Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33322d3332203d3e20313338383134.roa
File: 323430343a393763303a3a2f33322d3332203d3e20313338383134.roa (raw, json)
Hash identifier: GbDGv5ipTv6v1m6LNO6HQGYN6bSP6+WqU5xZXzAxiQE=
Subject key identifier: 8E:ED:66:C1:67:BA:FC:75:92:F4:96:C9:4D:F2:7F:09:6A:96:B4:74
Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE
Certificate serial: 3DDC0C665DE213931D6428A986C9932C48382178
Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33322d3332203d3e20313338383134.roa
Signing time: Thu 19 Oct 2023 04:01:01 +0000
ROA not before: Thu 19 Oct 2023 03:56:01 +0000
ROA not after: Thu 17 Oct 2024 04:01:01 +0000
asID: 138814
IP address blocks: 2404:97c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:dc:0c:66:5d:e2:13:93:1d:64:28:a9:86:c9:93:2c:48:38:21:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE
Validity
Not Before: Oct 19 03:56:01 2023 GMT
Not After : Oct 17 04:01:01 2024 GMT
Subject: CN=8EED66C167BAFC7592F496C94DF27F096A96B474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:76:e9:40:1c:06:a3:28:3c:09:4c:6f:5f:
31:f3:40:11:67:31:24:b8:b3:50:54:27:75:48:7b:
80:05:fa:9c:f4:33:ab:22:cb:53:cc:4e:73:ea:b9:
05:e1:36:87:ec:8f:80:ae:83:7c:f1:7a:bb:10:d8:
a4:69:ce:8c:4e:02:5b:19:04:de:89:37:a8:4b:95:
4e:bd:fd:9c:c7:bd:36:8f:c1:34:b5:d4:10:9d:a9:
e2:ea:ee:4c:1f:d0:1a:ad:75:23:df:71:1f:7b:dd:
ad:e5:c2:3d:58:03:db:39:1b:c8:0c:e1:02:30:2e:
0c:e4:9b:38:f0:cd:4b:ed:d4:a7:97:ef:9b:2c:53:
75:7d:12:90:d7:04:d5:8f:2f:6d:2c:54:a9:ff:30:
12:a8:6a:00:f9:61:55:86:c4:39:2b:ef:3f:64:df:
a6:09:32:a3:e1:ff:6e:1a:1d:13:99:c0:a4:23:96:
e3:a4:c5:a4:9b:8e:fd:50:a0:5b:d4:3c:bb:b8:3b:
c5:ee:51:d4:12:0f:23:de:e7:ee:9c:d7:82:23:02:
e5:a9:01:5b:c2:b2:ae:ed:53:7e:7e:16:0e:37:d7:
67:61:99:d2:c1:c1:e8:20:1c:fe:6b:c8:da:38:15:
3d:1e:63:f7:0c:85:c8:0d:d0:72:db:af:b3:97:67:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:ED:66:C1:67:BA:FC:75:92:F4:96:C9:4D:F2:7F:09:6A:96:B4:74
X509v3 Authority Key Identifier:
keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3a2f33322d3332203d3e20313338383134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:97c0::/32
Signature Algorithm: sha256WithRSAEncryption
cb:74:11:e6:06:15:68:95:ab:8c:e3:d4:38:0d:4d:7c:ee:f2:
48:5a:1e:f0:99:cd:ab:64:86:ea:96:8a:e6:ba:f0:61:01:c1:
ff:c5:ca:b0:2c:c7:a4:e1:a8:b0:3d:ca:c2:cd:f6:0c:35:40:
62:b6:c7:aa:f4:98:31:de:d5:b0:a7:91:20:63:76:97:19:b5:
c5:9d:8a:72:4f:bb:3b:36:49:30:9c:db:47:e6:5a:a0:26:57:
9c:49:06:0e:3f:77:e4:23:d9:2f:0a:af:3f:c7:41:72:56:02:
7d:ec:cf:12:fd:eb:db:1d:5a:47:94:a3:66:a4:7d:ec:40:45:
54:6d:22:90:74:25:3a:07:f5:e2:47:2c:5a:ff:ae:da:56:0a:
70:d7:65:67:08:97:fd:c9:bd:92:e4:14:74:87:53:ce:94:0b:
69:ab:f5:1b:2c:03:41:29:23:82:67:9c:92:fe:c2:fe:30:1a:
15:96:b5:0a:8b:46:18:94:14:8e:2e:b4:8b:a8:43:05:0b:68:
16:05:08:18:17:40:d8:a4:76:f3:bf:34:93:df:e3:93:64:09:
a5:9d:09:99:4c:a7:65:48:39:4e:98:72:eb:f1:d1:50:6d:1b:
44:ca:f7:4b:71:2d:c9:b0:5a:b4:15:b8:39:73:b6:76:e4:12:
90:cb:a7:25
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUPdwMZl3iE5MdZCiphsmTLEg4IXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky
NzI5REVFRTAeFw0yMzEwMTkwMzU2MDFaFw0yNDEwMTcwNDAxMDFaMDMxMTAvBgNV
BAMTKDhFRUQ2NkMxNjdCQUZDNzU5MkY0OTZDOTRERjI3RjA5NkE5NkI0NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC92nbpQBwGoyg8CUxvXzHzQBFn
MSS4s1BUJ3VIe4AF+pz0M6siy1PMTnPquQXhNofsj4Cug3zxersQ2KRpzoxOAlsZ
BN6JN6hLlU69/ZzHvTaPwTS11BCdqeLq7kwf0BqtdSPfcR973a3lwj1YA9s5G8gM
4QIwLgzkmzjwzUvt1KeX75ssU3V9EpDXBNWPL20sVKn/MBKoagD5YVWGxDkr7z9k
36YJMqPh/24aHROZwKQjluOkxaSbjv1QoFvUPLu4O8XuUdQSDyPe5+6c14IjAuWp
AVvCsq7tU35+Fg4312dhmdLBweggHP5ryNo4FT0eY/cMhcgN0HLbr7OXZ2VlAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUju1mwWe6/HWS9JbJTfJ/CWqWtHQwHwYDVR0j
BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC
MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5
REVFRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04
MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzMzODM4MzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQEl8AwDQYJKoZI
hvcNAQELBQADggEBAMt0EeYGFWiVq4zj1DgNTXzu8khaHvCZzatkhuqWiua68GEB
wf/FyrAsx6ThqLA9ysLN9gw1QGK2x6r0mDHe1bCnkSBjdpcZtcWdinJPuzs2STCc
20fmWqAmV5xJBg4/d+Qj2S8Krz/HQXJWAn3szxL969sdWkeUo2akfexARVRtIpB0
JToH9eJHLFr/rtpWCnDXZWcIl/3JvZLkFHSHU86UC2mr9RssA0EpI4JnnJL+wv4w
GhWWtQqLRhiUFI4utIuoQwULaBYFCBgXQNikdvO/NJPf45NkCaWdCZlMp2VIOU6Y
cuvx0VBtG0TK90txLcmwWrQVuDlztnbkEpDLpyU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:12 2025 by rpki-client