Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3162643a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3162643a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: gvB7CZCqu1N82U8LmQ8qzox8zaDluUqiUB8wPpJKIM4=
Subject key identifier: CE:25:70:E4:78:27:D0:E9:31:06:42:72:12:EB:3C:D4:AA:A8:D4:57
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 08EC867AD542FAAC643FE8CE36FBB80C51154A33
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3162643a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:02 +0000
ROA not before: Mon 26 Sep 2022 09:55:02 +0000
ROA not after: Mon 25 Sep 2023 10:00:02 +0000
asID: 59282
IP address blocks: 2400:d680:1bd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ec:86:7a:d5:42:fa:ac:64:3f:e8:ce:36:fb:b8:0c:51:15:4a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:02 2022 GMT
Not After : Sep 25 10:00:02 2023 GMT
Subject: CN=CE2570E47827D0E93106427212EB3CD4AAA8D457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:54:84:97:25:bb:dd:39:3e:ed:0d:54:e0:
c9:c3:8b:8e:f9:f8:49:2e:7f:11:c1:3c:ea:5f:63:
6c:49:27:76:e9:ff:96:c3:6e:8f:5d:1c:70:ef:0d:
51:e5:78:7f:90:3d:c5:2a:eb:c2:25:fa:12:c6:3d:
af:7d:55:b0:33:0c:2c:33:7f:2d:aa:b5:54:9f:7b:
f4:13:0d:e4:39:4b:36:0c:25:b7:5a:8a:7f:7c:72:
84:9e:72:3a:67:0b:94:22:57:05:d0:f1:f6:44:e5:
7b:39:5e:fc:ec:7c:9b:42:9c:fe:68:82:51:36:57:
94:c0:61:5a:d0:65:a2:c9:b8:a8:bb:56:b0:f6:1d:
f4:0a:1a:87:57:6a:e8:8b:71:87:e3:f5:ba:09:1c:
a4:98:9c:6a:2e:3e:ed:5f:8f:a0:99:22:5a:c8:f3:
a2:29:8f:b5:ee:1a:74:21:35:66:0b:07:16:25:92:
28:4c:c2:b4:59:53:6b:7d:25:1e:b1:36:53:b5:01:
91:06:f5:33:c5:ba:97:e2:35:0f:66:81:14:e8:18:
ba:d6:5b:b1:fb:50:23:87:7f:6a:a7:72:dd:bf:30:
23:12:9a:0d:63:ed:e4:71:7c:bd:93:a4:6e:99:fe:
61:dc:e9:8d:4f:e9:99:b0:8c:d1:38:6d:7c:7e:18:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:25:70:E4:78:27:D0:E9:31:06:42:72:12:EB:3C:D4:AA:A8:D4:57
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3162643a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:1bd::/48
Signature Algorithm: sha256WithRSAEncryption
a8:18:bd:94:80:73:62:47:18:d7:79:0f:52:40:bd:69:77:50:
21:43:f1:72:c9:36:b7:9d:f9:5b:9b:b4:0e:8f:d2:ef:e9:bb:
fc:f5:2a:a2:32:78:15:4d:38:20:f9:51:1e:7d:1c:6b:f1:d2:
78:d2:eb:6a:61:82:e9:c5:d4:fd:6c:26:2f:96:0f:96:54:17:
21:db:02:1b:5d:ad:2f:87:b0:0c:0c:0e:fc:b8:52:0f:d6:3c:
4b:9b:d2:1e:dd:30:61:01:54:94:97:3d:88:5a:b4:54:86:99:
8b:68:f9:07:8d:5a:f8:1f:65:af:7a:fa:13:96:40:25:f7:6c:
c1:61:3a:d2:7c:c0:a4:19:9d:b7:e0:a1:16:88:f7:ec:4a:9e:
2f:03:72:47:9e:ff:37:19:a0:7c:e2:33:05:62:df:34:c0:d6:
73:33:69:42:db:87:ba:04:3c:e1:6a:f6:21:da:1b:f8:8a:40:
84:f9:b4:21:03:b8:1a:4b:83:f9:d8:49:0d:f0:70:fd:03:2e:
6e:aa:06:3d:57:b1:a8:92:41:8d:83:82:75:47:3d:92:0f:53:
21:0a:39:d8:d7:e0:b0:cb:1d:f5:80:7f:0d:9f:a8:5e:fe:19:
68:9f:bc:55:ab:ad:b2:08:39:13:26:c0:c5:41:8e:f9:c2:1a:
38:36:e5:80
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCOyGetVC+qxkP+jONvu4DFEVSjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MDJaFw0yMzA5MjUxMDAwMDJaMDMxMTAvBgNV
BAMTKENFMjU3MEU0NzgyN0QwRTkzMTA2NDI3MjEyRUIzQ0Q0QUFBOEQ0NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR3FSElyW73Tk+7Q1U4MnDi475
+EkufxHBPOpfY2xJJ3bp/5bDbo9dHHDvDVHleH+QPcUq68Il+hLGPa99VbAzDCwz
fy2qtVSfe/QTDeQ5SzYMJbdain98coSecjpnC5QiVwXQ8fZE5Xs5XvzsfJtCnP5o
glE2V5TAYVrQZaLJuKi7VrD2HfQKGodXauiLcYfj9boJHKSYnGouPu1fj6CZIlrI
86Ipj7XuGnQhNWYLBxYlkihMwrRZU2t9JR6xNlO1AZEG9TPFupfiNQ9mgRToGLrW
W7H7UCOHf2qnct2/MCMSmg1j7eRxfL2TpG6Z/mHc6Y1P6ZmwjNE4bXx+GDsVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUziVw5Hgn0OkxBkJyEus81Kqo1FcwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzE2MjY0M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
vTANBgkqhkiG9w0BAQsFAAOCAQEAqBi9lIBzYkcY13kPUkC9aXdQIUPxcsk2t535
W5u0Do/S7+m7/PUqojJ4FU04IPlRHn0ca/HSeNLramGC6cXU/WwmL5YPllQXIdsC
G12tL4ewDAwO/LhSD9Y8S5vSHt0wYQFUlJc9iFq0VIaZi2j5B41a+B9lr3r6E5ZA
JfdswWE60nzApBmdt+ChFoj37EqeLwNyR57/NxmgfOIzBWLfNMDWczNpQtuHugQ8
4Wr2Idob+IpAhPm0IQO4GkuD+dhJDfBw/QMubqoGPVexqJJBjYOCdUc9kg9TIQo5
2NfgsMsd9YB/DZ+oXv4ZaJ+8Vautsgg5EybAxUGO+cIaODblgA==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:03:40 2025 by rpki-client