Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38382e302f32342d3234203d3e203137383835.roa
File: 3132312e35322e38382e302f32342d3234203d3e203137383835.roa (raw, json)
Hash identifier: RGMrannAmQHRnOETkdBEiGx51mTAEprF6MGbtB/hf/g=
Subject key identifier: EB:3E:37:BA:99:AD:07:D2:E3:9A:44:D7:6D:F2:D8:48:22:22:CB:45
Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Certificate serial: 6BCC29AF5E27EC10EBBC8AB4969C8D01B5952B5B
Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38382e302f32342d3234203d3e203137383835.roa
Signing time: Wed 13 Apr 2022 06:00:00 +0000
ROA not before: Wed 13 Apr 2022 05:55:00 +0000
ROA not after: Wed 12 Apr 2023 06:00:00 +0000
asID: 17885
IP address blocks: 121.52.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:cc:29:af:5e:27:ec:10:eb:bc:8a:b4:96:9c:8d:01:b5:95:2b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA
Validity
Not Before: Apr 13 05:55:00 2022 GMT
Not After : Apr 12 06:00:00 2023 GMT
Subject: CN=EB3E37BA99AD07D2E39A44D76DF2D8482222CB45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8d:cb:33:90:0a:41:9c:d1:e3:a7:85:f1:0b:
b4:27:75:b6:e2:ed:56:b5:c6:fd:63:b8:b5:a8:8a:
68:f5:e1:75:42:f1:36:49:41:c6:dd:f3:af:c3:48:
68:26:d3:22:f0:f3:60:a7:e5:dc:48:36:33:86:32:
b2:57:7d:2d:1f:66:48:fe:f2:1b:72:cd:1e:b4:94:
ba:a4:64:09:10:83:32:73:21:8f:8a:9a:60:f1:c1:
ae:09:8a:b8:7b:be:86:70:2a:64:69:2c:22:58:27:
99:fa:54:bd:66:de:b0:b2:4f:21:a5:60:bc:bd:f1:
d0:74:d9:96:a9:fa:c1:78:a2:18:0a:04:72:f2:1a:
30:87:94:cf:92:16:ec:13:4c:38:c6:cc:fd:10:63:
1d:49:50:3a:93:65:67:5f:04:5a:af:9e:a8:4c:75:
b5:7f:ae:cf:1a:a7:7a:27:5a:a4:7b:6f:b8:93:72:
54:da:ba:e7:dc:a8:a0:f0:d1:49:a6:b3:07:39:a2:
5d:fc:5a:84:ef:6b:2f:e6:04:f6:40:14:24:02:ee:
55:83:49:61:94:0f:19:51:dd:09:60:f4:f4:1d:55:
ca:c5:b1:1b:96:f5:07:f2:b5:97:c2:83:b3:ad:77:
74:9f:07:25:eb:04:83:d8:7c:b2:7c:a6:55:00:58:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3E:37:BA:99:AD:07:D2:E3:9A:44:D7:6D:F2:D8:48:22:22:CB:45
X509v3 Authority Key Identifier:
keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/3132312e35322e38382e302f32342d3234203d3e203137383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.52.88.0/24
Signature Algorithm: sha256WithRSAEncryption
04:66:03:24:67:5f:71:f1:13:38:23:47:67:85:a3:6b:ab:0f:
9e:de:b0:74:37:e0:73:46:19:e1:22:0a:e1:e7:75:df:16:a5:
92:2f:e2:b9:f9:f9:e3:99:24:76:f1:df:c2:b3:58:0d:9f:d3:
62:77:30:14:7c:62:b8:18:f1:c8:a4:a4:33:64:96:25:af:4d:
80:02:3c:ff:28:c0:e1:49:88:e7:bc:f0:9a:22:f0:40:16:73:
f9:ea:f7:fa:5a:52:2a:63:bc:25:df:29:49:27:0a:72:8c:7a:
5f:c4:2c:78:9b:14:c2:8a:e8:bd:c7:33:df:66:f3:58:36:e1:
67:15:c4:ed:b8:f7:c0:1b:d5:17:ed:18:a2:92:7b:96:c6:a4:
be:23:09:a4:ac:18:21:07:04:9e:34:d6:4f:1f:8a:66:be:63:
71:c1:c3:cb:62:ef:7f:f5:6e:2e:74:7b:64:b5:d2:b9:0e:e8:
fd:8d:69:ef:47:cd:88:92:86:96:22:2d:d3:fa:af:25:54:84:
e7:3d:6f:b9:65:4d:e2:40:dd:3b:a2:90:eb:54:2c:63:73:3b:
9b:22:27:6b:1b:80:2b:31:48:18:ea:d0:d7:05:c7:e7:ba:25:
84:78:04:7f:ed:98:22:1e:23:8f:63:ab:79:fa:db:e3:82:09:
e8:52:56:cd
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUa8wpr14n7BDrvIq0lpyNAbWVK1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw
OTU2ODdEQTAeFw0yMjA0MTMwNTU1MDBaFw0yMzA0MTIwNjAwMDBaMDMxMTAvBgNV
BAMTKEVCM0UzN0JBOTlBRDA3RDJFMzlBNDRENzZERjJEODQ4MjIyMkNCNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqjcszkApBnNHjp4XxC7Qndbbi
7Va1xv1juLWoimj14XVC8TZJQcbd86/DSGgm0yLw82Cn5dxINjOGMrJXfS0fZkj+
8htyzR60lLqkZAkQgzJzIY+KmmDxwa4Jirh7voZwKmRpLCJYJ5n6VL1m3rCyTyGl
YLy98dB02Zap+sF4ohgKBHLyGjCHlM+SFuwTTDjGzP0QYx1JUDqTZWdfBFqvnqhM
dbV/rs8ap3onWqR7b7iTclTauufcqKDw0Ummswc5ol38WoTvay/mBPZAFCQC7lWD
SWGUDxlR3Qlg9PQdVcrFsRuW9QfytZfCg7Otd3SfByXrBIPYfLJ8plUAWN3ZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU6z43upmtB9LjmkTXbfLYSCIiy0UwHwYDVR0j
BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG
MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2
ODdEQS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBhLWE0ZWMtNDlkYi1i
ZTg5LThkN2U3ZmMyYzIyNy8wLzMxMzIzMTJlMzUzMjJlMzgzODJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzczODM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB5NFgwDQYJKoZIhvcN
AQELBQADggEBAARmAyRnX3HxEzgjR2eFo2urD57esHQ34HNGGeEiCuHndd8WpZIv
4rn5+eOZJHbx38KzWA2f02J3MBR8YrgY8cikpDNkliWvTYACPP8owOFJiOe88Joi
8EAWc/nq9/paUipjvCXfKUknCnKMel/ELHibFMKK6L3HM99m81g24WcVxO2498Ab
1RftGKKSe5bGpL4jCaSsGCEHBJ401k8fima+Y3HBw8ti73/1bi50e2S10rkO6P2N
ae9HzYiShpYiLdP6ryVUhOc9b7llTeJA3TuikOtULGNzO5siJ2sbgCsxSBjq0NcF
x+e6JYR4BH/tmCIeI49jq3n62+OCCehSVs0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:34:42 2025 by rpki-client