Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3165303a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3165303a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: bZed7pJbtCjm/WzJKnS130pcmzdBNorj4tAE1iFLUCo=
Subject key identifier: 19:E5:CB:A3:EC:C0:3B:F4:74:9A:93:DB:36:D9:94:C1:23:4A:30:AA
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 3649F8456C2BB555DB3A5AC495D90462562657EC
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3165303a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:12 +0000
ROA not before: Mon 26 Sep 2022 09:55:12 +0000
ROA not after: Mon 25 Sep 2023 10:00:12 +0000
asID: 59282
IP address blocks: 2400:d680:1e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:49:f8:45:6c:2b:b5:55:db:3a:5a:c4:95:d9:04:62:56:26:57:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:12 2022 GMT
Not After : Sep 25 10:00:12 2023 GMT
Subject: CN=19E5CBA3ECC03BF4749A93DB36D994C1234A30AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b4:65:1e:64:e0:de:ca:18:2b:dd:ca:2c:c5:
8b:8e:d5:0a:e4:11:09:72:7e:89:ec:d1:6c:c8:60:
32:ce:36:e3:61:54:74:dc:da:2f:43:dc:9e:ea:f5:
56:55:37:e5:30:d0:e1:5a:44:cf:1c:1c:e9:cb:c2:
62:67:49:c7:13:41:23:ce:14:a6:97:f0:6c:8f:93:
d5:cb:2d:48:75:74:2b:a1:72:16:1d:72:4d:82:e1:
6b:c3:4b:d3:28:74:7f:44:b5:67:58:14:44:71:56:
f2:fa:ff:6d:c2:1a:d1:ce:e2:b2:e1:e4:32:a0:88:
a4:cf:88:54:bb:4b:20:23:e9:93:cd:f9:ad:a0:31:
25:7a:25:fb:6b:ae:41:38:54:bd:54:65:62:78:13:
b0:b1:1c:68:da:fe:80:e9:79:32:b9:8c:24:4e:0a:
eb:4d:80:e1:3e:6d:7c:24:57:db:a2:a4:c8:9a:ba:
fe:e9:d9:2f:df:8f:88:3c:b6:c9:90:a6:d3:1e:db:
c0:4f:af:3f:9a:82:4b:4a:c2:b0:a7:3d:d6:55:46:
46:a7:5f:23:a4:36:d6:ef:8b:d0:2d:81:df:5f:42:
e1:c1:e5:d8:2e:d2:39:7b:9f:0b:b3:67:c6:b6:85:
1f:88:2f:2c:52:81:df:43:49:a2:35:8f:12:99:de:
ad:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E5:CB:A3:EC:C0:3B:F4:74:9A:93:DB:36:D9:94:C1:23:4A:30:AA
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3165303a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:1e0::/48
Signature Algorithm: sha256WithRSAEncryption
c2:2b:57:0a:e4:08:34:a6:77:7e:aa:1d:9f:c6:4d:d9:f2:3a:
31:c3:57:ef:f8:97:ec:97:13:d3:1a:cf:04:a9:fb:03:bf:b1:
6a:b4:a6:21:28:88:1b:b0:36:e7:67:75:99:d5:d8:2b:e3:cf:
79:a8:9e:b1:c0:f3:04:0e:bf:01:ff:c1:6d:e4:0d:f4:aa:0a:
f9:a0:6d:36:81:8c:58:b8:dd:71:f3:2e:78:08:ea:a6:e9:6a:
01:ba:ca:ae:d3:6c:fe:75:d7:b5:8e:40:be:e7:29:9e:fa:d7:
92:f0:9d:4b:b2:54:53:44:c0:7e:80:18:d9:14:ea:a0:8a:2f:
91:05:1f:97:e4:30:a0:63:5f:f6:07:a2:2d:95:ea:55:5c:ca:
4c:6b:40:87:f5:28:39:64:5d:2c:76:f3:7c:d2:ac:43:a9:13:
d8:d3:39:05:ae:6d:94:fa:19:90:a2:1a:5f:f6:12:09:54:95:
27:3a:1d:92:95:72:5e:27:a7:50:54:a0:e2:83:a8:65:84:9d:
53:dc:2a:2c:7e:32:9d:08:21:6a:15:fd:f5:b8:71:4e:6b:55:
26:84:e2:61:2e:fe:2a:11:60:78:ef:3e:a4:ef:1b:92:e4:33:
3b:b0:70:ed:77:ab:9b:c0:82:08:4c:cb:17:6a:6a:f7:6c:95:
39:4c:df:c2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNkn4RWwrtVXbOlrEldkEYlYmV+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MTJaFw0yMzA5MjUxMDAwMTJaMDMxMTAvBgNV
BAMTKDE5RTVDQkEzRUNDMDNCRjQ3NDlBOTNEQjM2RDk5NEMxMjM0QTMwQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOtGUeZODeyhgr3cosxYuO1Qrk
EQlyfons0WzIYDLONuNhVHTc2i9D3J7q9VZVN+Uw0OFaRM8cHOnLwmJnSccTQSPO
FKaX8GyPk9XLLUh1dCuhchYdck2C4WvDS9ModH9EtWdYFERxVvL6/23CGtHO4rLh
5DKgiKTPiFS7SyAj6ZPN+a2gMSV6JftrrkE4VL1UZWJ4E7CxHGja/oDpeTK5jCRO
CutNgOE+bXwkV9uipMiauv7p2S/fj4g8tsmQptMe28BPrz+agktKwrCnPdZVRkan
XyOkNtbvi9Atgd9fQuHB5dgu0jl7nwuzZ8a2hR+ILyxSgd9DSaI1jxKZ3q0rAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUGeXLo+zAO/R0mpPbNtmUwSNKMKowHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzE2NTMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAB
4DANBgkqhkiG9w0BAQsFAAOCAQEAwitXCuQINKZ3fqodn8ZN2fI6McNX7/iX7JcT
0xrPBKn7A7+xarSmISiIG7A252d1mdXYK+PPeaiescDzBA6/Af/BbeQN9KoK+aBt
NoGMWLjdcfMueAjqpulqAbrKrtNs/nXXtY5AvucpnvrXkvCdS7JUU0TAfoAY2RTq
oIovkQUfl+QwoGNf9geiLZXqVVzKTGtAh/UoOWRdLHbzfNKsQ6kT2NM5Ba5tlPoZ
kKIaX/YSCVSVJzodkpVyXienUFSg4oOoZYSdU9wqLH4ynQghahX99bhxTmtVJoTi
YS7+KhFgeO8+pO8bkuQzO7Bw7Xerm8CCCEzLF2pq92yVOUzfwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:50 2024 by rpki-client on console-ams.rpki-client.org