Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a383a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a383a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: +W647cRTjs5pj0oi28078t6XbJfx4cEds666OuWOF9g=
Subject key identifier: 02:34:FB:EC:FF:EA:95:A2:7B:38:44:27:45:21:A4:A3:1E:9B:CC:BA
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 22477493A4CC88E82FA4B568D404DB8791E12088
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a383a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 08:01:57 +0000
ROA not before: Mon 26 Sep 2022 07:56:57 +0000
ROA not after: Mon 25 Sep 2023 08:01:57 +0000
asID: 59282
IP address blocks: 2400:d680:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:47:74:93:a4:cc:88:e8:2f:a4:b5:68:d4:04:db:87:91:e1:20:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 07:56:57 2022 GMT
Not After : Sep 25 08:01:57 2023 GMT
Subject: CN=0234FBECFFEA95A27B3844274521A4A31E9BCCBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:0f:1e:2d:fb:49:ad:bd:58:34:8f:80:14:
21:1e:40:74:ba:4d:ca:cf:5c:7d:48:75:90:2e:59:
69:a9:98:ee:87:42:71:ed:da:bf:a7:5f:f8:31:1f:
2a:16:67:7f:0c:0d:1a:13:c6:86:85:59:6d:a3:c0:
4d:4d:41:c0:a8:63:f2:25:bc:ec:9e:75:d1:99:fb:
f0:38:0a:1f:13:d0:d6:1b:ef:25:ab:82:01:de:7d:
45:37:d5:5b:01:c2:f7:2c:39:b6:a8:d1:e5:fc:46:
dc:c4:ca:0d:d3:2e:e7:05:64:89:01:77:a9:73:dd:
71:aa:fd:80:25:6c:44:23:ff:30:d3:39:98:0e:e4:
87:08:c0:9a:3d:94:1b:6c:79:85:8b:0b:84:0b:8d:
f8:5d:96:8f:f0:5a:a2:09:a2:83:94:65:8e:4d:20:
5d:fb:d4:ce:40:09:1d:74:d2:95:57:f3:75:67:71:
42:1e:91:da:0e:a0:23:82:14:ea:e4:ad:f5:31:3c:
0a:90:c6:10:49:9e:30:cb:e2:23:e4:e6:a0:05:15:
87:c3:03:b5:d3:2d:e3:30:b0:fb:85:db:b8:64:84:
c5:97:94:e8:38:01:15:0b:9d:e3:cc:99:3b:1b:c7:
f5:67:de:cf:d6:ed:44:12:47:12:ad:0e:2c:0d:ff:
00:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:34:FB:EC:FF:EA:95:A2:7B:38:44:27:45:21:A4:A3:1E:9B:CC:BA
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a383a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:8::/48
Signature Algorithm: sha256WithRSAEncryption
6f:58:28:6d:83:0b:b8:ce:67:43:bf:ca:43:96:e7:59:0b:e0:
4b:c7:98:f6:84:be:1f:10:69:57:a5:2f:63:f9:6f:4e:ee:95:
2b:dd:99:f8:06:9e:d8:62:11:1e:c4:c7:23:35:c2:8d:79:04:
83:ea:b3:b4:8a:99:73:7d:d4:98:ea:1f:41:83:f0:8d:e8:ec:
ba:c4:19:6c:81:2a:72:86:72:dd:b6:ff:50:ec:21:4d:4a:21:
0d:b4:48:95:57:b9:cd:00:55:05:15:3e:d0:ea:c3:ed:fc:09:
4d:90:01:57:61:81:44:70:2e:eb:b7:b2:d8:12:c3:ca:5c:ba:
e1:8c:3b:eb:08:6d:42:48:db:94:d5:bd:a4:85:30:1c:02:70:
6e:b7:6d:49:48:96:ee:4e:6b:5e:ab:d1:be:c0:a6:7b:f8:6c:
f0:1d:66:fb:ae:a2:dd:ef:5d:7f:8f:db:f4:bb:71:a9:82:9c:
01:01:7b:19:f3:79:07:bd:fa:4d:7f:c4:51:84:98:b4:40:e6:
cd:fd:b9:dd:bd:a5:af:15:69:0c:ba:3c:ac:2c:ce:4e:99:ca:
32:3a:7b:ca:d5:6b:4c:87:19:91:d5:a6:82:71:9d:ca:9c:8a:
df:80:28:bc:c6:ab:e0:a7:7d:9b:cf:48:41:bc:a1:71:26:60:
e5:66:3c:5c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIkd0k6TMiOgvpLVo1ATbh5HhIIgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NTdaFw0yMzA5MjUwODAxNTdaMDMxMTAvBgNV
BAMTKDAyMzRGQkVDRkZFQTk1QTI3QjM4NDQyNzQ1MjFBNEEzMUU5QkNDQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG/Q8eLftJrb1YNI+AFCEeQHS6
TcrPXH1IdZAuWWmpmO6HQnHt2r+nX/gxHyoWZ38MDRoTxoaFWW2jwE1NQcCoY/Il
vOyeddGZ+/A4Ch8T0NYb7yWrggHefUU31VsBwvcsObao0eX8RtzEyg3TLucFZIkB
d6lz3XGq/YAlbEQj/zDTOZgO5IcIwJo9lBtseYWLC4QLjfhdlo/wWqIJooOUZY5N
IF371M5ACR100pVX83VncUIekdoOoCOCFOrkrfUxPAqQxhBJnjDL4iPk5qAFFYfD
A7XTLeMwsPuF27hkhMWXlOg4ARULnePMmTsbx/Vn3s/W7UQSRxKtDiwN/wB7AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUAjT77P/qlaJ7OEQnRSGkox6bzLowHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhMzgzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzNTM5MzIzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJADWgAAIMA0G
CSqGSIb3DQEBCwUAA4IBAQBvWChtgwu4zmdDv8pDludZC+BLx5j2hL4fEGlXpS9j
+W9O7pUr3Zn4Bp7YYhEexMcjNcKNeQSD6rO0iplzfdSY6h9Bg/CN6Oy6xBlsgSpy
hnLdtv9Q7CFNSiENtEiVV7nNAFUFFT7Q6sPt/AlNkAFXYYFEcC7rt7LYEsPKXLrh
jDvrCG1CSNuU1b2khTAcAnBut21JSJbuTmteq9G+wKZ7+GzwHWb7rqLd711/j9v0
u3GpgpwBAXsZ83kHvfpNf8RRhJi0QObN/bndvaWvFWkMujysLM5OmcoyOnvK1WtM
hxmR1aaCcZ3KnIrfgCi8xqvgp32bz0hBvKFxJmDlZjxc
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:37 2025 by rpki-client