Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3232203d3e203436303233.roa
File: 34332e3235322e382e302f32322d3232203d3e203436303233.roa (raw, json)
Hash identifier: NG4dWHHBLX6QU6OmZtTp+telejV+xv/ePZzAf08aqXY=
Subject key identifier: 05:41:64:0C:55:19:14:0F:03:8C:45:0A:C5:4E:4D:0A:11:85:E6:EB
Certificate issuer: /CN=7DF6602C113DDEE922AA019C74EF4283764A4695
Certificate serial: 51C969588F3961D169E4056FBAE50E50E2B1BD9E
Authority key identifier: 7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3232203d3e203436303233.roa
Signing time: Mon 12 Aug 2024 15:16:30 +0000
ROA not before: Mon 12 Aug 2024 15:11:30 +0000
ROA not after: Mon 11 Aug 2025 15:16:30 +0000
asID: 46023
IP address blocks: 43.252.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Nov 2024 15:06:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c9:69:58:8f:39:61:d1:69:e4:05:6f:ba:e5:0e:50:e2:b1:bd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7DF6602C113DDEE922AA019C74EF4283764A4695
Validity
Not Before: Aug 12 15:11:30 2024 GMT
Not After : Aug 11 15:16:30 2025 GMT
Subject: CN=0541640C5519140F038C450AC54E4D0A1185E6EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:85:e5:9d:2c:41:73:cf:7d:7a:83:29:5c:
a3:dc:a6:93:86:47:4a:d0:30:79:df:a8:d1:0b:96:
27:ba:ba:08:27:40:d6:7c:8a:5e:2d:eb:ad:14:48:
c2:a8:3c:3f:4e:4c:5e:64:97:34:f2:83:0a:7c:22:
ec:ef:3e:a9:47:61:7d:00:f8:19:54:53:3f:5a:5a:
ca:28:5a:cd:27:51:de:a2:09:0f:3a:de:3d:9f:15:
2d:80:11:ca:d8:3d:43:9f:7b:36:8d:53:ce:02:59:
19:17:01:4c:b0:84:87:cd:9a:32:54:cc:e0:ed:1a:
ae:26:24:47:64:21:4f:51:8a:f1:58:6b:9b:0d:08:
83:91:04:a3:a9:ec:08:5b:3d:3e:8d:14:05:0c:64:
fa:28:1c:1a:b6:08:f1:e1:5e:25:82:c8:7f:11:e2:
db:2c:0e:1e:58:29:8d:75:94:9b:a0:d2:99:11:64:
f7:66:e6:f0:6a:68:35:eb:f6:28:04:20:2e:ab:6a:
eb:64:2e:41:ae:56:6b:57:90:d5:dd:e8:41:5a:e6:
d3:6c:83:03:ec:bd:36:a0:ad:02:38:28:a1:38:eb:
8e:0b:b2:ab:74:45:19:2e:51:e2:34:e6:48:de:8f:
3a:74:5f:b9:e9:24:1f:71:19:d5:eb:8e:1f:22:b1:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:41:64:0C:55:19:14:0F:03:8C:45:0A:C5:4E:4D:0A:11:85:E6:EB
X509v3 Authority Key Identifier:
keyid:7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3232203d3e203436303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
82:b7:25:2f:77:29:01:e9:d1:3c:37:f4:b5:42:5a:09:6d:78:
cf:31:bd:a8:6e:3c:7d:7f:d0:1a:3f:f3:a6:99:47:94:85:43:
ac:23:ce:48:f6:a7:e7:78:dd:81:ee:47:dc:c2:73:c3:f2:35:
