Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3239663a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3239663a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: UG+XB37/IMsiPeYeDzrq2umVXkh/fmXkM+Ybb44r2LA=
Subject key identifier: DA:6E:17:D1:0F:4E:5E:0D:17:E8:D9:F1:8E:F2:E2:49:C7:F7:97:9E
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 35B0ABC2E862C12B3BE496BD80B25C5F10235CBF
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3239663a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 13:00:04 +0000
ROA not before: Mon 26 Sep 2022 12:55:04 +0000
ROA not after: Mon 25 Sep 2023 13:00:04 +0000
asID: 59282
IP address blocks: 2400:d680:29f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:b0:ab:c2:e8:62:c1:2b:3b:e4:96:bd:80:b2:5c:5f:10:23:5c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 12:55:04 2022 GMT
Not After : Sep 25 13:00:04 2023 GMT
Subject: CN=DA6E17D10F4E5E0D17E8D9F18EF2E249C7F7979E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:85:7f:76:16:ca:64:1b:ef:08:b2:32:95:60:
11:7e:ac:6f:66:37:02:bd:f4:52:53:50:34:4d:57:
8c:fe:e8:36:fa:2d:84:98:bb:95:ae:62:8a:c2:c5:
c8:2f:bd:b0:ec:66:6f:14:67:58:32:cc:75:d5:8c:
91:28:7d:54:fd:53:d3:9c:ed:7d:84:4f:18:fd:85:
6c:d8:fc:2c:cd:70:fe:be:f3:e7:03:bb:1c:20:ff:
a9:7a:2b:8b:6a:9f:91:d5:2a:19:ea:07:89:01:91:
08:a5:e7:6c:2f:94:7a:aa:b1:d1:23:a1:d9:7a:9d:
7a:20:01:23:8c:18:52:c8:cb:39:a2:fb:86:36:d0:
d9:f8:20:f9:3d:83:c3:f1:96:3f:99:80:4a:2f:25:
6c:8a:0b:ba:06:9d:eb:5d:89:95:2e:52:41:80:17:
d9:e0:05:59:c6:d2:7b:db:c2:93:31:f5:04:0f:24:
21:c2:ed:36:9a:17:a4:48:26:64:71:83:e8:2b:2f:
c6:b3:f7:71:32:b8:8e:04:be:f7:67:10:c4:68:b1:
b5:82:14:3e:61:42:4e:ed:9e:96:54:88:1b:f7:b8:
7e:d7:86:4e:f1:63:51:86:82:4d:ec:b1:d4:8c:ad:
05:e7:75:ed:5a:73:20:cd:1c:b6:18:cb:27:91:be:
91:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6E:17:D1:0F:4E:5E:0D:17:E8:D9:F1:8E:F2:E2:49:C7:F7:97:9E
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3239663a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:29f::/48
Signature Algorithm: sha256WithRSAEncryption
9b:0e:0c:e1:72:4f:9d:31:a3:ce:9d:c4:07:c6:e1:bb:1c:dd:
91:24:4c:f5:5f:51:44:2e:c5:6c:8f:18:84:14:80:3f:60:85:
f3:1f:12:36:9e:d6:0d:5b:7e:8e:55:f0:97:10:92:fd:c6:03:
dc:e5:49:8c:1c:57:3f:d2:cb:68:26:80:07:cb:ce:ea:2c:93:
e8:fd:ab:11:ce:3a:e4:fe:ba:69:bc:c6:9a:8d:1f:61:0f:5d:
3e:44:f7:ad:aa:a2:3c:c2:00:44:68:e4:6b:6d:89:85:57:15:
5e:cc:b6:de:4e:8a:f0:23:08:af:7c:30:cd:a5:65:6c:09:4f:
cb:6f:8f:1f:a6:cd:96:66:a9:86:91:72:cd:c3:fd:f3:21:96:
30:f4:c3:1e:35:35:c7:fb:a9:2e:e4:f1:f8:22:02:f6:13:0b:
d4:2d:70:d4:4f:1e:a3:72:2b:63:13:fa:5f:9a:b8:14:8b:05:
a6:49:98:a4:48:e5:68:71:23:f3:2a:42:3a:30:b7:cf:2e:18:
89:09:74:d2:f8:87:32:21:12:d8:b8:db:66:ec:70:43:40:86:
f1:cd:20:e1:ea:2e:77:fd:01:43:d5:c4:7f:52:76:2a:3f:28:
a3:3b:12:e2:5e:71:d2:37:04:89:2e:2d:a3:e7:21:0b:f1:5a:
bd:51:f5:de
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNbCrwuhiwSs75Ja9gLJcXxAjXL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYxMjU1MDRaFw0yMzA5MjUxMzAwMDRaMDMxMTAvBgNV
BAMTKERBNkUxN0QxMEY0RTVFMEQxN0U4RDlGMThFRjJFMjQ5QzdGNzk3OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzhX92FspkG+8IsjKVYBF+rG9m
NwK99FJTUDRNV4z+6Db6LYSYu5WuYorCxcgvvbDsZm8UZ1gyzHXVjJEofVT9U9Oc
7X2ETxj9hWzY/CzNcP6+8+cDuxwg/6l6K4tqn5HVKhnqB4kBkQil52wvlHqqsdEj
odl6nXogASOMGFLIyzmi+4Y20Nn4IPk9g8Pxlj+ZgEovJWyKC7oGnetdiZUuUkGA
F9ngBVnG0nvbwpMx9QQPJCHC7TaaF6RIJmRxg+grL8az93EyuI4EvvdnEMRosbWC
FD5hQk7tnpZUiBv3uH7Xhk7xY1GGgk3ssdSMrQXnde1acyDNHLYYyyeRvpEfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2m4X0Q9OXg0X6NnxjvLiScf3l54wHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzIzOTY2M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAC
nzANBgkqhkiG9w0BAQsFAAOCAQEAmw4M4XJPnTGjzp3EB8bhuxzdkSRM9V9RRC7F
bI8YhBSAP2CF8x8SNp7WDVt+jlXwlxCS/cYD3OVJjBxXP9LLaCaAB8vO6iyT6P2r
Ec465P66abzGmo0fYQ9dPkT3raqiPMIARGjka22JhVcVXsy23k6K8CMIr3wwzaVl
bAlPy2+PH6bNlmaphpFyzcP98yGWMPTDHjU1x/upLuTx+CIC9hML1C1w1E8eo3Ir
YxP6X5q4FIsFpkmYpEjlaHEj8ypCOjC3zy4YiQl00viHMiES2LjbZuxwQ0CG8c0g
4eoud/0BQ9XEf1J2Kj8oozsS4l5x0jcEiS4to+chC/FavVH13g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:50 2024 by rpki-client on console-ams.rpki-client.org