Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a35383a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a35383a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: Sfss4qtRix0sl06oovBRqpbyu2gzME1xI/eGVdECeGc=
Subject key identifier: 58:85:7B:88:54:98:79:41:71:2B:EF:BD:43:69:46:F0:39:10:26:54
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 5D947356728131951F77ED4A729DFB84FAC1319F
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a35383a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 08:01:52 +0000
ROA not before: Mon 26 Sep 2022 07:56:52 +0000
ROA not after: Mon 25 Sep 2023 08:01:52 +0000
asID: 59282
IP address blocks: 2400:d680:58::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:94:73:56:72:81:31:95:1f:77:ed:4a:72:9d:fb:84:fa:c1:31:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 07:56:52 2022 GMT
Not After : Sep 25 08:01:52 2023 GMT
Subject: CN=58857B8854987941712BEFBD436946F039102654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:31:97:df:7d:a1:f7:62:85:b5:97:8c:91:
82:43:12:eb:03:7a:79:5b:50:b7:4b:5a:d1:24:f2:
62:b9:bf:53:e8:85:c3:08:dc:73:e4:b1:40:28:c5:
fa:cb:3f:fc:d4:cc:c2:14:db:37:50:aa:5d:ad:9f:
f9:f9:f4:21:fb:6a:15:98:ac:26:f2:04:aa:36:bc:
dd:85:47:e1:78:15:0c:49:3e:86:f5:88:19:34:df:
56:b1:58:61:4a:19:fe:44:cf:77:1a:09:ee:f6:11:
e8:a3:89:6a:a9:ec:9c:8d:c5:86:d7:68:9c:e7:e5:
a9:a2:a4:66:ce:9a:b7:b6:40:37:27:f0:6b:e0:4c:
90:68:6d:6f:a5:46:40:c5:ff:9e:af:4c:42:ce:5d:
5e:44:e1:84:6d:8f:ac:40:7c:90:47:91:fa:52:c4:
cc:6d:af:29:ce:a0:5c:f2:2a:8f:9e:af:e3:7b:5f:
d4:e9:6e:a0:f7:08:b4:93:a7:a7:82:0a:96:95:5c:
48:1c:02:ba:cf:19:bb:a9:0c:69:73:39:27:d2:2c:
f3:d1:60:3d:da:29:ab:60:a3:c9:16:30:7d:88:7a:
82:e8:d4:ef:07:01:22:73:5e:2f:72:65:94:45:46:
98:ec:29:70:25:7c:be:aa:e5:cf:d7:3d:11:e1:da:
aa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:85:7B:88:54:98:79:41:71:2B:EF:BD:43:69:46:F0:39:10:26:54
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a35383a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:58::/48
Signature Algorithm: sha256WithRSAEncryption
66:2a:30:65:66:f6:02:2f:52:5f:73:1d:c2:b6:d6:10:76:7d:
72:f3:85:d3:c4:63:17:1e:35:87:c9:ce:3a:ce:57:b4:61:4a:
3c:33:f1:44:2b:f3:97:d1:8f:49:dc:38:c7:40:c8:be:9c:02:
62:2a:d0:73:e5:d1:01:72:50:82:b2:d8:ac:55:60:09:88:a5:
47:d6:61:46:c0:97:5d:55:72:26:5c:b3:03:49:5a:30:21:e3:
38:0c:3e:55:e2:86:8c:38:5c:5e:76:e2:69:7d:e9:e1:10:98:
97:fb:ec:eb:9e:8f:32:f8:d6:a7:7c:b9:73:d1:c3:ac:cf:b5:
56:8d:2c:e1:03:d9:dc:50:ab:3c:9e:18:74:9a:5c:83:37:27:
3c:84:11:f3:c6:e9:29:80:59:4a:ca:b9:b6:57:7c:7b:f5:6e:
c2:b4:40:d9:b5:b3:9a:44:11:dd:ae:82:8d:48:24:fc:0a:95:
94:6b:70:eb:ab:38:72:1c:3b:17:10:63:61:18:cd:52:6b:59:
df:b6:36:0f:a2:92:f3:ee:73:ac:ba:d7:af:fa:0b:b6:4d:5e:
7f:44:88:28:de:73:44:db:20:d2:b0:85:b0:54:6d:10:e1:c0:
ce:4c:e6:a6:0a:8a:50:37:54:54:10:ab:a3:b6:a3:91:4f:14:
52:e5:7b:bc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUXZRzVnKBMZUfd+1Kcp37hPrBMZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NTJaFw0yMzA5MjUwODAxNTJaMDMxMTAvBgNV
BAMTKDU4ODU3Qjg4NTQ5ODc5NDE3MTJCRUZCRDQzNjk0NkYwMzkxMDI2NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBQDGX332h92KFtZeMkYJDEusD
enlbULdLWtEk8mK5v1PohcMI3HPksUAoxfrLP/zUzMIU2zdQql2tn/n59CH7ahWY
rCbyBKo2vN2FR+F4FQxJPob1iBk031axWGFKGf5Ez3caCe72EeijiWqp7JyNxYbX
aJzn5amipGbOmre2QDcn8GvgTJBobW+lRkDF/56vTELOXV5E4YRtj6xAfJBHkfpS
xMxtrynOoFzyKo+er+N7X9TpbqD3CLSTp6eCCpaVXEgcArrPGbupDGlzOSfSLPPR
YD3aKatgo8kWMH2IeoLo1O8HASJzXi9yZZRFRpjsKXAlfL6q5c/XPRHh2qonAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWIV7iFSYeUFxK++9Q2lG8DkQJlQwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzUzODNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAAFgw
DQYJKoZIhvcNAQELBQADggEBAGYqMGVm9gIvUl9zHcK21hB2fXLzhdPEYxceNYfJ
zjrOV7RhSjwz8UQr85fRj0ncOMdAyL6cAmIq0HPl0QFyUIKy2KxVYAmIpUfWYUbA
l11VciZcswNJWjAh4zgMPlXihow4XF524ml96eEQmJf77OuejzL41qd8uXPRw6zP
tVaNLOED2dxQqzyeGHSaXIM3JzyEEfPG6SmAWUrKubZXfHv1bsK0QNm1s5pEEd2u
go1IJPwKlZRrcOurOHIcOxcQY2EYzVJrWd+2Ng+ikvPuc6y616/6C7ZNXn9EiCje
c0TbINKwhbBUbRDhwM5M5qYKilA3VFQQq6O2o5FPFFLle7w=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:04:11 2025 by rpki-client