Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66333a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a66333a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: 4Em0V+m9FBvp9hbf05cbhKy+EcWnrRZ+5UUic48SBQY=
Subject key identifier: 5F:A9:40:D2:03:C7:3A:25:EF:BB:95:EF:F2:1A:2C:C9:0C:07:23:2B
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 7045CA425F8DE9513FBE43C0ED80B3ED23D94535
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66333a3a2f34382d3438203d3e203539323832.roa
Signing time: Sun 13 Jul 2025 11:46:09 +0000
ROA not before: Sun 13 Jul 2025 11:41:09 +0000
ROA not after: Sun 12 Jul 2026 11:46:09 +0000
asID: 59282
IP address blocks: 2400:d680:f3::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Jul 2025 21:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:45:ca:42:5f:8d:e9:51:3f:be:43:c0:ed:80:b3:ed:23:d9:45:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Jul 13 11:41:09 2025 GMT
Not After : Jul 12 11:46:09 2026 GMT
Subject: CN=5FA940D203C73A25EFBB95EFF21A2CC90C07232B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:48:7d:23:a8:0f:99:7a:44:8a:44:8d:49:
b2:2d:92:9b:6f:dd:fe:85:d4:c5:4c:26:d8:c0:99:
3d:ef:6c:97:bc:fa:b6:1b:b5:94:18:20:dd:2e:73:
04:de:b6:58:aa:c4:e3:39:df:8d:1a:85:31:ac:c4:
54:07:ad:71:51:f1:4d:a8:95:c4:31:92:7b:63:b0:
65:31:57:ec:9f:b7:6e:5d:64:ab:cd:54:21:d0:e3:
be:4e:0b:e1:18:72:0e:32:3a:9e:e6:d1:e9:07:06:
77:2e:80:c5:d2:9d:de:ea:5a:6d:eb:72:bf:4a:05:
80:86:0b:bb:e5:6d:8d:0d:4d:cd:24:3c:02:56:28:
66:d2:ef:e6:55:48:e4:68:27:68:ee:41:a6:58:dd:
e0:59:1a:a4:06:2d:77:7a:24:7d:6e:09:82:a0:b7:
02:e8:dc:3f:6a:a5:f4:22:2e:7b:d4:09:1b:62:4d:
d7:5a:8a:cf:8a:da:95:8c:bd:17:35:66:4d:92:5d:
c9:6d:f3:f9:e6:3e:43:6e:c9:10:e5:12:6a:e5:20:
87:46:04:fd:c0:cc:4d:e8:78:55:21:64:33:51:7d:
3a:fd:81:01:09:8c:a4:00:1c:6e:56:51:67:aa:a1:
7a:13:4d:63:be:54:77:03:ef:ea:65:b8:6a:18:4f:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A9:40:D2:03:C7:3A:25:EF:BB:95:EF:F2:1A:2C:C9:0C:07:23:2B
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66333a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:f3::/48
Signature Algorithm: sha256WithRSAEncryption
67:f3:1f:7f:e9:fd:a5:0a:34:91:1b:15:12:08:dd:fd:03:13:
f7:3d:a3:31:1d:39:be:d8:91:7a:11:27:7a:df:c3:a4:bc:bd:
35:5a:09:ea:10:a6:e9:af:8b:84:39:7e:63:84:59:32:56:02:
34:38:0a:a8:b5:3c:ba:8c:04:31:27:29:e2:7c:bc:52:30:e1:
2b:9e:0b:44:ca:f4:dc:0f:7e:73:84:92:7b:43:95:71:f6:3d:
0e:80:b4:7a:1b:e9:b9:86:43:9c:dc:8d:bf:32:4f:b2:80:4b:
c7:78:e6:90:4e:00:57:bf:77:58:34:31:b3:86:51:bf:35:e1:
22:5b:94:d2:e2:90:83:f6:29:e3:56:ac:1e:de:66:d6:8e:3a:
50:37:05:1b:54:19:95:c8:f9:01:77:d9:1a:f9:d5:0f:14:64:
a9:ac:3d:6b:9f:cf:b4:d9:cc:9f:53:a9:5c:93:4a:df:52:b4:
56:99:07:08:58:a3:4b:fb:e6:dd:84:7d:54:ba:a1:2c:51:2f:
96:7a:60:9c:1b:c9:b9:d9:65:18:f2:ad:8a:f1:58:a2:d8:e3:
47:1f:cf:ad:e6:75:e6:8e:79:d6:cd:7b:e3:47:82:38:81:68:
48:63:ab:97:e5:50:0a:23:92:d9:5d:fe:f1:9f:ba:e0:9b:dd:
f1:d7:4f:bb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcEXKQl+N6VE/vkPA7YCz7SPZRTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yNTA3MTMxMTQxMDlaFw0yNjA3MTIxMTQ2MDlaMDMxMTAvBgNV
BAMTKDVGQTk0MEQyMDNDNzNBMjVFRkJCOTVFRkYyMUEyQ0M5MEMwNzIzMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkqEh9I6gPmXpEikSNSbItkptv
3f6F1MVMJtjAmT3vbJe8+rYbtZQYIN0ucwTetliqxOM5340ahTGsxFQHrXFR8U2o
lcQxkntjsGUxV+yft25dZKvNVCHQ475OC+EYcg4yOp7m0ekHBncugMXSnd7qWm3r
cr9KBYCGC7vlbY0NTc0kPAJWKGbS7+ZVSORoJ2juQaZY3eBZGqQGLXd6JH1uCYKg
twLo3D9qpfQiLnvUCRtiTddais+K2pWMvRc1Zk2SXclt8/nmPkNuyRDlEmrlIIdG
BP3AzE3oeFUhZDNRfTr9gQEJjKQAHG5WUWeqoXoTTWO+VHcD7+pluGoYT0e1AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUX6lA0gPHOiXvu5Xv8hosyQwHIyswHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhNjYzMzNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAAPMw
DQYJKoZIhvcNAQELBQADggEBAGfzH3/p/aUKNJEbFRII3f0DE/c9ozEdOb7YkXoR
J3rfw6S8vTVaCeoQpumvi4Q5fmOEWTJWAjQ4Cqi1PLqMBDEnKeJ8vFIw4SueC0TK
9NwPfnOEkntDlXH2PQ6AtHob6bmGQ5zcjb8yT7KAS8d45pBOAFe/d1g0MbOGUb81
4SJblNLikIP2KeNWrB7eZtaOOlA3BRtUGZXI+QF32Rr51Q8UZKmsPWufz7TZzJ9T
qVyTSt9StFaZBwhYo0v75t2EfVS6oSxRL5Z6YJwbybnZZRjyrYrxWKLY40cfz63m
deaOedbNe+NHgjiBaEhjq5flUAojktld/vGfuuCb3fHXT7s=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:07:14 2025 by rpki-client