Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66343a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a66343a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: cZYXSqk1KN17v5nwqh0RKCf8O6xiegZ4X8WzqgEiV9I=
Subject key identifier: 4D:FD:1C:3D:C5:2D:9B:90:FB:1B:E1:47:AB:3A:5F:B7:F8:7B:09:C9
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 272CCD43A48FFF01BB214E904DF2D62E14F095D3
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66343a3a2f34382d3438203d3e203539323832.roa
Signing time: Sun 13 Jul 2025 11:46:11 +0000
ROA not before: Sun 13 Jul 2025 11:41:11 +0000
ROA not after: Sun 12 Jul 2026 11:46:11 +0000
asID: 59282
IP address blocks: 2400:d680:f4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Jul 2025 21:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:2c:cd:43:a4:8f:ff:01:bb:21:4e:90:4d:f2:d6:2e:14:f0:95:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Jul 13 11:41:11 2025 GMT
Not After : Jul 12 11:46:11 2026 GMT
Subject: CN=4DFD1C3DC52D9B90FB1BE147AB3A5FB7F87B09C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d8:f1:c7:d8:01:e7:30:d1:f8:30:0c:fe:b2:
75:e1:15:e7:cf:22:53:12:25:9a:1a:df:b7:d8:62:
9b:5a:fb:e9:2d:18:ec:10:e2:a4:47:a3:78:80:32:
e0:50:79:54:32:c5:10:69:a8:bb:a8:05:f8:47:ce:
f7:ef:3a:bf:cb:7d:84:d4:95:fb:2a:64:12:9c:9e:
f7:f3:4a:c4:5f:dd:0d:9b:42:2c:fd:08:f6:3e:ea:
96:9a:94:a3:7b:6c:b1:1f:dd:c5:f2:ab:75:3f:f8:
42:09:2c:65:73:2d:ee:86:27:ed:ac:9e:a2:1a:ab:
6e:7b:eb:65:e9:ec:48:28:4e:4b:9f:f1:25:6a:88:
96:6e:a9:96:56:49:f7:c9:c4:2d:b9:2a:15:6e:83:
02:de:fc:91:ab:d9:c1:fd:35:ca:b1:96:31:74:1f:
8c:f2:b5:f2:27:c0:f3:b4:e3:6a:ca:d4:a4:7c:5d:
e2:23:ef:67:79:67:02:a0:b3:ce:4e:1a:33:64:f9:
7c:0f:6a:0a:47:8e:3b:08:c5:7b:0a:1b:7f:29:9b:
85:cf:b2:46:cc:b8:2f:fc:ec:ed:23:49:fa:93:2d:
fb:3f:0d:55:de:b5:87:08:5c:81:f9:dd:01:a9:bb:
17:ae:ed:7b:56:31:b5:95:a1:7c:7e:a7:ea:5a:0d:
fb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FD:1C:3D:C5:2D:9B:90:FB:1B:E1:47:AB:3A:5F:B7:F8:7B:09:C9
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66343a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:f4::/48
Signature Algorithm: sha256WithRSAEncryption
ac:52:31:45:ce:74:93:81:96:de:b9:72:46:ac:54:b2:e6:4d:
68:c3:4f:5d:42:90:a6:50:95:7b:3e:9d:48:5e:af:80:25:ee:
42:85:89:3f:86:8b:3c:97:6d:2d:fb:74:e9:95:29:03:16:d5:
e4:6a:fe:87:58:a9:69:43:f7:f4:6c:7c:28:c6:e6:ce:cc:a4:
7b:c0:b9:4d:4c:e4:16:a9:71:24:a7:13:65:5f:56:8b:00:f8:
26:69:0f:57:fe:93:63:a0:df:77:b2:66:c5:ca:55:1c:0b:62:
09:60:89:16:e9:5d:01:7b:59:e8:24:e9:80:77:12:6e:36:f7:
88:c0:72:d6:eb:0a:38:90:04:8e:fb:49:ef:56:79:0f:00:9d:
35:57:60:4b:66:04:67:ad:3f:8b:70:44:97:45:37:16:91:e7:
19:83:14:0e:67:b8:ed:2d:8d:1d:1f:3f:a8:11:2f:b8:86:94:
78:9c:56:4c:77:67:e7:76:49:8a:17:70:82:46:0e:8f:be:73:
ca:62:3f:f0:95:ab:0e:9f:8a:b5:c7:fa:66:ff:48:25:48:4c:
52:00:b9:de:b9:67:cd:e2:ff:f7:8a:be:ac:0b:c1:11:da:b8:
06:1f:19:85:39:6a:68:a5:f9:69:5d:6f:cc:98:8c:90:2d:e5:
b9:f7:60:d5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJyzNQ6SP/wG7IU6QTfLWLhTwldMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yNTA3MTMxMTQxMTFaFw0yNjA3MTIxMTQ2MTFaMDMxMTAvBgNV
BAMTKDRERkQxQzNEQzUyRDlCOTBGQjFCRTE0N0FCM0E1RkI3Rjg3QjA5QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU2PHH2AHnMNH4MAz+snXhFefP
IlMSJZoa37fYYpta++ktGOwQ4qRHo3iAMuBQeVQyxRBpqLuoBfhHzvfvOr/LfYTU
lfsqZBKcnvfzSsRf3Q2bQiz9CPY+6paalKN7bLEf3cXyq3U/+EIJLGVzLe6GJ+2s
nqIaq25762Xp7EgoTkuf8SVqiJZuqZZWSffJxC25KhVugwLe/JGr2cH9NcqxljF0
H4zytfInwPO042rK1KR8XeIj72d5ZwKgs85OGjNk+XwPagpHjjsIxXsKG38pm4XP
skbMuC/87O0jSfqTLfs/DVXetYcIXIH53QGpuxeu7XtWMbWVoXx+p+paDftNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUTf0cPcUtm5D7G+FHqzpft/h7CckwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhNjYzNDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAAPQw
DQYJKoZIhvcNAQELBQADggEBAKxSMUXOdJOBlt65ckasVLLmTWjDT11CkKZQlXs+
nUher4Al7kKFiT+GizyXbS37dOmVKQMW1eRq/odYqWlD9/RsfCjG5s7MpHvAuU1M
5BapcSSnE2VfVosA+CZpD1f+k2Og33eyZsXKVRwLYglgiRbpXQF7Wegk6YB3Em42
94jActbrCjiQBI77Se9WeQ8AnTVXYEtmBGetP4twRJdFNxaR5xmDFA5nuO0tjR0f
P6gRL7iGlHicVkx3Z+d2SYoXcIJGDo++c8piP/CVqw6firXH+mb/SCVITFIAud65
Z83i//eKvqwLwRHauAYfGYU5amil+Wldb8yYjJAt5bn3YNU=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:06:39 2025 by rpki-client