Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3263613a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3263613a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: MNCBf/uozhLJAwk/Blo3Hmi0OQ9XpRn3UgmG3DGAmgI=
Subject key identifier: 98:19:59:E5:81:D6:60:06:22:DD:79:35:17:2F:AB:99:26:E7:5F:CC
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 28F402C72458FD954CA76495B554B4C44B13A6
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3263613a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 13:00:05 +0000
ROA not before: Mon 26 Sep 2022 12:55:05 +0000
ROA not after: Mon 25 Sep 2023 13:00:05 +0000
asID: 59282
IP address blocks: 2400:d680:2ca::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:f4:02:c7:24:58:fd:95:4c:a7:64:95:b5:54:b4:c4:4b:13:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 12:55:05 2022 GMT
Not After : Sep 25 13:00:05 2023 GMT
Subject: CN=981959E581D6600622DD7935172FAB9926E75FCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:29:8b:1a:b8:90:14:cb:38:65:05:d3:7e:32:
68:65:e0:ca:ce:44:c9:e8:0f:4b:74:34:91:76:46:
c2:59:fb:87:84:b5:52:6e:7d:db:78:c8:11:3c:44:
a7:2f:79:fa:f1:de:5b:aa:e6:b6:45:d9:d2:e1:25:
89:68:2a:37:e8:59:ba:f0:1a:80:5b:8f:13:cd:0e:
74:04:91:95:5b:b2:f2:d3:54:26:44:50:2b:81:19:
96:a2:f1:4a:d2:3f:aa:1b:54:46:df:1a:4e:85:cd:
f0:29:f9:a3:03:88:ba:7c:9e:8f:16:b5:1a:65:85:
53:e2:ce:a1:56:7f:8b:8a:fa:5d:97:cf:86:66:24:
be:b2:d6:2c:1f:15:8f:f5:7e:28:e4:2d:71:e6:9e:
ee:6c:35:7a:d9:89:a2:16:cc:06:65:b3:ba:44:62:
47:cb:d1:4a:38:15:c5:a9:03:20:2d:19:40:fd:12:
24:c8:3f:c8:fb:91:5b:f0:83:98:db:cc:19:18:2c:
81:fc:e7:38:fd:07:50:4c:e9:37:59:35:08:22:9b:
dc:cd:ee:68:fb:13:a4:99:0f:d5:f5:2a:87:37:f4:
e1:97:19:4b:34:ca:b8:03:9c:cc:86:f5:4f:10:9e:
7a:27:e6:92:40:6a:f5:59:15:5b:62:b4:d4:d3:97:
d9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:19:59:E5:81:D6:60:06:22:DD:79:35:17:2F:AB:99:26:E7:5F:CC
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3263613a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:2ca::/48
Signature Algorithm: sha256WithRSAEncryption
d2:36:1e:d4:d7:a0:e2:2d:43:c2:e5:41:10:02:fe:d8:0e:3d:
33:32:fe:ea:ee:bf:fc:ca:17:b8:cb:a1:6b:c5:d4:b8:41:e3:
d0:e9:31:6e:3f:f7:18:70:ff:97:3e:99:04:c0:14:b7:64:56:
f2:92:c8:54:b4:d4:a8:81:87:1f:6c:5c:be:21:df:00:43:ea:
a5:da:8f:0a:8a:1d:f9:89:ba:a2:e5:e1:d1:83:6a:3c:0f:a8:
11:b2:29:e4:37:dd:42:62:36:27:06:43:58:8b:44:ff:98:ae:
