Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3163333a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3163333a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: kOIsZLrOvp9wV3DdDRIMfGw9eYcxQNRe/UTWWjCSsqo=
Subject key identifier: 48:5E:B7:B8:C8:AB:93:22:86:9D:33:13:BD:2F:45:CD:22:D7:CF:7B
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 0DB62180D09A29DEB9D395A5F95A97A8E0A6BAA3
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3163333a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:33 +0000
ROA not before: Mon 26 Sep 2022 09:55:33 +0000
ROA not after: Mon 25 Sep 2023 10:00:33 +0000
asID: 59282
IP address blocks: 2400:d680:1c3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b6:21:80:d0:9a:29:de:b9:d3:95:a5:f9:5a:97:a8:e0:a6:ba:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:33 2022 GMT
Not After : Sep 25 10:00:33 2023 GMT
Subject: CN=485EB7B8C8AB9322869D3313BD2F45CD22D7CF7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d2:cd:2f:11:79:ef:be:6c:7b:af:d5:a6:df:
f5:37:b2:cf:33:13:88:9e:0c:58:e8:65:ef:5d:31:
9c:c8:76:67:a2:9d:0e:7c:c7:91:69:2d:59:6c:67:
90:3d:c0:1a:f2:67:1c:0b:7d:b2:df:7b:b1:3b:df:
96:1f:78:e0:e7:2a:8f:16:7f:78:be:3e:be:36:b1:
a3:c3:d7:66:c3:a5:45:5f:5e:44:0f:b3:34:2a:09:
5a:6d:c5:a6:6a:2e:16:90:65:2d:50:1d:d4:af:0b:
87:91:c8:ea:53:a9:ce:d6:e8:cc:1b:29:04:41:da:
dd:05:f7:eb:0d:f0:b2:33:b9:e3:2c:88:ac:2d:41:
cd:83:f7:10:04:1f:2b:9d:80:15:ed:ed:2c:80:76:
a9:53:1b:ea:cf:aa:26:89:44:e5:3c:e6:ff:2e:78:
35:49:48:ee:69:27:d1:a4:be:75:6d:26:de:75:3c:
60:6e:87:27:9f:ae:8d:4f:5b:74:cf:b4:f9:94:d7:
63:9c:10:3b:0f:4e:6e:46:48:18:3c:03:be:6e:32:
5a:97:84:80:0e:9f:43:90:ad:ec:f2:18:e9:1f:e7:
85:97:b0:8b:e4:03:44:b7:ec:07:74:08:91:e5:92:
ad:41:ba:83:06:3b:32:34:27:1c:e9:c7:41:12:6e:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5E:B7:B8:C8:AB:93:22:86:9D:33:13:BD:2F:45:CD:22:D7:CF:7B
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3163333a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:1c3::/48
Signature Algorithm: sha256WithRSAEncryption
93:ea:87:aa:17:bc:bb:72:5c:80:ef:b3:cf:50:6a:3d:66:83:
88:16:cd:92:40:e3:62:fb:1b:c0:f7:89:c7:40:67:99:c8:3f:
24:fd:1e:aa:13:4c:01:b1:8a:b1:ec:6e:57:6d:95:41:55:ae:
d0:eb:11:78:a4:15:ec:a4:94:43:f6:8e:99:26:d4:ad:d2:d1:
4b:d4:78:92:67:a8:b1:35:90:6c:08:2e:25:8d:cc:cf:83:be:
ba:62:0e:9f:d4:5b:0b:60:bf:cc:bb:f7:0d:18:25:41:a8:37:
b0:c0:32:d6:f0:e4:26:13:4c:e1:f4:59:af:5c:12:09:c7:de:
0a:ed:82:73:7b:8c:13:ce:2f:ee:f2:af:d4:86:dc:bb:40:50:
1d:9c:e7:5f:af:ed:59:a5:22:cc:42:30:6f:30:7f:6b:0b:f7:
ba:c5:53:d7:44:16:8a:6d:61:8e:92:67:f8:a3:4c:8e:5d:1b:
62:7a:ae:ff:91:b2:f5:64:ea:b8:f2:13:2b:41:14:cc:8a:34:
25:5d:19:7a:ed:82:dd:20:7e:cd:ad:f2:51:a1:95:1c:a6:49:
5f:c1:85:ae:52:e9:7e:ff:81:af:ca:fb:2e:39:4a:a3:e8:29:
a3:ee:ab:96:ab:25:e3:0e:5b:ff:32:e6:a2:6a:36:01:be:78:
b2:a0:2f:6d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDbYhgNCaKd6505Wl+VqXqOCmuqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MzNaFw0yMzA5MjUxMDAwMzNaMDMxMTAvBgNV
BAMTKDQ4NUVCN0I4QzhBQjkzMjI4NjlEMzMxM0JEMkY0NUNEMjJEN0NGN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU0s0vEXnvvmx7r9Wm3/U3ss8z
E4ieDFjoZe9dMZzIdmeinQ58x5FpLVlsZ5A9wBryZxwLfbLfe7E735YfeODnKo8W
f3i+Pr42saPD12bDpUVfXkQPszQqCVptxaZqLhaQZS1QHdSvC4eRyOpTqc7W6Mwb
KQRB2t0F9+sN8LIzueMsiKwtQc2D9xAEHyudgBXt7SyAdqlTG+rPqiaJROU85v8u
eDVJSO5pJ9GkvnVtJt51PGBuhyefro1PW3TPtPmU12OcEDsPTm5GSBg8A75uMlqX
hIAOn0OQrezyGOkf54WXsIvkA0S37Ad0CJHlkq1BuoMGOzI0Jxzpx0ESbujTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSF63uMirkyKGnTMTvS9FzSLXz3swHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzE2MzMzM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
wzANBgkqhkiG9w0BAQsFAAOCAQEAk+qHqhe8u3JcgO+zz1BqPWaDiBbNkkDjYvsb
wPeJx0Bnmcg/JP0eqhNMAbGKsexuV22VQVWu0OsReKQV7KSUQ/aOmSbUrdLRS9R4
kmeosTWQbAguJY3Mz4O+umIOn9RbC2C/zLv3DRglQag3sMAy1vDkJhNM4fRZr1wS
CcfeCu2Cc3uME84v7vKv1Ibcu0BQHZznX6/tWaUizEIwbzB/awv3usVT10QWim1h
jpJn+KNMjl0bYnqu/5Gy9WTquPITK0EUzIo0JV0Zeu2C3SB+za3yUaGVHKZJX8GF
rlLpfv+Br8r7LjlKo+gpo+6rlqsl4w5b/zLmomo2Ab54sqAvbQ==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:51 2025 by rpki-client