Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a33313a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a33313a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: NmySI0Y4CI5xTY8C5kc6J3uRHyfeQBrRfPRJO6UGJRY=
Subject key identifier: 12:E8:24:40:D4:51:6E:37:15:D5:17:BC:93:AE:0C:1F:B0:CB:EC:DE
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 5A9FB0F60BCD6947F0C69D48F46456514FB25BF0
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a33313a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 08:01:30 +0000
ROA not before: Mon 26 Sep 2022 07:56:30 +0000
ROA not after: Mon 25 Sep 2023 08:01:30 +0000
asID: 59282
IP address blocks: 2400:d680:31::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:9f:b0:f6:0b:cd:69:47:f0:c6:9d:48:f4:64:56:51:4f:b2:5b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 07:56:30 2022 GMT
Not After : Sep 25 08:01:30 2023 GMT
Subject: CN=12E82440D4516E3715D517BC93AE0C1FB0CBECDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:93:a7:95:76:23:e6:c3:da:c3:63:33:14:ce:
ba:2c:cc:b6:3a:e2:ae:9e:12:cf:16:68:18:fc:69:
29:53:4c:83:94:59:ba:07:b3:cb:0d:48:ad:cd:bf:
ac:65:00:aa:e1:4a:36:70:94:ab:e7:10:cc:d9:8b:
76:ec:0a:f1:21:59:8c:21:1a:14:c2:b2:5d:34:1c:
c4:97:a2:68:0e:04:83:d5:ae:68:5c:ec:27:16:ea:
4e:3b:b0:6a:7e:3c:5f:fe:9f:9b:d5:8b:80:fb:ad:
e5:60:cc:ca:ba:35:98:d8:56:b4:03:a9:73:fb:39:
5b:a9:4b:ce:34:96:25:6a:af:b4:94:ea:05:45:10:
5f:64:5c:58:0d:bf:1e:e2:18:36:5e:7f:3d:fd:a1:
d8:a8:1d:c4:f1:17:af:1f:91:70:45:1b:50:60:44:
f3:16:78:5f:7a:52:bd:79:59:77:dc:93:88:14:82:
c4:db:ea:de:d4:e0:45:5c:c4:19:d0:5d:7f:93:a6:
5b:7e:0f:0a:cd:cf:8d:1b:9c:c1:32:0b:2e:3f:26:
38:a2:92:1a:28:db:4f:ab:f4:d0:2d:f7:f4:4d:93:
bb:37:8d:b1:ea:77:cc:4f:61:98:6a:bf:33:75:f2:
1c:94:0b:0a:2c:1c:df:5f:88:11:fe:28:56:05:25:
9c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E8:24:40:D4:51:6E:37:15:D5:17:BC:93:AE:0C:1F:B0:CB:EC:DE
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a33313a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:31::/48
Signature Algorithm: sha256WithRSAEncryption
d2:cd:1b:74:55:a2:e4:61:35:9e:fe:03:cf:87:c0:67:8e:17:
45:0f:44:74:90:17:ff:c9:f1:c1:b5:29:7d:a1:89:fe:6d:fa:
c4:75:83:19:20:fa:e6:7d:c6:6a:27:15:11:f0:41:04:d0:58:
33:c3:73:29:ae:df:a3:86:88:a4:d1:d5:b7:bd:0b:1e:c1:a3:
be:81:af:2b:8f:c3:14:87:ab:bf:0a:6b:45:36:32:30:29:a7:
a5:4a:5b:62:79:cc:1a:fa:8a:17:e7:6e:5e:f1:af:af:78:73:
00:d8:bd:52:3d:ef:9d:80:a4:e8:93:6b:d2:ab:2f:d0:f9:47:
6f:97:32:6d:27:3a:61:ba:c3:96:27:6e:f2:c6:ef:7a:bd:ce:
8d:92:b0:e9:17:eb:e3:3d:6f:2d:fe:c4:fb:6d:10:b0:89:6d:
70:d4:66:85:8c:b1:a1:61:84:58:5f:30:f1:ec:22:a3:6a:7e:
e1:46:04:5e:b8:ab:2e:21:7b:d9:3b:37:f0:5b:ff:5d:66:0c:
e4:85:bb:2b:a9:4d:d7:7c:05:86:b7:5a:58:f2:1b:fb:8a:f4:
11:ae:85:1d:5c:15:21:ec:da:d0:cc:78:00:77:48:08:77:78:
64:86:31:1f:8b:2c:65:73:97:dc:5e:31:c8:c8:47:32:8d:d6:
95:76:0e:78
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWp+w9gvNaUfwxp1I9GRWUU+yW/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2MzBaFw0yMzA5MjUwODAxMzBaMDMxMTAvBgNV
BAMTKDEyRTgyNDQwRDQ1MTZFMzcxNUQ1MTdCQzkzQUUwQzFGQjBDQkVDREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnk6eVdiPmw9rDYzMUzroszLY6
4q6eEs8WaBj8aSlTTIOUWboHs8sNSK3Nv6xlAKrhSjZwlKvnEMzZi3bsCvEhWYwh
GhTCsl00HMSXomgOBIPVrmhc7CcW6k47sGp+PF/+n5vVi4D7reVgzMq6NZjYVrQD
qXP7OVupS840liVqr7SU6gVFEF9kXFgNvx7iGDZefz39odioHcTxF68fkXBFG1Bg
RPMWeF96Ur15WXfck4gUgsTb6t7U4EVcxBnQXX+Tplt+DwrNz40bnMEyCy4/Jjii
khoo20+r9NAt9/RNk7s3jbHqd8xPYZhqvzN18hyUCwosHN9fiBH+KFYFJZyRAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUEugkQNRRbjcV1Re8k64MH7DL7N4wHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzMzMTNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAADEw
DQYJKoZIhvcNAQELBQADggEBANLNG3RVouRhNZ7+A8+HwGeOF0UPRHSQF//J8cG1
KX2hif5t+sR1gxkg+uZ9xmonFRHwQQTQWDPDcymu36OGiKTR1be9Cx7Bo76BryuP
wxSHq78Ka0U2MjApp6VKW2J5zBr6ihfnbl7xr694cwDYvVI9752ApOiTa9KrL9D5
R2+XMm0nOmG6w5YnbvLG73q9zo2SsOkX6+M9by3+xPttELCJbXDUZoWMsaFhhFhf
MPHsIqNqfuFGBF64qy4he9k7N/Bb/11mDOSFuyupTdd8BYa3WljyG/uK9BGuhR1c
FSHs2tDMeAB3SAh3eGSGMR+LLGVzl9xeMcjIRzKN1pV2Dng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:14 2024 by rpki-client on console-fra.rpki-client.org