Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3164663a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3164663a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: Q0W99E6YPKhEP2zIavtAuBsvNxa/h0EO6PrHbiQq6NM=
Subject key identifier: D0:01:56:F2:77:E9:EA:B5:C9:1B:8F:54:49:CF:47:DF:0A:31:0A:47
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 72E12B67947264B3BCDCAF7CC9E0A7476D937F2A
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3164663a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:02 +0000
ROA not before: Mon 26 Sep 2022 09:55:02 +0000
ROA not after: Mon 25 Sep 2023 10:00:02 +0000
asID: 59282
IP address blocks: 2400:d680:1df::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:e1:2b:67:94:72:64:b3:bc:dc:af:7c:c9:e0:a7:47:6d:93:7f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:02 2022 GMT
Not After : Sep 25 10:00:02 2023 GMT
Subject: CN=D00156F277E9EAB5C91B8F5449CF47DF0A310A47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b2:ba:fb:ce:05:57:4e:70:b0:6b:f2:c8:e8:
de:b9:c3:13:d1:ca:4d:55:7a:08:b5:c7:00:bd:f8:
30:f4:dc:e8:3d:d6:be:6e:c4:8b:83:6b:2b:bd:db:
3d:a3:37:7f:0a:d6:5a:de:38:72:e3:94:fa:29:27:
e0:67:bb:1f:7a:76:f6:5f:e2:37:95:01:36:d7:51:
22:87:57:d0:f5:c6:ca:39:cc:76:ce:ee:db:ef:6f:
e9:7e:79:2a:b5:f6:e9:87:fb:45:90:d6:b7:14:db:
63:c5:0e:65:18:f9:70:57:24:ce:7b:03:6f:1d:67:
85:59:a0:79:37:44:9d:26:f4:a6:23:48:9d:da:84:
c4:24:99:68:ed:91:3d:56:02:f0:74:f5:1c:d8:7b:
37:f9:38:05:38:af:a4:79:1d:2c:ce:a4:cc:aa:b1:
88:8d:9a:1a:9f:81:79:1c:08:fd:8b:1d:66:0d:32:
d2:74:c9:ef:f4:b3:f2:d4:bb:df:8d:a7:14:d1:14:
99:7d:7d:ba:25:da:b9:b5:22:84:e2:60:df:03:df:
db:73:5d:40:a9:2a:ce:3d:0a:dd:6f:ad:41:c9:fd:
42:7f:19:d9:5c:a5:9e:b2:be:4d:0c:1a:ca:a3:d2:
9f:ad:ae:6b:a9:6a:98:d1:4f:09:99:85:a1:d3:83:
7b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:01:56:F2:77:E9:EA:B5:C9:1B:8F:54:49:CF:47:DF:0A:31:0A:47
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3164663a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:1df::/48
Signature Algorithm: sha256WithRSAEncryption
d2:22:82:be:ea:bb:98:c2:d4:a2:07:fa:91:1e:5d:47:78:a8:
e4:06:93:a3:d7:25:28:4c:4b:0b:c4:11:09:1a:02:04:66:4d:
4b:f2:57:f6:84:ef:60:2c:ba:c9:d0:66:5c:df:0b:9e:4d:96:
e5:d7:21:cf:8d:46:b4:e1:74:6f:36:08:47:a3:68:db:cf:dc:
8f:d8:02:2b:aa:35:95:da:64:59:18:4f:5c:40:11:b2:f6:9f:
a8:4f:a3:8e:c5:d4:24:88:88:dd:67:f8:00:c4:3d:92:b7:bf:
36:0a:6f:f7:18:c3:23:f0:0c:f0:93:84:37:07:b4:ff:fb:99:
c0:e4:a2:e3:09:3e:6b:27:21:13:21:b4:30:69:04:36:63:fd:
2b:78:93:88:87:5b:8d:f7:f5:cc:7e:21:5a:13:78:c7:1e:c1:
ae:d2:01:f7:96:a6:64:9c:a9:7f:e1:95:b3:0e:00:c6:d9:9f:
91:b2:74:a8:cf:ce:2a:7e:2c:e8:16:33:8e:c6:ec:cc:f1:62:
37:2c:9d:7f:b7:a1:f6:09:95:14:7e:d9:6e:f8:24:d9:31:c0:
b4:31:39:56:2a:35:70:de:db:4e:d5:09:c9:84:bf:d7:f6:56:
57:d9:b4:1f:f6:a8:ab:5a:5a:19:d8:59:7c:62:c0:b3:b4:3e:
7d:01:f0:a7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcuErZ5RyZLO83K98yeCnR22TfyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MDJaFw0yMzA5MjUxMDAwMDJaMDMxMTAvBgNV
BAMTKEQwMDE1NkYyNzdFOUVBQjVDOTFCOEY1NDQ5Q0Y0N0RGMEEzMTBBNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIsrr7zgVXTnCwa/LI6N65wxPR
yk1Vegi1xwC9+DD03Og91r5uxIuDayu92z2jN38K1lreOHLjlPopJ+Bnux96dvZf
4jeVATbXUSKHV9D1xso5zHbO7tvvb+l+eSq19umH+0WQ1rcU22PFDmUY+XBXJM57
A28dZ4VZoHk3RJ0m9KYjSJ3ahMQkmWjtkT1WAvB09RzYezf5OAU4r6R5HSzOpMyq
sYiNmhqfgXkcCP2LHWYNMtJ0ye/0s/LUu9+NpxTRFJl9fbol2rm1IoTiYN8D39tz
XUCpKs49Ct1vrUHJ/UJ/GdlcpZ6yvk0MGsqj0p+trmupapjRTwmZhaHTg3vVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU0AFW8nfp6rXJG49USc9H3woxCkcwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzE2NDY2M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
3zANBgkqhkiG9w0BAQsFAAOCAQEA0iKCvuq7mMLUogf6kR5dR3io5AaTo9clKExL
C8QRCRoCBGZNS/JX9oTvYCy6ydBmXN8Lnk2W5dchz41GtOF0bzYIR6No28/cj9gC
K6o1ldpkWRhPXEARsvafqE+jjsXUJIiI3Wf4AMQ9kre/Ngpv9xjDI/AM8JOENwe0
//uZwOSi4wk+aychEyG0MGkENmP9K3iTiIdbjff1zH4hWhN4xx7BrtIB95amZJyp
f+GVsw4AxtmfkbJ0qM/OKn4s6BYzjsbszPFiNyydf7eh9gmVFH7Zbvgk2THAtDE5
Vio1cN7bTtUJyYS/1/ZWV9m0H/aoq1paGdhZfGLAs7Q+fQHwpw==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:42 2025 by rpki-client