Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3331303a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3331303a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: eV9tvRCk3zBp4apwLbYPsOmO7DufXFsKn2cbJi5KC5M=
Subject key identifier: 2D:14:93:49:BA:3E:83:26:27:26:C9:4D:0D:A3:46:27:2A:1E:63:73
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 6F3A83E693A3AB9D0D81023B43BD45562A5539A7
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3331303a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 10:00:15 +0000
ROA not before: Mon 26 Sep 2022 09:55:15 +0000
ROA not after: Mon 25 Sep 2023 10:00:15 +0000
asID: 59282
IP address blocks: 2400:d680:310::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:3a:83:e6:93:a3:ab:9d:0d:81:02:3b:43:bd:45:56:2a:55:39:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 09:55:15 2022 GMT
Not After : Sep 25 10:00:15 2023 GMT
Subject: CN=2D149349BA3E83262726C94D0DA346272A1E6373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:26:53:7c:62:c2:d7:f6:0c:3f:0d:99:d3:2b:
09:02:96:ee:31:f2:fe:49:8d:d9:4d:06:42:5c:f4:
88:fa:8b:30:2b:6d:c6:89:bb:39:27:43:1a:c8:e6:
cd:50:01:1b:2e:34:db:1a:86:5b:52:91:5b:01:e6:
b1:a9:27:21:14:70:42:0e:47:1f:64:68:ed:d3:b3:
d8:f3:af:b3:98:89:fb:37:84:1b:1c:da:f1:84:af:
91:30:0d:0a:ab:5d:70:c4:6b:10:5a:67:43:98:80:
d6:1c:0f:51:45:97:c6:b3:17:0b:eb:76:ba:64:ba:
07:70:a1:fc:3a:16:27:4a:c5:8b:9b:a7:d8:d1:1d:
b4:f7:89:fe:02:5d:e8:a7:18:67:e3:38:39:67:a8:
ff:93:c0:95:f6:56:24:46:e0:66:e0:58:88:6f:f9:
c9:e6:20:7a:4a:9a:00:98:43:f3:31:7c:2a:98:93:
9e:03:7c:74:36:d6:ae:6f:05:04:ea:ac:e9:e9:47:
ee:cc:6f:f0:0d:cd:34:f3:68:85:63:64:34:3c:ca:
d9:e7:44:63:89:28:98:5f:ce:0a:01:18:5b:92:7a:
f5:59:09:88:b6:93:00:45:ae:0e:57:c5:f7:41:55:
ea:c6:00:c3:3a:2b:1b:df:8b:fb:98:c6:4d:30:fe:
fe:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:14:93:49:BA:3E:83:26:27:26:C9:4D:0D:A3:46:27:2A:1E:63:73
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3331303a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:310::/48
Signature Algorithm: sha256WithRSAEncryption
13:87:f9:e9:7b:08:d3:53:1f:4e:e7:e5:0b:6d:38:d5:c0:83:
b3:6c:25:e4:d1:33:32:66:15:d6:49:3a:a9:e6:c5:ab:57:8e:
32:38:0c:be:73:9a:1d:a7:58:ff:cc:a0:a3:ab:8f:c2:0c:ea:
40:bd:4a:52:8b:74:47:dd:58:48:ad:6a:bc:51:2e:3d:6c:e4:
86:30:34:f4:00:cd:ac:ae:22:ba:6c:3d:69:c2:a3:4d:ec:95:
e3:0c:5f:99:03:af:42:53:1f:0a:3d:7c:30:76:d9:36:6c:68:
83:da:17:40:5b:60:94:f0:90:ac:b2:9a:3f:53:38:34:04:68:
fe:f0:07:1a:d2:17:a0:4e:dd:02:92:34:ad:33:ee:00:a9:94:
e7:cb:02:ac:18:a8:50:99:de:4a:e0:0e:c9:11:05:71:e7:5e:
f8:d8:42:59:ff:b8:25:ef:fb:04:a8:56:73:c5:1b:ee:92:81:
c9:aa:ca:be:61:1d:8a:ae:92:c7:6b:1c:20:71:e8:c0:b3:8d:
2d:68:39:3c:08:85:af:ba:b1:1d:9c:96:3b:62:00:b8:83:cb:
ac:6b:37:e8:22:f8:01:d4:ef:cb:0c:cb:a5:13:fe:9a:86:4b:
87:93:31:1d:11:cc:7d:bf:ac:b8:5b:9a:52:99:3e:f7:33:26:
62:61:be:62
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbzqD5pOjq50NgQI7Q71FVipVOacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwOTU1MTVaFw0yMzA5MjUxMDAwMTVaMDMxMTAvBgNV
BAMTKDJEMTQ5MzQ5QkEzRTgzMjYyNzI2Qzk0RDBEQTM0NjI3MkExRTYzNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiJlN8YsLX9gw/DZnTKwkClu4x
8v5JjdlNBkJc9Ij6izArbcaJuzknQxrI5s1QARsuNNsahltSkVsB5rGpJyEUcEIO
Rx9kaO3Ts9jzr7OYifs3hBsc2vGEr5EwDQqrXXDEaxBaZ0OYgNYcD1FFl8azFwvr
drpkugdwofw6FidKxYubp9jRHbT3if4CXeinGGfjODlnqP+TwJX2ViRG4GbgWIhv
+cnmIHpKmgCYQ/MxfCqYk54DfHQ21q5vBQTqrOnpR+7Mb/ANzTTzaIVjZDQ8ytnn
RGOJKJhfzgoBGFuSevVZCYi2kwBFrg5XxfdBVerGAMM6Kxvfi/uYxk0w/v5pAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQULRSTSbo+gyYnJslNDaNGJyoeY3MwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzMzMTMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAD
EDANBgkqhkiG9w0BAQsFAAOCAQEAE4f56XsI01MfTuflC2041cCDs2wl5NEzMmYV
1kk6qebFq1eOMjgMvnOaHadY/8ygo6uPwgzqQL1KUot0R91YSK1qvFEuPWzkhjA0
9ADNrK4iumw9acKjTeyV4wxfmQOvQlMfCj18MHbZNmxog9oXQFtglPCQrLKaP1M4
NARo/vAHGtIXoE7dApI0rTPuAKmU58sCrBioUJneSuAOyREFcede+NhCWf+4Je/7
BKhWc8Ub7pKByarKvmEdiq6Sx2scIHHowLONLWg5PAiFr7qxHZyWO2IAuIPLrGs3
6CL4AdTvywzLpRP+moZLh5MxHRHMfb+suFuaUpk+9zMmYmG+Yg==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:17 2025 by rpki-client