Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/323430363a353463303a3a2f33322d3332203d3e20313430343739.roa
File: 323430363a353463303a3a2f33322d3332203d3e20313430343739.roa (raw, json)
Hash identifier: BX55VdZyk4FWC/YuiTNirOmgPi5OBB+sL4SEOMILWjU=
Subject key identifier: BA:5A:17:61:F6:40:BE:92:7D:2F:95:FF:AF:E0:F0:7E:45:4D:59:91
Certificate issuer: /CN=7470038419B67CD1743CE4D96953077ECE6928FE
Certificate serial: 58F81E3D494DFBB4EE76454C8C4EF880EA6B396F
Authority key identifier: 74:70:03:84:19:B6:7C:D1:74:3C:E4:D9:69:53:07:7E:CE:69:28:FE
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7470038419B67CD1743CE4D96953077ECE6928FE.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/323430363a353463303a3a2f33322d3332203d3e20313430343739.roa
Signing time: Thu 20 Feb 2025 08:31:39 +0000
ROA not before: Thu 20 Feb 2025 08:26:39 +0000
ROA not after: Thu 19 Feb 2026 08:31:39 +0000
asID: 140479
IP address blocks: 2406:54c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 18 Apr 2025 06:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:f8:1e:3d:49:4d:fb:b4:ee:76:45:4c:8c:4e:f8:80:ea:6b:39:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7470038419B67CD1743CE4D96953077ECE6928FE
Validity
Not Before: Feb 20 08:26:39 2025 GMT
Not After : Feb 19 08:31:39 2026 GMT
Subject: CN=BA5A1761F640BE927D2F95FFAFE0F07E454D5991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:43:8e:fe:d1:f4:ec:5b:a0:29:d3:b5:df:a3:
ec:a1:e7:e4:24:3f:ac:a9:d3:34:f6:c7:47:11:e6:
0a:dd:80:e4:42:5b:69:2e:ef:f7:61:0b:cc:ce:91:
b4:22:f2:57:24:bf:7c:af:4c:71:11:69:c5:04:3a:
6a:c5:da:e2:0a:c0:d2:10:b6:54:85:91:ef:69:1d:
13:b5:90:fc:a4:19:46:fc:28:18:04:7a:97:3a:f9:
f6:0f:20:5a:1d:0f:d7:2f:3c:53:b0:d1:c9:d9:84:
ee:fd:e9:53:eb:0f:be:d7:61:64:44:a6:ba:b6:7a:
81:51:3d:ac:48:bc:94:73:b9:56:49:7e:7f:b4:fc:
61:d5:2d:de:a1:23:2e:0a:34:68:f9:9b:99:67:fd:
6a:55:7d:ac:cf:54:a9:5e:03:50:8a:75:9f:78:96:
e0:7c:ab:a2:b8:1b:9f:39:83:44:54:cc:c3:db:28:
8e:88:37:fc:0e:cb:fc:b3:2e:2d:dd:85:71:55:4b:
c8:01:d9:bd:72:0f:37:06:60:de:49:e8:00:9f:83:
32:54:e2:e7:b1:e5:25:ac:18:42:d8:74:8a:a8:fc:
bf:6c:a5:8c:02:25:e0:0a:f0:bf:89:b5:68:2d:59:
fb:01:c5:af:2d:25:b1:d8:b0:6a:a8:61:62:00:e0:
d6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5A:17:61:F6:40:BE:92:7D:2F:95:FF:AF:E0:F0:7E:45:4D:59:91
X509v3 Authority Key Identifier:
keyid:74:70:03:84:19:B6:7C:D1:74:3C:E4:D9:69:53:07:7E:CE:69:28:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7470038419B67CD1743CE4D96953077ECE6928FE.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/323430363a353463303a3a2f33322d3332203d3e20313430343739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