a0:6c:2a:de:bd:ae:3d:c2:80:66:e3:9c:d8:e9:1d:df:45:f9:
c2:1e:a6:44:67:fe:a2:20:90:1c:9d:95:54:97:52:72:69:5c:
ce:55:c5:ab:92:19:58:0b:4f:83:3e:4b:d8:06:c8:02:8a:d6:
5e:1c:01:07:e3:6c:ea:d1:48:15:16:e2:aa:2d:cb:a8:7d:57:
76:e5:b6:d7:7b:1c:7d:b1:5a:1d:83:be:80:e6:55:a2:ef:25:
d6:10:a8:23:23:ec:9d:39:bd:33:b2:a3:e3:7a:b2:4d:ee:de:
27:f8:93:43:bd:a7:f4:04:bf:ad:a7:77:e1:22:40:a3:7f:f8:
da:b0:dc:b9:57:91:70:07:69:30:40:00:4b:27:9c:d5:71:23:
15:4c:0f:e2:f4:98:29:0a:61:ee:d4:42:6c:8e:5d:5c:bb:e5:
84:7b:1a:48:07:b9:d5:f5:2d:2e:10:84:14:60:a1:f6:32:6c:
ad:c7:23:d0:b6:e1:7f:5d:b9:d9:a9:31:f2:3f:0a:3d:f0:d3:
91:c0:e0:7e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUUclpWI85YdFp5AVvuuUOUOKxvZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3
NjRBNDY5NTAeFw0yNDA4MTIxNTExMzBaFw0yNTA4MTExNTE2MzBaMDMxMTAvBgNV
BAMTKDA1NDE2NDBDNTUxOTE0MEYwMzhDNDUwQUM1NEU0RDBBMTE4NUU2RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG0IXlnSxBc899eoMpXKPcppOG
R0rQMHnfqNELlie6uggnQNZ8il4t660USMKoPD9OTF5klzTygwp8IuzvPqlHYX0A
+BlUUz9aWsooWs0nUd6iCQ863j2fFS2AEcrYPUOfezaNU84CWRkXAUywhIfNmjJU
zODtGq4mJEdkIU9RivFYa5sNCIORBKOp7AhbPT6NFAUMZPooHBq2CPHhXiWCyH8R
4tssDh5YKY11lJug0pkRZPdm5vBqaDXr9igEIC6rautkLkGuVmtXkNXd6EFa5tNs
gwPsvTagrQI4KKE4644Lsqt0RRkuUeI05kjejzp0X7npJB9xGdXrjh8isS4XAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUBUFkDFUZFA8DjEUKxU5NChGF5uswHwYDVR0j
BBgwFoAUffZgLBE93ukiqgGcdO9Cg3ZKRpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MGE5ODViMC1lMTdhLTQyMWItOTY1NS0wMzI0NWEwMWFlZjgvMC83REY2NjAyQzEx
M0RERUU5MjJBQTAxOUM3NEVGNDI4Mzc2NEE0Njk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3NjRB
NDY5NS5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDBhOTg1YjAtZTE3YS00MjFiLTk2
NTUtMDMyNDVhMDFhZWY4LzAvMzQzMzJlMzIzNTMyMmUzODJlMzAyZjMyMzIyZDMy
MzIyMDNkM2UyMDM0MzYzMDMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr/AgwDQYJKoZIhvcNAQEL
BQADggEBAIK3JS93KQHp0Tw39LVCWglteM8xvahuPH1/0Bo/86aZR5SFQ6wjzkj2
p+d43YHuR9zCc8PyNaBsKt69rj3CgGbjnNjpHd9F+cIepkRn/qIgkBydlVSXUnJp
XM5VxauSGVgLT4M+S9gGyAKK1l4cAQfjbOrRSBUW4qoty6h9V3blttd7HH2xWh2D
voDmVaLvJdYQqCMj7J05vTOyo+N6sk3u3if4k0O9p/QEv62nd+EiQKN/+Nqw3LlX
kXAHaTBAAEsnnNVxIxVMD+L0mCkKYe7UQmyOXVy75YR7GkgHudX1LS4QhBRgofYy
bK3HI9C24X9dudmpMfI/Cj3w05HA4H4=
-----END CERTIFICATE-----
Generated at Tue Nov 12 18:29:11 2024 by rpki-client on console-fra.rpki-client.org