74:1f:88:c8:06:52:aa:a4:e8:01:e7:0f:f4:57:36:b7:40:9c:
f5:5d:a0:41:d8:d6:e2:0b:5a:f5:64:ee:4c:84:b9:8b:17:db:
c0:04:dd:2b:b1:b2:4b:7c:20:84:24:d3:7c:0a:72:35:d7:96:
0b:58:26:87:dc:c8:33:8d:df:de:41:16:de:fb:f2:23:79:be:
76:d7:bb:09:e4:27:0a:e9:80:f2:0d:e7:1f:55:88:74:2e:93:
c1:5c:7e:0b:3e:ad:c3:f3:c9:94:e7:8e:b1:2f:8a:38:7d:4d:
ae:16:ac:2b:c7:bf:fd:c5:85:66:cc:7a:04:74:1c:d4:05:d0:
c3:c5:f1:37:2c:c1:cd:5c:1a:8d:01:94:1f:1d:02:1f:fd:63:
11:00:76:77
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgITKPQCxyRY/ZVMp2SVtVS0xEsTpjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg2Mzk0NzNDRDIwNTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYw
MEU3MUFBMB4XDTIyMDkyNjEyNTUwNVoXDTIzMDkyNTEzMDAwNVowMzExMC8GA1UE
AxMoOTgxOTU5RTU4MUQ2NjAwNjIyREQ3OTM1MTcyRkFCOTkyNkU3NUZDQzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKopixq4kBTLOGUF034yaGXgys5E
yegPS3Q0kXZGwln7h4S1Um5923jIETxEpy95+vHeW6rmtkXZ0uEliWgqN+hZuvAa
gFuPE80OdASRlVuy8tNUJkRQK4EZlqLxStI/qhtURt8aToXN8Cn5owOIunyejxa1
GmWFU+LOoVZ/i4r6XZfPhmYkvrLWLB8Vj/V+KOQtceae7mw1etmJohbMBmWzukRi
R8vRSjgVxakDIC0ZQP0SJMg/yPuRW/CDmNvMGRgsgfznOP0HUEzpN1k1CCKb3M3u
aPsTpJkP1fUqhzf04ZcZSzTKuAOczIb1TxCeeifmkkBq9VkVW2K01NOX2VcCAwEA
AaOCAjswggI3MB0GA1UdDgQWBBSYGVnlgdZgBiLdeTUXL6uZJudfzDAfBgNVHSME
GDAWgBRjlHPNIFSnizn5rHqDIyRi8A5xqjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4
NDY0YTViLTJmY2UtNDdkYS04MDQ3LTY4ZDJiZDYzYzljMy8wLzYzOTQ3M0NEMjA1
NEE3OEIzOUY5QUM3QTgzMjMyNDYyRjAwRTcxQUEuY3JsMHQGCCsGAQUFBwEBBGgw
ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v
SUROSUMtSUQvMi82Mzk0NzNDRDIwNTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3
MUFBLmNlcjCBqAYIKwYBBQUHAQsEgZswgZgwgZUGCCsGAQUFBzALhoGIcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTg0NjRhNWItMmZjZS00N2RhLTgw
NDctNjhkMmJkNjNjOWMzLzAvMzIzNDMwMzAzYTY0MzYzODMwM2EzMjYzNjEzYTNh
MmYzNDM4MmQzNDM4MjAzZDNlMjAzNTM5MzIzODMyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJADWgALK
MA0GCSqGSIb3DQEBCwUAA4IBAQDSNh7U16DiLUPC5UEQAv7YDj0zMv7q7r/8yhe4
y6FrxdS4QePQ6TFuP/cYcP+XPpkEwBS3ZFbykshUtNSogYcfbFy+Id8AQ+ql2o8K
ih35ibqi5eHRg2o8D6gRsinkN91CYjYnBkNYi0T/mK50H4jIBlKqpOgB5w/0Vza3
QJz1XaBB2NbiC1r1ZO5MhLmLF9vABN0rsbJLfCCEJNN8CnI115YLWCaH3Mgzjd/e
QRbe+/Ijeb5217sJ5CcK6YDyDecfVYh0LpPBXH4LPq3D88mU546xL4o4fU2uFqwr
x7/9xYVmzHoEdBzUBdDDxfE3LMHNXBqNAZQfHQIf/WMRAHZ3
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:03:14 2025 by rpki-client