Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a63643a3a2f34382d3438203d3e203539323832.roa
File: 323430303a643638303a63643a3a2f34382d3438203d3e203539323832.roa (raw, json)
Hash identifier: XjT9hQ6z344FEk50YkZziBIieqWn3+QWjCEj5TyHvpQ=
Subject key identifier: 30:DB:1B:15:3F:14:C1:2A:6C:7D:03:6F:9C:9E:41:6E:10:85:C7:D7
Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Certificate serial: 3ECDBA29C21C9909CDC3C50ECAAB2C7B99BEC057
Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a63643a3a2f34382d3438203d3e203539323832.roa
Signing time: Mon 26 Sep 2022 08:01:45 +0000
ROA not before: Mon 26 Sep 2022 07:56:45 +0000
ROA not after: Mon 25 Sep 2023 08:01:45 +0000
asID: 59282
IP address blocks: 2400:d680:cd::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:cd:ba:29:c2:1c:99:09:cd:c3:c5:0e:ca:ab:2c:7b:99:be:c0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA
Validity
Not Before: Sep 26 07:56:45 2022 GMT
Not After : Sep 25 08:01:45 2023 GMT
Subject: CN=30DB1B153F14C12A6C7D036F9C9E416E1085C7D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:d8:d1:34:31:bf:f1:de:06:f6:8c:74:a8:
a9:90:d4:dd:9c:b4:8e:eb:3b:ab:cf:f4:51:0c:57:
2c:61:d8:a6:eb:58:f3:0b:02:8d:ef:76:5b:57:48:
e3:b9:e9:c3:98:42:e1:25:d7:a6:df:c0:6b:bf:63:
c6:88:dc:f0:ca:78:b1:86:f4:c7:7e:f1:71:42:c2:
38:dc:2a:52:ec:c8:38:51:69:28:4f:ab:8d:a3:72:
d2:ea:84:60:b7:ad:5b:97:8d:7e:ad:f4:06:0b:ec:
db:81:b0:5b:cb:ca:e5:bf:b1:de:92:aa:76:a6:d5:
92:29:e5:eb:29:05:22:22:65:36:c6:55:70:02:f9:
90:10:86:13:16:8d:19:a8:ce:68:fa:15:0d:3b:9e:
ee:d5:27:3e:47:26:6d:55:39:81:37:15:d6:67:8c:
2a:d8:fc:b3:dd:aa:f7:4d:67:53:3f:cd:33:d9:f2:
26:19:bb:dd:04:29:10:44:16:bd:30:35:3a:37:60:
d9:eb:8c:80:4d:ed:97:9d:89:74:53:4a:0f:af:47:
bf:46:05:82:7d:70:0f:55:23:77:d4:dd:46:d9:b8:
85:7f:3f:27:f5:0d:f4:3a:61:de:8b:ac:31:a4:4c:
b2:71:18:78:1e:fa:cc:d0:36:52:0d:dd:fc:a6:2b:
71:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DB:1B:15:3F:14:C1:2A:6C:7D:03:6F:9C:9E:41:6E:10:85:C7:D7
X509v3 Authority Key Identifier:
keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/323430303a643638303a63643a3a2f34382d3438203d3e203539323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:d680:cd::/48
Signature Algorithm: sha256WithRSAEncryption
b2:dd:32:33:83:21:f1:e6:f0:53:88:2f:cf:55:ec:2c:5e:66:
e5:58:6b:c9:0e:95:f9:70:56:a0:f6:b1:96:1e:be:b0:c9:da:
a0:4a:b7:53:31:d9:d4:5b:65:aa:98:c8:48:40:a1:a0:05:1d:
34:a3:86:2e:d1:ab:3c:e0:32:8f:33:97:b8:fd:a0:80:c2:3a:
0f:62:4c:a3:24:9a:95:c2:76:0b:05:2b:7b:4c:88:56:a1:d8:
88:02:34:be:3d:2c:e5:8a:1a:5b:54:a9:8f:94:9a:25:42:f4:
96:a9:92:de:3d:0e:21:4b:56:00:2c:36:ee:d0:ea:99:fd:cb:
c5:52:4f:b3:e0:3b:d6:c4:03:35:8b:ba:0d:e7:0d:c8:b5:a2:
3b:d7:4c:42:70:b4:11:bf:48:4f:57:3c:6b:1c:3a:bb:15:4f:
74:94:ae:c7:22:b4:82:68:db:a0:db:9b:73:b0:9e:88:9f:a8:
89:7f:5c:2c:95:7c:4c:02:de:dd:74:c3:9c:17:b9:0b:cf:6b:
51:60:4d:c3:85:22:28:d2:d2:ff:fd:7b:ed:8a:d5:2a:61:63:
72:a7:a8:cd:c8:ee:18:b7:9b:7a:db:c4:a4:77:df:b9:43:49:
35:bc:3e:e1:4e:40:3a:85:9f:0f:be:bf:95:2f:0b:34:ee:6f:
2c:6e:aa:4f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPs26KcIcmQnNw8UOyqsse5m+wFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG
MDBFNzFBQTAeFw0yMjA5MjYwNzU2NDVaFw0yMzA5MjUwODAxNDVaMDMxMTAvBgNV
BAMTKDMwREIxQjE1M0YxNEMxMkE2QzdEMDM2RjlDOUU0MTZFMTA4NUM3RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0b9jRNDG/8d4G9ox0qKmQ1N2c
tI7rO6vP9FEMVyxh2KbrWPMLAo3vdltXSOO56cOYQuEl16bfwGu/Y8aI3PDKeLGG
9Md+8XFCwjjcKlLsyDhRaShPq42jctLqhGC3rVuXjX6t9AYL7NuBsFvLyuW/sd6S
qnam1ZIp5espBSIiZTbGVXAC+ZAQhhMWjRmozmj6FQ07nu7VJz5HJm1VOYE3FdZn
jCrY/LPdqvdNZ1M/zTPZ8iYZu90EKRBEFr0wNTo3YNnrjIBN7ZediXRTSg+vR79G
BYJ9cA9VI3fU3UbZuIV/Pyf1DfQ6Yd6LrDGkTLJxGHge+szQNlIN3fymK3F7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUMNsbFT8UwSpsfQNvnJ5BbhCFx9cwHwYDVR0j
BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw
NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF
NzFBQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04
MDQ3LTY4ZDJiZDYzYzljMy8wLzMyMzQzMDMwM2E2NDM2MzgzMDNhNjM2NDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzkzMjM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkANaAAM0w
DQYJKoZIhvcNAQELBQADggEBALLdMjODIfHm8FOIL89V7CxeZuVYa8kOlflwVqD2
sZYevrDJ2qBKt1Mx2dRbZaqYyEhAoaAFHTSjhi7RqzzgMo8zl7j9oIDCOg9iTKMk
mpXCdgsFK3tMiFah2IgCNL49LOWKGltUqY+UmiVC9Japkt49DiFLVgAsNu7Q6pn9
y8VST7PgO9bEAzWLug3nDci1ojvXTEJwtBG/SE9XPGscOrsVT3SUrscitIJo26Db
m3OwnoifqIl/XCyVfEwC3t10w5wXuQvPa1FgTcOFIijS0v/9e+2K1SphY3KnqM3I
7hi3m3rbxKR337lDSTW8PuFOQDqFnw++v5UvCzTubyxuqk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:15 2024 by rpki-client on console-fra.rpki-client.org