Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66373a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a66373a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: LcirLa3OIFycA9ztOFx3oWX7jhTHUX5GU5Vv0Ll0Big=
Subject key identifier: 75:88:6C:5F:56:55:C4:9A:B3:2E:AF:31:2B:43:DA:02:80:F3:A9:56
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 3FB0C79B3E639D545167390A0B8D3E9CE0E9A16D
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66373a3a2f34382d3438203d3e203539323832.roa
Signing time: Sun 13 Jul 2025 11:46:11 +0000
ROA not before: Sun 13 Jul 2025 11:41:11 +0000
ROA not after: Sun 12 Jul 2026 11:46:11 +0000
asID: 59282
IP address blocks: 2400:d680:f7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Jul 2025 21:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b0:c7:9b:3e:63:9d:54:51:67:39:0a:0b:8d:3e:9c:e0:e9:a1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Jul 13 11:41:11 2025 GMT
Not After : Jul 12 11:46:11 2026 GMT
Subject: CN=75886C5F5655C49AB32EAF312B43DA0280F3A956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8d:cc:97:a4:b5:46:35:75:d2:7a:8b:db:d2:
b8:7c:96:76:09:aa:ae:c9:80:8e:65:7f:b6:f5:a4:
e6:ef:51:b6:26:26:c0:e3:60:1f:6b:14:a3:ff:42:
97:70:c2:f0:8a:11:7e:aa:f9:a6:e4:e8:27:f1:b1:
8a:a8:48:dc:b3:26:47:05:b1:3a:cd:1c:c5:9d:56:
fc:38:4e:cf:bb:16:23:f4:39:15:a0:8d:b3:6b:fd:
7d:f9:44:b6:49:fc:30:bd:b3:bd:c7:b6:43:df:38:
9e:a0:99:cc:30:7d:db:32:fe:dd:06:bd:f1:f0:99:
5f:44:af:e5:c4:4c:8e:5a:1d:4d:3e:c5:59:9f:a1:
e1:49:a4:1b:c1:5e:6c:83:97:c6:14:18:21:94:8e:
85:3b:19:08:84:f5:13:af:41:77:b0:fc:37:91:d3:
20:fc:a5:6c:c8:ae:0d:df:ba:06:2d:4b:9a:11:8c:
da:50:a8:6e:5d:29:0b:2c:74:4b:2e:4b:c2:da:98:
75:ae:0a:8b:db:4d:35:be:c3:ad:27:6d:b8:25:73:
06:75:ca:30:14:bd:36:47:b3:54:88:5d:fd:6a:c0:
5e:46:78:1a:90:1b:94:c3:e5:5c:14:44:9f:ec:60:
64:3f:66:1b:18:b5:15:1b:f1:f0:e4:51:41:fd:c3:
47:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:88:6C:5F:56:55:C4:9A:B3:2E:AF:31:2B:43:DA:02:80:F3:A9:56
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a66373a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:f7::/48
Signature Algorithm: sha256WithRSAEncryption
c1:0c:56:c3:25:65:5d:0a:8c:6e:66:19:59:c8:27:96:bc:d3:
a0:e6:e4:8f:b2:9f:b1:f5:cb:b7:39:b2:38:b5:f7:72:c7:b3:
d0:95:01:a1:9a:73:aa:67:b0:8f:9f:7d:ad:0f:f0:87:44:18:
cd:f9:81:25:6e:a4:6c:d6:63:2c:2a:f6:0e:f9:fc:b9:d7:dd:
88:65:5c:77:d0:4f:66:7e:e5:1a:39:8e:70:54:2c:db:33:92:
ad:fa:6e:e4:a3:d7:8e:54:10:41:90:ed:1f:eb:9a:aa:dc:67:
ba:8b:b3:9b:06:02:85:a2:05:06:28:cd:0b:a8:35:85:35:27:
70:13:c7:a6:b2:92:ec:07:a2:24:1e:36:7b:4f:a4:02:28:a9:
0c:77:81:5d:44:e1:95:66:2d:05:02:f8:1c:9d:aa:e2:a6:32:
25:e2:a4:7d:39:93:2a:fa:81:4d:25:66:f6:33:bd:8f:17:4a:
68:31:74:ac:c8:ea:98:4c:1c:a1:e1:f3:17:92:89:6a:29:84:
23:21:c3:57:9e:9f:6a:9f:af:11:75:af:14:97:bf:69:6c:38:
fc:5f:fa:e0:c8:2c:08:0e:ad:37:88:42:e9:11:81:d1:30:18:
c5:ae:82:19:f4:66:21:6b:db:60:0a:db:31:2c:17:b4:db:57:
39:d6:56:6f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUP7DHmz5jnVRRZzkKC40+nODpoW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yNTA3MTMxMTQxMTFaFw0yNjA3MTIxMTQ2MTFaMDMxMTAvBgNV
BAMTKDc1ODg2QzVGNTY1NUM0OUFCMzJFQUYzMTJCNDNEQTAyODBGM0E5NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmjcyXpLVGNXXSeovb0rh8lnYJ
qq7JgI5lf7b1pObvUbYmJsDjYB9rFKP/QpdwwvCKEX6q+abk6CfxsYqoSNyzJkcF
sTrNHMWdVvw4Ts+7FiP0ORWgjbNr/X35RLZJ/DC9s73HtkPfOJ6gmcwwfdsy/t0G
vfHwmV9Er+XETI5aHU0+xVmfoeFJpBvBXmyDl8YUGCGUjoU7GQiE9ROvQXew/DeR
0yD8pWzIrg3fugYtS5oRjNpQqG5dKQssdEsuS8LamHWuCovbTTW+w60nbbglcwZ1
yjAUvTZHs1SIXf1qwF5GeBqQG5TD5VwURJ/sYGQ/ZhsYtRUb8fDkUUH9w0dLAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUdYhsX1ZVxJqzLq8xK0PaAoDzqVYwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhNjYzNzNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAAPcw
DQYJKoZIhvcNAQELBQADggEBAMEMVsMlZV0KjG5mGVnIJ5a806Dm5I+yn7H1y7c5
sji193LHs9CVAaGac6pnsI+ffa0P8IdEGM35gSVupGzWYywq9g75/LnX3YhlXHfQ
T2Z+5Ro5jnBULNszkq36buSj145UEEGQ7R/rmqrcZ7qLs5sGAoWiBQYozQuoNYU1
J3ATx6aykuwHoiQeNntPpAIoqQx3gV1E4ZVmLQUC+BydquKmMiXipH05kyr6gU0l
ZvYzvY8XSmgxdKzI6phMHKHh8xeSiWophCMhw1een2qfrxF1rxSXv2lsOPxf+uDI
LAgOrTeIQukRgdEwGMWughn0ZiFr22AK2zEsF7TbVznWVm8=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:06:21 2025 by rpki-client