Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37392e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e37392e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: 1VKzuJeGe9ZGEse/Myo1817dIsZo8LLl0hKNDFubhIg=
Subject key identifier: 3D:8E:17:F1:32:51:20:35:72:65:64:3A:84:74:C5:08:6C:04:7C:04
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 1982116D866BBD2AFE3A77873B27FBAE8374A5A4
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37392e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 04:00:00 +0000
ROA not before: Wed 13 Apr 2022 03:55:00 +0000
ROA not after: Wed 12 Apr 2023 04:00:00 +0000
asID: 17885
IP address blocks: 121.52.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:82:11:6d:86:6b:bd:2a:fe:3a:77:87:3b:27:fb:ae:83:74:a5:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 03:55:00 2022 GMT
Not After : Apr 12 04:00:00 2023 GMT
Subject: CN=3D8E17F1325120357265643A8474C5086C047C04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:94:31:46:91:ec:16:27:02:65:b5:37:66:b4:
51:c9:e3:28:47:dc:eb:94:ac:72:9e:18:ae:94:38:
59:16:2e:38:91:c0:be:72:d7:9a:86:6d:0c:b2:ca:
2a:b1:e3:e8:14:fe:ae:7e:d4:60:7c:26:f7:07:20:
e3:f5:b6:89:67:59:82:d2:5a:9a:97:d7:ee:65:07:
b4:c0:b1:34:8e:12:08:07:59:69:74:68:07:5b:b2:
b0:e9:a1:e7:5a:85:b9:60:f5:d4:61:71:bf:93:de:
7a:c7:be:37:6e:aa:15:8f:40:09:7c:07:38:d7:ca:
44:00:5e:ed:c7:10:bd:87:aa:0e:fd:7d:75:43:29:
a2:cd:6d:b2:3f:91:e5:bd:c2:e0:8d:a1:9b:55:75:
4d:76:c7:54:cd:3b:28:f0:aa:07:32:4a:03:77:58:
21:fa:b5:33:be:6d:5c:37:0e:f0:78:77:34:ac:60:
69:ba:a2:e7:12:10:f8:bf:8b:a9:64:01:69:15:25:
d2:97:d1:e1:d9:3b:07:4a:63:0c:d9:29:aa:25:ae:
2d:f9:e2:29:f2:50:0c:39:c1:68:1d:b4:52:16:b0:
24:3e:5b:30:1f:c7:53:30:00:13:c0:eb:35:40:77:
df:7e:06:05:77:15:6f:0e:1e:90:44:5c:cd:3a:c5:
d3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8E:17:F1:32:51:20:35:72:65:64:3A:84:74:C5:08:6C:04:7C:04
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e37392e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.79.0/24
Signature Algorithm: sha256WithRSAEncryption
25:53:18:20:be:de:9c:4e:8d:68:c9:e9:6e:4b:fd:8c:b3:05:
5e:11:59:41:62:72:f1:75:79:1b:f1:88:98:dc:77:75:93:7b:
cb:c9:77:84:29:0e:2f:60:0a:43:80:10:38:0a:70:7c:8d:94:
a5:2a:04:c2:19:92:33:08:1d:ae:16:97:cd:5e:64:24:87:a2:
22:ff:e9:e4:78:88:cd:cf:87:40:5e:12:fd:34:7b:bb:91:be:
56:0e:75:55:60:a4:e1:ed:67:bc:e2:c6:49:97:b8:61:ca:5b:
c7:1f:fa:ff:da:e3:13:b1:c7:9a:66:34:1b:e2:18:b7:b1:49:
fb:51:94:5c:f4:56:4b:91:1d:ab:09:e1:fb:85:a6:ff:c5:e4:
bf:91:07:28:0c:f3:d9:c1:1e:50:c7:12:33:88:7f:fe:8f:ce:
4c:05:b9:59:09:55:17:35:8c:72:ff:72:e2:77:89:84:e8:fc:
3a:1e:18:f4:0e:2c:e9:db:e2:14:41:d1:e9:f3:03:bf:32:16:
92:fb:7c:23:10:8c:14:90:9f:03:e4:6a:56:8a:50:32:a6:db:
09:7b:ff:3b:e2:47:bc:24:e5:01:d6:23:58:28:98:12:43:49:
c3:22:5e:c3:ba:15:3d:4c:4a:2a:ef:c3:d7:db:cc:45:91:f4:
cf:c1:49:69
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUGYIRbYZrvSr+OneHOyf7roN0paQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwMzU1MDBaFw0yMzA0MTIwNDAwMDBaMDMxMTAvBgNV
BAMTKDNEOEUxN0YxMzI1MTIwMzU3MjY1NjQzQTg0NzRDNTA4NkMwNDdDMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRlDFGkewWJwJltTdmtFHJ4yhH
3OuUrHKeGK6UOFkWLjiRwL5y15qGbQyyyiqx4+gU/q5+1GB8JvcHIOP1tolnWYLS
WpqX1+5lB7TAsTSOEggHWWl0aAdbsrDpoedahblg9dRhcb+T3nrHvjduqhWPQAl8
BzjXykQAXu3HEL2Hqg79fXVDKaLNbbI/keW9wuCNoZtVdU12x1TNOyjwqgcySgN3
WCH6tTO+bVw3DvB4dzSsYGm6oucSEPi/i6lkAWkVJdKX0eHZOwdKYwzZKaolri35
4inyUAw5wWgdtFIWsCQ+WzAfx1MwABPA6zVAd99+BgV3FW8OHpBEXM06xdMFAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUPY4X8TJRIDVyZWQ6hHTFCGwEfAQwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzczOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NE8wDQYJKoZIhvcN
AQELBQADggEBACVTGCC+3pxOjWjJ6W5L/YyzBV4RWUFicvF1eRvxiJjcd3WTe8vJ
d4QpDi9gCkOAEDgKcHyNlKUqBMIZkjMIHa4Wl81eZCSHoiL/6eR4iM3Ph0BeEv00
e7uRvlYOdVVgpOHtZ7zixkmXuGHKW8cf+v/a4xOxx5pmNBviGLexSftRlFz0VkuR
HasJ4fuFpv/F5L+RBygM89nBHlDHEjOIf/6PzkwFuVkJVRc1jHL/cuJ3iYTo/Doe
GPQOLOnb4hRB0enzA78yFpL7fCMQjBSQnwPkalaKUDKm2wl7/zviR7wk5QHWI1go
mBJDScMiXsO6FT1MSirvw9fbzEWR9M/BSWk=
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:21:35 2025 by rpki-client