54:8d:c0:7d:db:38:01:87:b6:1b:dd:65:1c:a4:bc:87:eb:04:
e2:3c:b6:82:43:d6:7e:0a:3d:b3:4c:e3:38:6f:f5:94:2f:bb:
21:80:67:88:d3:f3:fa:37:c3:9c:fc:9a:1f:01:ca:73:d6:2c:
a1:08:0d:68:ad:99:a8:66:1b:7c:88:b0:5b:74:17:36:33:92:
0e:d5:9e:43:4e:39:74:46:d0:46:e9:98:6c:e9:3b:12:d0:61:
a6:69:a4:b9:7f:dd:90:67:56:67:01:25:5e:97:32:d7:57:fe:
85:41:c2:93:5e:d1:86:24:f9:4f:cc:7f:60:2e:99:09:f6:55:
da:e5:ff:8c:49:8b:db:e5:31:ba:3b:15:4f:f1:17:30:7e:87:
6a:dc:ce:ad:53:6b:09:89:5d:a3:e2:88:9d:84:e6:df:b1:89:
f6:92:58:75:fc:3c:a6:a5:dc:6a:f4:65:e4:1c:f5:29:3e:08:
9c:b6:ef:89:80:96:c4:50:cc:2f:2e:a9:40:5b:fc:48:68:4f:
fa:a4:7f:62:68:16:e8:82:36:a0:6b:56:14:a4:4b:47:1a:67:
8f:fc:c3:c6:21:63:12:10:7a:19:e5:bd:85:65:09:31:4f:9a:
29:1c:94:df:7a:05:4c:24:62:fd:65:ab:7d:02:b5:a2:8a:28:
2f:f8:62:45
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUWPgePUlN+7TudkVMjE74gOprOW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzQ3MDAzODQxOUI2N0NEMTc0M0NFNEQ5Njk1MzA3N0VD
RTY5MjhGRTAeFw0yNTAyMjAwODI2MzlaFw0yNjAyMTkwODMxMzlaMDMxMTAvBgNV
BAMTKEJBNUExNzYxRjY0MEJFOTI3RDJGOTVGRkFGRTBGMDdFNDU0RDU5OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQ47+0fTsW6Ap07Xfo+yh5+Qk
P6yp0zT2x0cR5grdgORCW2ku7/dhC8zOkbQi8lckv3yvTHERacUEOmrF2uIKwNIQ
tlSFke9pHRO1kPykGUb8KBgEepc6+fYPIFodD9cvPFOw0cnZhO796VPrD77XYWRE
prq2eoFRPaxIvJRzuVZJfn+0/GHVLd6hIy4KNGj5m5ln/WpVfazPVKleA1CKdZ94
luB8q6K4G585g0RUzMPbKI6IN/wOy/yzLi3dhXFVS8gB2b1yDzcGYN5J6ACfgzJU
4uex5SWsGELYdIqo/L9spYwCJeAK8L+JtWgtWfsBxa8tJbHYsGqoYWIA4NYhAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUuloXYfZAvpJ9L5X/r+DwfkVNWZEwHwYDVR0j
BBgwFoAUdHADhBm2fNF0POTZaVMHfs5pKP4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
Yzc2NWQ1MS1iMGIxLTQzNWQtYTY2Yi02MDRjNmU1ZDI5ZWYvMC83NDcwMDM4NDE5
QjY3Q0QxNzQzQ0U0RDk2OTUzMDc3RUNFNjkyOEZFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzQ3MDAzODQxOUI2N0NEMTc0M0NFNEQ5Njk1MzA3N0VDRTY5
MjhGRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBjNzY1ZDUxLWIwYjEtNDM1ZC1h
NjZiLTYwNGM2ZTVkMjllZi8wLzMyMzQzMDM2M2EzNTM0NjMzMDNhM2EyZjMzMzIy
ZDMzMzIyMDNkM2UyMDMxMzQzMDM0MzczOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGVMAwDQYJKoZI
hvcNAQELBQADggEBAFSNwH3bOAGHthvdZRykvIfrBOI8toJD1n4KPbNM4zhv9ZQv
uyGAZ4jT8/o3w5z8mh8BynPWLKEIDWitmahmG3yIsFt0FzYzkg7VnkNOOXRG0Ebp
mGzpOxLQYaZppLl/3ZBnVmcBJV6XMtdX/oVBwpNe0YYk+U/Mf2AumQn2Vdrl/4xJ
i9vlMbo7FU/xFzB+h2rczq1TawmJXaPiiJ2E5t+xifaSWHX8PKal3Gr0ZeQc9Sk+
CJy274mAlsRQzC8uqUBb/EhoT/qkf2JoFuiCNqBrVhSkS0caZ4/8w8YhYxIQehnl
vYVlCTFPmikclN96BUwkYv1lq30CtaKKKC/4YkU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:13:29 2025 by rpki-client