Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3363343a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a3363343a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: 40dbMB3JbRZT+4Q3pvGn+EoroBM8uacIGllCzVwVigU=
Subject key identifier: F1:B8:A3:BC:BA:B3:FB:9D:D1:9E:A0:9B:3A:16:08:92:56:7F:AE:68
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 4FEFA088B0D9E7D1B1E1C91F90FD938F239104CF
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3363343a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 11:00:42 +0000
ROA not before: Mon 26 Sep 2022 10:55:42 +0000
ROA not after: Mon 25 Sep 2023 11:00:42 +0000
asID: 59282
IP address blocks: 2400:d680:3c4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ef:a0:88:b0:d9:e7:d1:b1:e1:c9:1f:90:fd:93:8f:23:91:04:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 10:55:42 2022 GMT
Not After : Sep 25 11:00:42 2023 GMT
Subject: CN=F1B8A3BCBAB3FB9DD19EA09B3A160892567FAE68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:7c:91:cb:00:43:17:ff:cd:49:a2:86:dc:
30:c4:08:0f:fa:a6:6e:d2:32:dd:14:4c:25:cd:ad:
d7:34:69:6d:a0:d2:a1:54:9d:c3:79:87:61:04:94:
17:e6:b6:25:09:9c:97:b7:5a:18:f7:ef:b5:78:8e:
73:04:a5:70:0a:17:e9:9f:18:94:60:81:1c:05:05:
a7:05:e3:0c:64:35:5c:59:ae:dd:bd:9a:52:79:3a:
ac:dc:45:2e:61:3f:23:59:e6:d6:25:3b:41:89:97:
4c:4d:16:83:af:c0:42:69:ad:40:28:db:13:64:4f:
09:81:41:d2:d9:9d:8e:67:7b:c3:02:c5:3d:e6:54:
86:a7:db:52:74:b7:6e:cd:0b:28:9a:29:80:52:0e:
75:81:c1:10:b2:f5:a3:25:b3:fb:19:39:dc:08:55:
41:3c:d6:7a:e6:2f:06:28:22:ed:af:bb:55:b3:19:
08:ce:99:c5:fd:14:b3:79:6e:42:2a:47:e8:d7:84:
d3:5c:60:35:92:6b:a2:6a:ac:9e:14:cb:b4:f8:da:
0c:28:20:a8:7b:ed:7f:c0:11:87:87:e0:d6:33:bf:
f2:5c:d1:f5:38:e6:e1:76:28:f8:41:ce:d4:60:6a:
8a:69:22:24:9c:4d:ca:a6:fc:3a:0a:90:bd:ea:28:
cc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:B8:A3:BC:BA:B3:FB:9D:D1:9E:A0:9B:3A:16:08:92:56:7F:AE:68
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a3363343a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:3c4::/48
Signature Algorithm: sha256WithRSAEncryption
c7:0f:e8:f2:ad:13:de:15:be:04:5f:a9:6f:39:36:2d:4f:e8:
23:84:63:f9:ac:cb:f7:7c:37:cf:e6:03:3c:86:59:d0:4f:17:
f0:bb:f7:47:44:89:7e:5d:c2:07:77:49:97:de:a0:84:e7:06:
11:bd:db:6c:36:ac:83:0f:54:73:eb:95:9e:24:5b:13:0e:e2:
95:68:22:60:83:7d:da:c4:79:d8:2b:c3:88:f8:96:54:20:2b:
c4:5b:58:13:56:6c:09:ee:41:a7:6a:13:2a:08:73:5a:f1:23:
46:37:f0:07:63:dc:3a:13:cc:30:f3:d0:af:ef:cd:2c:70:b0:
57:20:3f:6e:da:8c:a2:88:4c:aa:ed:1c:12:a8:25:c2:5d:22:
cb:2a:cb:b6:20:4e:db:8d:37:62:31:88:e9:7e:5d:d9:31:f9:
e1:68:79:1d:96:61:be:09:4e:eb:34:2c:2a:44:7d:43:9a:2e:
cb:7f:58:62:25:8a:11:bf:a7:0c:5d:70:66:75:d4:d0:a8:8b:
a1:6e:d7:b9:68:15:ef:5b:25:71:f4:9a:ab:87:b7:9b:ef:84:
4b:58:9c:f9:ac:86:0a:23:9b:52:94:50:2b:f6:1f:a1:e4:69:
b2:4d:0e:8a:3a:bc:a1:67:85:91:c3:98:ab:05:bf:b5:9a:88:
4b:fd:52:2b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUT++giLDZ59Gx4ckfkP2TjyORBM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYxMDU1NDJaFw0yMzA5MjUxMTAwNDJaMDMxMTAvBgNV
BAMTKEYxQjhBM0JDQkFCM0ZCOUREMTlFQTA5QjNBMTYwODkyNTY3RkFFNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAu3yRywBDF//NSaKG3DDECA/6
pm7SMt0UTCXNrdc0aW2g0qFUncN5h2EElBfmtiUJnJe3Whj377V4jnMEpXAKF+mf
GJRggRwFBacF4wxkNVxZrt29mlJ5OqzcRS5hPyNZ5tYlO0GJl0xNFoOvwEJprUAo
2xNkTwmBQdLZnY5ne8MCxT3mVIan21J0t27NCyiaKYBSDnWBwRCy9aMls/sZOdwI
VUE81nrmLwYoIu2vu1WzGQjOmcX9FLN5bkIqR+jXhNNcYDWSa6JqrJ4Uy7T42gwo
IKh77X/AEYeH4NYzv/Jc0fU45uF2KPhBztRgaoppIiScTcqm/DoKkL3qKMxvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU8bijvLqz+53RnqCbOhYIklZ/rmgwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzM2MzM0M2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzOTMyMzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA1oAD
xDANBgkqhkiG9w0BAQsFAAOCAQEAxw/o8q0T3hW+BF+pbzk2LU/oI4Rj+azL93w3
z+YDPIZZ0E8X8Lv3R0SJfl3CB3dJl96ghOcGEb3bbDasgw9Uc+uVniRbEw7ilWgi
YIN92sR52CvDiPiWVCArxFtYE1ZsCe5Bp2oTKghzWvEjRjfwB2PcOhPMMPPQr+/N
LHCwVyA/btqMoohMqu0cEqglwl0iyyrLtiBO2403YjGI6X5d2TH54Wh5HZZhvglO
6zQsKkR9Q5ouy39YYiWKEb+nDF1wZnXU0KiLoW7XuWgV71slcfSaq4e3m++ES1ic
+ayGCiObUpRQK/YfoeRpsk0Oijq8oWeFkcOYqwW/tZqIS/1SKw==
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:01:47 2025 by rpki-client