Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3362383a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3362383a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: bojAWZoQCkH9/Z1HqYtk0+RQxTdW3QGs4n7YK4eiGyk=
Subject key identifier: 79:44:D9:BD:4E:D3:75:62:75:16:9A:5C:B3:9B:F6:1B:EA:C6:02:E5
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 2D65D4E3DB71C45A218AAA9191244B05D91E48EF
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3362383a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 11:00:30 +0000
ROA not before: Mon 26 Sep 2022 10:55:30 +0000
ROA not after: Mon 25 Sep 2023 11:00:30 +0000
asID: 59282
IP address blocks: 2400:d680:3b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:65:d4:e3:db:71:c4:5a:21:8a:aa:91:91:24:4b:05:d9:1e:48:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 10:55:30 2022 GMT
Not After : Sep 25 11:00:30 2023 GMT
Subject: CN=7944D9BD4ED3756275169A5CB39BF61BEAC602E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:b9:99:dc:bc:58:29:95:7d:78:3b:b1:b4:
9f:de:76:5e:87:21:cd:cc:36:b1:da:03:3c:57:dd:
ea:0d:6c:a7:d7:0d:25:66:35:94:ce:77:9f:c4:39:
c1:81:85:16:3e:50:f2:ee:15:38:56:be:1d:00:7b:
c2:a5:ac:3b:b5:5d:4f:9d:54:4c:dc:6d:3d:ae:55:
87:e8:4d:43:e1:10:96:88:3e:54:0f:6d:5f:cb:66:
95:1f:3f:c9:6e:e8:d7:9a:23:15:c3:32:7c:79:ea:
a9:e1:04:ef:48:22:b0:be:1b:8d:cf:11:83:ef:42:
b1:0e:ef:48:49:f1:29:b6:dd:0a:fd:d8:ab:39:43:
95:e3:33:6a:72:83:b6:3b:c6:91:b2:13:cc:4e:c2:
43:4f:7d:fa:df:6c:1c:eb:bc:a4:d1:71:36:e9:4c:
c7:bc:f5:5d:ab:49:47:a4:37:eb:22:5c:bb:68:37:
d0:37:05:4c:22:96:1c:b7:da:43:01:78:57:9b:c7:
e6:86:2a:20:31:21:b9:4d:fa:a7:79:bc:ec:ad:ad:
a0:9e:49:39:46:bc:f1:bd:18:d5:0d:5c:3c:b7:0d:
cd:97:ff:15:b5:f6:cb:58:17:de:fa:5c:68:2f:a6:
bc:86:fa:21:61:ce:94:ff:01:71:57:5c:6c:07:8d:
c2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:44:D9:BD:4E:D3:75:62:75:16:9A:5C:B3:9B:F6:1B:EA:C6:02:E5
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3362383a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:3b8::/48
Signature Algorithm: sha256WithRSAEncryption
16:c0:ac:7b:e3:ca:4b:2a:56:02:a3:a9:e0:8f:55:28:78:07:
34:58:1c:f9:c2:29:d0:c7:37:82:e6:3e:07:0d:6f:2c:da:57:
e4:ca:c4:01:2c:4c:cf:11:58:71:fd:0a:c4:9c:36:8c:6f:3b:
da:d3:f2:f9:e6:03:3c:e2:d4:8c:0f:96:ab:75:c7:68:2d:5c:
f5:67:c3:37:29:2e:4a:9d:8a:e9:87:5b:0c:76:ce:6d:5f:f5:
76:22:fb:c0:10:73:0d:ce:c0:27:35:e8:67:e0:7c:4e:da:6d:
78:94:67:df:ba:d8:ab:b3:9d:91:c4:e9:a4:9d:66:7e:00:38:
3a:7e:9f:51:6e:b7:d2:a7:4a:d1:a2:d0:69:0a:a7:4b:52:5d:
86:76:21:20:1d:e1:b8:22:bb:80:6a:ac:86:f2:83:4e:e8:1b:
4b:49:7d:2b:13:f7:c2:07:13:31:75:4a:35:8f:57:0c:42:fc:
e0:17:f0:51:9a:10:cb:bd:02:a7:3e:95:3e:cb:e9:2d:33:9b:
fd:a4:be:ba:c1:18:f0:3c:3e:aa:16:95:1a:c2:59:68:24:95:
46:88:18:2c:ee:e4:3b:2d:b0:2b:eb:bc:15:04:e6:4f:fc:e6:
67:e8:f2:35:5c:0c:17:01:4f:d5:69:5c:f7:6d:8c:a2:32:c0:
51:c1:f4:91
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULWXU49txxFohiqqRkSRLBdkeSO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYxMDU1MzBaFw0yMzA5MjUxMTAwMzBaMDMxMTAvBgNV
BAMTKDc5NDREOUJENEVEMzc1NjI3NTE2OUE1Q0IzOUJGNjFCRUFDNjAyRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3D7mZ3LxYKZV9eDuxtJ/edl6H
Ic3MNrHaAzxX3eoNbKfXDSVmNZTOd5/EOcGBhRY+UPLuFThWvh0Ae8KlrDu1XU+d
VEzcbT2uVYfoTUPhEJaIPlQPbV/LZpUfP8lu6NeaIxXDMnx56qnhBO9IIrC+G43P
EYPvQrEO70hJ8Sm23Qr92Ks5Q5XjM2pyg7Y7xpGyE8xOwkNPffrfbBzrvKTRcTbp
TMe89V2rSUekN+siXLtoN9A3BUwilhy32kMBeFebx+aGKiAxIblN+qd5vOytraCe
STlGvPG9GNUNXDy3Dc2X/xW19stYF976XGgvpryG+iFhzpT/AXFXXGwHjcJpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUeUTZvU7TdWJ1Fppcs5v2G+rGAuUwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzM2MjM4M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAD
uDANBgkqhkiG9w0BAQsFAAOCAQEAFsCse+PKSypWAqOp4I9VKHgHNFgc+cIp0Mc3
guY+Bw1vLNpX5MrEASxMzxFYcf0KxJw2jG872tPy+eYDPOLUjA+Wq3XHaC1c9WfD
NykuSp2K6YdbDHbObV/1diL7wBBzDc7AJzXoZ+B8TtpteJRn37rYq7OdkcTppJ1m
fgA4On6fUW630qdK0aLQaQqnS1JdhnYhIB3huCK7gGqshvKDTugbS0l9KxP3wgcT
MXVKNY9XDEL84BfwUZoQy70Cpz6VPsvpLTOb/aS+usEY8Dw+qhaVGsJZaCSVRogY
LO7kOy2wK+u8FQTmT/zmZ+jyNVwMFwFP1Wlc922MojLAUcH0kQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:14 2024 by rpki-client on console-fra.rpki-client.org