:f6:de:2e:29:99:f2:3f:43:9f:40:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:00 2022 GMT
Not After : Apr 12 04:00:00 2023 GMT
Subject: CN=44CEF6B455DE559799852D2928E187EA7CC2E2D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:6b:b3:b1:12:a2:e6:77:b8:d3:4d:66:ad:
85:22:f6:f1:70:38:bf:65:72:f4:d4:c8:70:66:7b:
a2:69:c3:04:42:84:f4:ea:4c:f0:5a:e5:e2:e0:1e:
06:5f:ab:19:75:05:c7:c5:55:cd:52:9a:3e:66:3a:
b5:c6:f2:cf:d7:50:d3:32:45:dc:62:04:91:e1:da:
e8:48:e3:07:94:6d:71:03:4a:45:0b:93:26:95:8b:
8b:2a:27:e5:5e:c5:91:4e:f4:01:b8:70:39:3a:54:
9a:31:6d:4b:5e:42:1b:03:f6:ab:8f:06:5a:01:14:
0c:4a:b7:dd:40:89:4c:5b:e5:d9:e2:8c:7d:fa:c9:
de:a0:5c:62:34:90:89:9e:3b:88:7e:15:ff:38:f9:
48:a5:3d:e9:bb:70:a4:33:8b:b6:5f:85:ac:70:e3:
31:61:47:db:d3:4f:f2:2f:0a:a2:cb:09:a0:55:52:
14:aa:48:99:20:08:9d:43:26:bb:c8:87:3d:03:26:
b8:93:8f:b3:de:50:30:2c:b2:2b:b3:01:be:e1:6c:
70:bc:ab:93:7d:f8:cf:ee:9d:17:1c:c4:f3:26:70:
8a:d6:7e:e6:53:aa:75:0b:60:21:02:43:0d:f2:78:
51:6d:fd:8d:d3:09:3a:49:4b:c6:d2:19:91:e8:56:
39:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CE:F6:B4:55:DE:55:97:99:85:2D:29:28:E1:87:EA:7C:C2:E2:D7
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37312e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.71.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b5:d9:1a:f8:0d:8b:55:f4:9c:26:c3:c7:90:0a:52:ae:7c:
7d:0d:6b:06:e7:70:99:94:0d:28:77:b8:ad:94:20:9b:0f:ab:
90:bb:12:0c:a5:7a:5b:48:45:c6:0a:ce:6e:39:0a:1f:c0:94:
f7:ee:34:5a:1a:b3:52:db:19:da:22:b1:d8:5f:b5:b2:26:52:
1b:a5:05:50:b8:35:ba:da:28:8f:b8:04:d1:95:9b:e9:54:f6:
40:ab:55:54:3e:fc:16:73:6f:14:11:af:e6:29:f1:dd:b8:e2:
f3:4f:e4:5f:5a:61:01:02:64:f0:71:63:86:88:52:07:28:b0:
63:e4:bd:1a:96:65:28:ce:f5:41:de:d9:bf:7c:4c:09:77:90:
d4:78:60:45:9d:76:93:d2:1d:3f:5d:c5:51:dc:96:d5:19:c2:
e6:13:8d:23:fe:f2:7f:64:15:8e:44:e4:dc:e5:3f:31:e7:4c:
36:5e:a4:24:05:02:1b:55:9f:f7:09:d4:2e:ab:89:55:d0:af:
ec:ea:0a:ba:23:2d:49:b8:c2:e5:de:18:4f:e8:c1:28:af:96:
2b:39:a4:09:5c:5c:82:25:61:cd:82:ea:a3:21:c5:f3:e1:87:
64:f0:3f:58:63:ca:5d:27:d2:ce:93:8e:4e:be:09:3f:5c:57:
0b:0c:66:aa
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUOE1S35MVLHTu9t4uKZnyP0OfQNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDBaFw0yMzA0MTIwNDAwMDBaMDMxMTAvBgNV
BAMTKDQ0Q0VGNkI0NTVERTU1OTc5OTg1MkQyOTI4RTE4N0VBN0NDMkUyRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCytmuzsRKi5ne4001mrYUi9vFw
OL9lcvTUyHBme6JpwwRChPTqTPBa5eLgHgZfqxl1BcfFVc1Smj5mOrXG8s/XUNMy
RdxiBJHh2uhI4weUbXEDSkULkyaVi4sqJ+VexZFO9AG4cDk6VJoxbUteQhsD9quP
BloBFAxKt91AiUxb5dnijH36yd6gXGI0kImeO4h+Ff84+UilPem7cKQzi7Zfhaxw
4zFhR9vTT/IvCqLLCaBVUhSqSJkgCJ1DJrvIhz0DJriTj7PeUDAssiuzAb7hbHC8
q5N9+M/unRccxPMmcIrWfuZTqnULYCECQw3yeFFt/Y3TCTpJS8bSGZHoVjmnAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQURM72tFXeVZeZhS0pKOGH6nzC4tcwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NEcwDQYJKoZIhvcN
AQELBQADggEBAKG12Rr4DYtV9Jwmw8eQClKufH0NawbncJmUDSh3uK2UIJsPq5C7
EgyleltIRcYKzm45Ch/AlPfuNFoas1LbGdoisdhftbImUhulBVC4NbraKI+4BNGV
m+lU9kCrVVQ+/BZzbxQRr+Yp8d244vNP5F9aYQECZPBxY4aIUgcosGPkvRqWZSjO
9UHe2b98TAl3kNR4YEWddpPSHT9dxVHcltUZwuYTjSP+8n9kFY5E5NzlPzHnTDZe
pCQFAhtVn/cJ1C6riVXQr+zqCrojLUm4wuXeGE/owSivlis5pAlcXIIlYc2C6qMh
xfPhh2TwP1hjyl0n0s6Tjk6+CT9cVwsMZqo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:21:23 2025 by rpki-client